Notes
- March 15, 2002 . How to Plan for the Inevitable , CIO Magazine . According to the FBI and the Computer Security Institute survey of businesses in 2001., http://www.cio.com/archive/031502/plan_content.html
- 2001 . According to one estimate of Internet fraud for, http://www.computerworld.com/storyba/0,4125,NAV47_STO70007,00.html
- According to the Association of Certified Fraud Examiners, for 1996. 2000 . White Collar Crime: A Profile of the Perpetrator and an Evaluation of the Responsibilities for its Prevention and Detection . B.R. Farrell and P. Healy, Journal of Forensic Accounting , I : 17 – 34 .
- According to a study by the FBI and Computer Security Institute for 1999. August 21, 2000 . Free E-Report on High-Tech Fraud , ACFE .
- According to Computer Emergency Response Team. 2002 . Combating Cyberthreats: Partnership between Public and Private Entities . E. Lee, Information Systems Control Journal , 3
- March 5, 2002 . The Strange Tale of the Denial of Service Attacks against GRC. COM , Steve Gibson . http://grc.com/dos/grcdos.htm, available online at, describes a DoS attack. A second document describes DDoS - http://grc.com/dos/drdos.htm.
- “ The Secure Sockets Layer (SSL) connection is more complicated than the regular SYN-ACK one ” . In SSL, the client and server have to exchange public keys prior to any transmission of data - because all data is encrypted for transfer Hence, more communication (work) is required to set up an SSL connection (HTTPS protocol) than just a regular plaintext exchange of data.
- February 9, 2000 . How a ‘Denial of Service’ Attack Works , CNET News. com staff . http://news.com.com/2100–1017-236728.html?legacy=cnet
- According to Computer Emergency Response Team. 2002 . Combating Cyberthreats: Partnership between Public and Private Entities . E. Lee, Information Systems Control Journal , 3
- They are called white hats because (a) they have obtained prior permission to “hack,” (b) hacking is a part of their job description and they are an employee, (c) they have a contract to conduct a pen test (specific domain, specific time frame), and (d) they have an engagement letter to conduct the pen test.
- See technical definition of hacker at, http://pcwebopedia.com/TERM/h/hacker.html
- See technical definition of cracker at, Likely a reference to safe crackers., http://pcwebopedia.com/TERM/c/crack.html
- Robert , Vamosi , ed. May 15, 2002 . Can We Stop Script Kiddies? Yes! Here's How , ZDNet Reviews . http://www.zdnet.com
- An Internet pioneer and expert. See his Web site at, http://grc.com
- Mixter . February 9, 2000 . http://zdnet.com.com/2100–11-518461.html? legacy=zdnn., self-proclaimed white-hat who wrote the tfn DDoS attack code, by ZDNet News on
- 2002 . Combating Cyberthreats - Partnership Between Public and Private Entities . E. Lee, Information Systems Control Journal , 3
- Robert , Vamosi , ed. May 15, 2002 . Can We Stop Script Kiddies? Yes! Here's How , ZDNet Reviews . http://www.zdnet.com
- Ibid. ,
- Mixter . February 9, 2000 . Author of Web Attack Tool Speaks , http://zdnet.com.com/2102–11-518461.html?legacy=zdnn, by ZDNet news
- August 21, 2002 . Windows XP Raw Socket Controversy , Steve Gibson . http://grc.com/dos/xpsummary.htm
- See FBI press release dated December 30, 1999. Online at, http://www.nipc.gov
- Mixter . February 9, 2000 . Author of Web Attack Tool Speaks , Steve Gibson agrees in his open letter to hackers (script kiddies) (http://grc.com)., http://zdnet.com.com/2102–11-518461.html?legacy=zdnn, by ZDNet news
- Mixter . February 9, 2000 . Author of Web Attack Tool Speaks , http://zdnet.com.com/2102–11-518461.html?legacy=zdnn, by ZDNet news
- http://www.mcafee.com or http://HackerWatch.org
- http://www.incidents.org
- April 22, 2002 . Second Thoughts About Security , John Morris, CNET . available online at http://www.cnet.com
- March 5, 2002 . The Strange Tale of the Denial of Service Attacks against GRC. COM , Steve Gibson . available online at http://grc.com/dos/grcdos.htm). There is a chart demonstrating this tool.
- February 9, 2000 . Author of Web Attack Tool Speaks , (online at http://zdnet.com.com/2102–11-518461.html?legacy=zdnn).
- One such trace back tool is Probabilistic Packet Marking (PPM). April 22, 2002 . Forensics Web Site a Must-See , eWeek . (available online at http://www.eweek.com).
- Oct. 3, 2001 . Toward a Scalable DDoS Attack Prevention , K. Park, CERIAS . (available online at http://www.cerias.purdue.edu/security_seminar/archive/abstracts2001–2002.php).
- Oct. 24, 2001 . Extensible Security Services on the CROSS Software-Programmable Router , D. Yau, CERIAS . (available online at http://www.cerias.purdue.edu/security_seminar/archive/abstracts2001–2002.php).
- May 15, 2002 . How to Plan for the Inevitable , S. Scalet, CIO Magazine . (available online at http://www.cio.com/archive/031502/plan_content.html).