CSCI E-170 Reading

Lecture 08: Protecting Infrastructure & Incident Response

 

required reading:

 

RFCs

• BGP Security Vulnerabilities Analysis - RFC 4272 - Murphy (2006)
• Key Management Considerations for the TCP MD5 Signature Option - RFC 3562 - Leech (2003)
• Generic Threats to Routing Protocols - RFC 4593 - Barbir et al (2006)
• Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing - RFC 2827 - Ferguson and Senie - (2000)
• Threat Analysis of the Domain Name System (DNS) - RFC 3833 - Atkins & Austein (2004)
• General Requirements for Emergency Telecommunication Service (ETS) - RFC 3689 - Carlberg and Atkinson (2004)
• Expectations for Computer Security Incident Response - RFC 2350 - Brownlee and Guttman (1998)
• The TCP Authentication Option - RFC 5925 - Touch et al (2010)

 

Other documents

• The National Strategy to Secure Cyberspace - (2003) - skim
• Executive Order on Critical Infrastructure Protection (2001)
• sidr working group charter
• An Infrastructure to Support Secure Internet Routing - RFC 6480 - Lepinski & Kent - (2011)

optional reading:
 

Documents that may be of interest

• NRIC web site
• Ingress Filtering for Multihomed Networks - RFC 3704 - Baker and Savola (2004)
• Special-Use IPv4 Addresses - RFC 5735 - Cotton et al (2010)
• DNSSEC Deployment web site
• Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations - US Department of Justice (2009)
• Submarine Cable Map - TeleGeography
• North American Electric Reliability Corporation (NERC) cyber security standards

·          Sabotage Reporting

·          Critical Cyber Asset Identification

·          Security Management Controls

·          Personnel & Training

·          Electronic Security Perimeter(s)

·          Physical Security of Critical Cyber Assets

·          Systems Security Management

·          Incident Reporting and Response Planning

·          Recovery Plans for Critical Cyber Assets