CSCI E-170 Reading

Lecture 09: Protecting Infrastructure & Incident Response

required reading:

RFCs

• Protection of BGP Sessions via the TCP MD5 Signature Option. -RFC 2385 - Heffernan (1998)
• BGP Security Vulnerabilities Analysis - RFC 4272 - Murphy (2006)
• Key Management Considerations for the TCP MD5 Signature Option - RFC 3562 - Leech (2003)
• Generic Threats to Routing Protocols - RFC 4593 - Barbir et al (2006)
• Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing - RFC 2827 - Ferguson and Senie - (2000)
• Threat Analysis of the Domain Name System (DNS) - RFC 3833 - Atkins & Austein (2004)
• General Requirements for Emergency Telecommunication Service (ETS) - RFC 3689 - Carlberg and Atkinson (2004)
• Expectations for Computer Security Incident Response - RFC 2350 - Brownlee and Guttman (1998)

Other documents

• The National Strategy to Secure Cyberspace - (2003) - skim
• Executive Order on Critical Infrastructure Protection (2001)
• sidr working group charter
• An Infrastructure to Support Secure Internet Routing Lepinski & Kent (2009)

optional reading:
 

Documents that may be of interest

• NRIC web site
• Ingress Filtering for Multihomed Networks - RFC 3704 - Baker and Savola (2004)
• Special-Use IPv4 Addresses - RFC 3330 - IANA (2002)
• DNSSEC Deployment web site
• Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations - US Department of Justice
• North American Electric Reliability Corporation (NERC) cyber security standards

·          Sabotage Reporting

·          Critical Cyber Asset Identification

·          Security Management Controls

·          Personnel & Training

·          Electronic Security Perimeter(s)

·          Physical Security of Critical Cyber Assets

·          Systems Security Management

·          Incident Reporting and Response Planning

·          Recovery Plans for Critical Cyber Assets