Computer Crime & Investigations Center

What Problems Can Arise

• Netsurfer Focus
  • Cryptography and Privacy
  • Computer and Network SecurityFirst Issue
  • Computer and Network SecuritySecond Issue
• Things That Go Bump in the NetFrom IBM
• Cyberlaundering: Anonymous Digital Cash and Money Laundering

An Ounce of Prevention...

Passwords

• Department of Defense Password Management Guidelines, the "Green Book."
• Selecting Good Passwords

Internal Controls

• Internal Controls
• A Guide to Understanding Data Remanence in Automated Information SystemsThe "Dark Green" Book. Hackers need not necessarily invade your system. There are ways to obtain information from disposed files.
• Guide to Understanding Trusted Facility ManagementThe "Brown" Book. Mandates certain types of system and security administration such as separation of duties.
• The "Orange" BookDoD's Trusted Computer SystemEvaluation Criteria. Criteria for a secure OS. Emphasizes data confidentiality, which may or may not be your priority.
• The "Red" BookThe DoD's Trusted NetworkInterpretation. For networks. Next to the Orange Book, it is cited most often.
• MIT Information Security ProgramConduct a security self-assessment of your system.
• Site Security Handbook This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet. This guide lists issues and factors that a site must consider when setting their own policies. It makes some recommendations and gives discussions of relevant areas.

Firewalls

• Internet FirewallsComprehensive list of resources associated with Internet firewalls.
• NCSA Firewall Policy GuideThis document is intended to serve as not only a starting place for people who need to learn about firewall technology, but also as a high-level guide to its deployment

FTP

• Anonymous FTP FAQHow to set up FTP site security

Risk Assessment

• Guide for Selecting Automated Risk Analysis Tools

How it is done

• Improving the Security of Your Site By Breaking Into ItThis link was provided by the NIH, part of the Federal Government. UNIX systems
• The Unofficial Web Hack FAQAnother "how to hack"
• PHRACK Magazine
• 2600: The Hacker Quarterly

Detecting whether you have a problem

FBI studies have revealed that 80% of intrusions and attacks come from within organizations - not from "hackers" from afar.

• AuditNet Resource List From an accountant's viewpoint. Links to many accounting, auditing, and security sites.
• Bibliography Auditing Computer Systems
• The COAST Intrusion Detection Pages
• Compromise FAQHow to respond to a compromise of a UNIX system.
• A Guide to Understanding Audit in Trusted SystemsThe "Tan" Book. Keep track of sensitive activities such as failed login attempts.
• Security of Medical Information SystemsMassively documented British perspective
• Clinical System Security Interim Guidelines
• Security in Clinical Information Systems
• Intruder Detection ChecklistFrom CERT, the center of Internet Security. This document is useful for UNIX systems.
• Los Alamos Vulnerability Assessment Team: The Entry Sentry
• Zeno's Forensics PageComprehensive forensics links including links to computer crime and forensics accounting pages.

Search and Seizure of Computer EquipmentSuspected to Have Been Involved in Criminal Activity

• A Guide to Understanding Data Remanence in Automated Information SystemsThe "Dark Green" Book. This DoD publication is intended to facilitate the secure disposal of highly classified information which had been stored electronically. However, it also is germane to retrieving electronically stored evidence which has been erased.
• Forensic Computing CSRC Research Project
• Federal Guidelines for Searching and Seizing ComputersNote: while this document contains an extensive legal discussion, it is a Department of Justice analysis, not the law - and may not necessarily even reflect the DOJ's official position.
• Financial Fraud InstituteDescribes federal courses on investigation of computer-related crimes.
• Civil Liberties Implications of Computer Searches and Seizures: Some Proposed Guidelines for Magistrates Who Issue Search Warrants
• New Technologies, Inc.Computer Evidence Training, Tools and Consulting.. Includes numerous articlesabout computer security.
• Sydex, Inc., Its products allow a user to create mirror-image files of any hard disk accessible by a PC's controller and to examine diskettes without regard to format.

NNTP and the Web: Preventing the Authorities From Choking the Publication of Information at Is Source.

"However, now that publishing has come to mean placing a copies of an electronic document on a few servers worldwide, the owners of these servers can be coerced into removing it. It is irrelevant whether the coercion comes from wealthy litigants exploiting the legal process, or from political rulers conspiring to control the flow of ideas. The net effect is the erosion of our inheritance from Gutenberg: printing is `disinvented' and electronics document can be `de-published'. This should concern everyone who values the benefits that have flowed from half a millenium of printing, publication and progress. " Ross J. Anderson

"...if the physical location of the worldwide web site cannot be located, then the rich man's lawyers will have nowhere to execute their seizure order" Anderson, supra.

• The Eternity Service"The basic idea is to use redundancy and scattering techniques to replicate data across a large set of machines (such as the Internet), and add anonymity mechanisms to drive up the cost of selective service denial attacks."
• Eternity Service: Cypherpunks Distributed Data Haven
  • [ANNOUNCE] Eternity server 1.01 alpha releaseDescription of Eternity Server
• Eternity Servers."Eternity servers are specialized search engines for reading web documents from USENET news."

Is Big Brother Watching You?

• Center for Democracy and Technology CDT's mission is to develop and advocate public policies that advance constitutional civil liberties and democratic values in new computer and communications technologies.
• The Electronic Frontier Foundationis a non-profit civil liberties organization working in the public interest to protect privacy, free expression, and access to public resources and information online, as well as to promote responsibility in new media.
• EPICThe Electronic Privacy Information Center. EPIC is a public interest research center in Washington, D.C. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values.
• FBI Issues Scaled Back Surveillance Capacity Notice -- Cost and Capability Issues Remain
• The Green Book Integrating Information SecurityOn-line Information Security Course
• I CAN SEE YOUThink you are surfing anonymously? Click here to find out what information can be and often is collected about you as you surf.
• A Note About Web Browsers & PrivacyTechnical information describing what information your browser discloses about you as you surf.
• The Internet SleuthChoose from over 1,000 searchable databases.
• Privacy Rights ClearinghouseConsumer-oriented.
• Sherlock@ - The Internet Consulting Detective"Let Sherlock Holmes teach you how to be an Internet detective." Baker Street motif with Internet research tips.
• Stalker's Home PageTips and links to find and protect private information
• The Virtual World of Spies and IntelligenceJames Bond on the Net.
• Who's Watching Who & Who's Watching YOU pageWhat sort of surveillance is actually going on?
• WhoisFind e-mail addresses, postal addresses and telephone numbers of those who have registered "objects" with the InterNIC. Also determine whether the domain name you desire is already in use; learn who administers a particular site; and view a list of a site's name servers.

The Enigma of Encryption

National Security and Political Issues

• The Cryptography ProjectThe purpose of the Cryptography Project is to promote the development and use of encryption products that meet the security and privacy needs of users and the public safety, law enforcement, and national security needs of nations.
• Cryptography's Role in Securing the Information SocietyAdvocates expanded use of cryptography to protect information interests.
• Encryption Policy Resource PageEncryption technology is the key to the future of the information revolution. It allows businesses and individuals to communicate securely over any inexpensive communication platform without fear of eavesdropping.
• Efforts to Ban EncryptionOver the past few years, the Federal Bureau of Investigation has advocated prohibiting encryption techniques unless law enforcement can have - through a backdoor key - access to encrypted communications. The FBI asserts otherwise encrypted communications could be used to further criminal activities.
• Masson, Doug,The Genie Let Loose: Ineffectual Encryption Export Restrictions and Their Deleterious Effect On Business, 2 J. TECH. L. & POL'Y 1, <http://journal.law.ufl.edu/~techlaw/2/masson.html> (1996).
• Greg S. Sergienko, Self Incrimination and Cryptographic Keys, 2 RICH. J.L. & TECH. 1 (1996) http://www.urich.edu/~jolt/v2i1/sergienko.html. Issue: Can prosecutors use grand jury proceedings to compel individuals to produce keys to potentially incriminating computerized information which those individuals have encrypted?
• Clipper ChipThe Clipper Chip is being promoted by the U.S. government. It provides a standard for securing private voice communication. With Clipper, however, the government could obtain decryption keys that are held in escrow by two government agencies. Critic's state this "back door" means for the government to decrypt messages could be abused.
• Court Declares Crypto Restrictions Unconstitutional: Free Speech Trumps Clinton Wiretap Plan
• Center for International Trade and Security
• Vice President Gore's Statement on Cryptography and Export Policy

General Encryption Information

• CryptoWebAn Information Resource for Cryptography
• Newsgroup: alt.security.pgp
• MIT distribution site for PGP (Pretty Good Privacy)A military-grade encryption program which MIT distributes free for non-commercial use.
• Pretty Good Privacy, Inc.The commercial version.
• Where to Get the Pretty Good Privacy FAQPGP information plus links to numerous PGP sources.
• RSA Data Security, Inc.Another commercial vendor.
• Cryptography: The Study of EncryptionShort course on encryption principles.
• Data Encryption TechniquesThe nitty-gritty details on how encryption algorithms work.
• Why Cryptography Is Harder Than It Looks"Billions of dollars are spent on computer security, and most of it is wasted on insecure products." Find out why your "secure" site may have problems.

Steganography: "Steganography is the process of hiding a message within another message, or hiding it altogether."

• Steganography - Information Hiding
• PGPn123 Steganography Information
• Privacy: Steganography
• Steganography: Hiding Data in Plain Sight
• Steganography Info and Archive

Viruses

Information

• David Harley's webpageA general anti-virus/security resource from the fellow who maintains the alt.comp.virusFAQ.
• Computer Virus Myths
• Newsgroup: comp.virus
• The HAVS Homepage -Anti-Virus Site
• IBM antivirusonlineNews and views about virus topics.
• Robert Chu's Anti-Virus PageAnt-virus primer
• Symantec's Antivirus Research Center
• Those ubiquitous virusesPaper on how viruses work.
• Threat Assessment of Malicious Code and Human Computer Threats
• Virus Informationfrom NIST.

Anti-Virus Vendors

• Data Fellows(F-Prot)
• McAfee Associates, Inc.
• Dr. Solomon's On-Line, a computer virus and IT security issues information center with support and resources for users of the Dr. Solomon's anti-virus and security product range. Major updates on the 1st of every month.
• Symantec Corp.
• Stiller Research
• ThunderBYTE

UNIX Security Resources

• COPS
• Crack
• Merlin
• SATAN
• TCP Wrappers
• Tiger
• Tripwire

NT Security

• The NT ShopThis site offers both security information and security tools.
• Windows NT Security Issues

What issues are specific to the World Wide Web?

• The Java Security Hotlist
• Microsoft Security Advisor
• Microsoft FrontPage Security Fix
• Proposal for Authenticating Code Via the Internetfrom Microsoft
• Shockwave Security Alert
• The World Wide Web Security FAQ

Articles and Law Reviews

• University of Richmond Journal of Law and Technology
  • Greg S. Sergienko, Self Incrimination and Cryptographic Keys
  • C. Maureen Stinger, Casenote, Arizona v. Evans: Adapting the Exclusionary Rule to Advancing Computer Technology, 2 RICH. J.L. & TECH. 4 (1996) <http://www.urich.edu/~jolt/v2i1/stinger.html>. Issue: Can faulty data in computerized police records constitute sufficient basis to justify a search?
• Journal of Technology Law and PolicyUniversity of Florida College of Law
• Jones, Robert L.Client Confidentiality: A Lawyer's Duties with Regard to Internet E-Mail
• Morris, Gary, Computer Security and the Law
• Smith, Arthur L., E-Mail and the Attorney-Client Privilege
• Hansen, Stephen E., Legal Issues, A Site Manager's Nightmare
• Dam, Kenneth W. The Role of Private Groups in Public Policy: Cryptography and the National Research Council

Newsgroups and Discussion

• alt.security
• comp.security.announce
• comp.security.misc
• comp.security.unix
• Risks ForumWeb equivalent of comp.risks
• sci.crypt

General Sites

• CERT(sm) Coordination CenterBased at Carnegie Mellon University, CERT is a central point to report to in the event of a security breach. Particularly useful for UNIX security issues. Issues the CERT Advisory, notifying you of reported security issues.
• COAST"Computer Operations, Audit, and Security Technology" at Purdue is the foremost center for computer security on the Internet.
• Computer Crime Research ResourcesFederal and state statutes, bibliographies, and Internet links.
• Crypt NewsLetter's HomepageOffbeat view of the subject.
• FIRSTThe Forum of Incident Response and Security Teams (FIRST), brings together a variety of computer security incident response teams from government, commercial, and academic organizations. It is a a coalition to exchange information and coordinate response activities about computer security incidents..
• Information Security Archive An archive of online information security documents.
• National Association of Criminal Defense Lawyers
• National Computer Security AssociationNCSA is an independent organization offering objective views and opinions on computer security issues. It strives to improve computer security through the sharing of knowledge, dissemination of information, and certification of security products.
• The National Institute of JusticeThe research and development agency of the U.S. Department of Justice.
  • Other Criminal Justice Resources
• NIST Computer Security Resource Clearinghouse
• The NSA "Rainbow Series"The "Orange" and "Red" Books are but two of many DoD standards for trusted computer systems. Each standard is known by its cover, the "Aqua Book," the "Neon Orange Book," the "Lavender Book," etc. Many are available here.
• Raptor Systems Online LibraryTexts of many security-related documents.
• Rainbow SeriesAnother source of Rainbow Documents.
• S. G. R. MacMillan, Barrister: Selected Internet ResourcesA collection of computer crime and security references that is particularly strong regarding white-collar computer-related crime.
• Security and Encryption-related Resources and Links
• Security Publications
• Yahoo!: Security and Encryption