Papers

Books

Sistemas de Detección de Intrusiones, v1.01 - July, 2003 [pdf]

Extensive document of IDS written in Spanish, licensed under GNU FDL. It covers several aspects of these Computer Security Technologies: History, Work Metodology, Implementation, Legal Aspects, Advantages and Disadvantages, Future, etc.

Articles

Receive-only UTP Cables and Network Taps - June, 2003 [pdf]

Cables UTP de sólo recepción y "Network Taps" - Junio, 2003 [pdf]

One of the disadvantages of a sniffer is that it may be detected by other hosts. There are a number of methods to avoid detection, one being configuring the sniffer without an IP address. But none of them are as effective as the use of receive-only (sniffing) cables. These cables allow a sniffer to watch network traffic without being detected. Therefore they prove very useful in environments with Intrusion Detection Systems (IDS) or honeypot technologies (such as Honeynets).

This article was published at "The Hitchhiker's World" e-zine issue #9.

Building a GenII Honeynet Gateway - August, 2004

This is a short guide to build a GenII Honeynet Gateway, also called a Honeywall, under Linux, broaching the most common problems and providing several solutions and tips.

Installing a Virtual Honeywall using VMware - September, 2004

If the Honeywall CDROM is installed on a virtual machine, it will also include the many advantages that a virtual machine environment offers. This paper explains how to go about configuring VMware to deploy a Honeywall.