Papers, Publications, Slides

Name	Description	Last Update	Link
Paper about secure Programming (german)	explains mistakes made using C, C++, Perl, Unix Shell, and Java Updated: new section about Java (10 pages) (german-only)	02. Nov 2006	PDF
Analysis of a strong Random Number Generator	Results of the analysis of /dev/random.	28. Dec 2006	Sildes (PDF) Paper (PDF)
Vulnerability Severity Classification Metric (Draft)	This paper proposes a common severity metric to be used by software security-teams of Unix-vendors to classify vulnerabilities. (Updated: added "user interaction" weight)	18. Nov 2004	PDF GUI Tool to calculate the metric. Thanks to Ludwig Nussel.
Intrusion Detection Systems - An Overview	This Paper gives a good Overview about techniques used in current IDS Research	20. April 2001	orig. Paper: PDF Linux-Knowledge-Portal: dt. Teil 1&Teil 2 Linux-Knowledge-Portal: en. Part 1&Part 2
Secure Programming - In the UNIX Environment	Slides for SUSE-internal speach	13. Feb 2007	Sildes (PDF)
Web-Security Basics	Used for internal speach.	01. Oct 2007	Sildes (PDF)
Security Guidelines (Programming)	Slides used by our Developers	13. Feb 2007	Sildes (PDF)
Slides for HITT talk (german-only)	Slides for HITT talk held in Innsbruck, AT.	04. Oct 2005	PDF QuickTime Flash
Slides of secure Programming Speach	explains mistakes made using C, C++, Perl, Java and Crypto (German only)	30. Jul 2003	PDF
Presentation for 'Business-Online 2001' Messe	Source Code Auditing and Secure Programming in the Un*x Environment (German only)	22. Nov. 2001	PDF Example Exploit (remote popen()) Example Exploit (local Bufferoverflow) Example Exploit(Format-Bugs)
Securityrelevant Programming Mistakes (OLD)	This Paper explains the securityrelevant Mistakes, that could happen when using C, C++, Perl or Shell Script for Programming.	05. Sept 2001	orig. Paper: StarOffice Writer Linux-Knowledge-Portal: dt. Teil 1,Teil 2,Teil 3,Teil 4,Teil 5,Teil 6,Teil 7,Teil 8 Linux-Knowledge-Portal: en. Part 1,Part 2,Part 3,Part_4,Part 5,Part 6,Part 7,Part 8

Main Page