Bibliography

Berners-Lee, T., Fielding, R., and Frystyk, H. "Request for Comments (RFC) 1945: Hypertext Transfer Protocol HTTP/1.0." Internet Engineering Task Force (IETF), 1996.

Bishop, M. Computer Security: Art & Science. Addison-Wesley, 2003.

Brown, K. Programming Windows Security. Addison-Wesley, 2000.

Brown, K. The .NET Developer's Guide to Windows Security. Addison-Wesley, 2005.

Chen, H., Wagner, D., and Dean, D. "Setuid Demystified." In Proceedings of the Eleventh Usenix Security Symposium. San Francisco, 2002.

Eddon, G. and Eddon, H. Inside Distributed COM. Microsoft Press, 1998.

Ferguson, N. and Schneier, B. Practical Cryptography. Wiley Publishing, Inc., 2003.

Fielding, R., et al. (1999). "Request for Comments (RFC) 2616: Hypertext Transfer Protocol HTTP/1.1." Internet Engineering Task Force (IETF), 1999.

Hart, J. Windows System Programming, Third Edition. Addison-Wesley, 2005.

Hoglund, G. and McGraw, G. Exploiting Software. Addison-Wesley Professional, 2004.

Howard, M. and LeBlanc, D. Writing Secure Code, Second Edition. Microsoft Press, 2002.

Howard, M., LeBlanc, D., and Viega, J. 19 Deadly Sins of Software Security. McGraw-Hill Osborne Media, 2005.

ISO/IEC. ISO/IEC International Standard 9899-1999: Programming LanguagesC. International Organization for Standardization (ISO), 1999.

ITU-T. Recommendation X.690, ISO/IEC 8825-1, ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) & Distinguished Encoding Rules (DER). International Organization for Standardization (ISO), 2002.

ITU-T. Recommendation X.691, ISO/IEC 8825-2, ASN.1 encoding rules: Specification of Packed Encoding Rules (PER). International Organization for Standardization (ISO), 2003.

ITU-T. Recommendation X.693, ISO/IEC 8825-4, ASN.1 encoding rules: XML Encoding Rules (XER). International Organization for Standardization (ISO), 2004.

Kernighan, B. W. and Ritchie, D. M. The C Programming Language, 2nd Edition. Prentice Hall, 1988.

Koziol, J., et al. The Shellcoder's Handbook: Discovering & Exploiting Security Holes. Wiley Publishing, Inc., 2004.

Lopatic, T., McDonald, J., and Song, D. A Stateful Inspection of FireWall-1. Blackhat Briefings, 2000.

Maughan, D., et al. "Request for Comments (RFC) 2408: Internet Security Association & Key Management Protocol (ISAKMP)." Internet Engineering Task Force (IETF), 1998.

McConnell, S. Code Complete: A Practical Handbook of Software Construction. Microsoft Press, 2004.

Menezes, A., van Oorschot, P., and Vanstone, S. Handbook of Applied Cryptography. CRC Press, 2000.

Microsoft Developer Network (MSDN) Library. http://msdn.microsoft.com/library/, 2006.

Mockapetris, P. "Request for Comments (RFC) 1035: Domain NamesImplementation & Specification." Internet Engineering Task Force (IETF), 1987.

Moore, B. "Shattering By Example." Security-Assessment.com (http://blackhat.com/presentations/bh-usa-04/bh-us-04-moore/bh-us-04-moore-whitepaper.pdf), 2003.

NGSSoftware Insight Security Research Papers. Next Generation Security Software. http://www.nextgenss.com/research/papers/.

OpenBSD Project. OpenBSD Manual (www.openbsd.org/cgi-bin/man.cgi), 2006.

Paxon, V. Personal Web site (www.icir.org/vern/).

Postel, J. "Request for Comments (RFC) 0768: User Datagram Protocol." Internet Engineering Task Force (IETF), 1980.

Postel, J. "Request for Comments (RFC) 0791: Internet Protocol." Internet Engineering Task Force (IETF), 1981.

Postel, J. "Request for Comments (RFC) 0793: Transmission Control Protocol." Internet Engineering Task Force (IETF), 1981.

Quinlan, D., Russell, P. R., and Yeoh, C. "Filesystem Hierarchy Standard." www.pathname.com/fhs/, 2004.

Ranum, M. Personal Web site (www.ranum.com/).

Russinovich, M. and Cogswell, B. Sysinternals (www.sysinternals.com/).

Russinovich, M. and Solomon, D. Microsoft Windows Internals: Microsoft Windows Server 2003, Windows XP, & Windows 2000, Fourth Edition. Microsoft Press, 2005.

Schneier, B. Applied Cryptography: Protocols, Algorithms, & Source Code in C, Second Edition. Wiley Publishing, Inc., 1995.

Schrieber, S. Undocumented Windows 2000 Secrets: A Programmer's Cookbook. Addison-Wesley, 2001.

Sommerville, I. Software Engineering, Seventh Edition. Addison-Wesley, 2004.

SPI Labs Whitepapers. SPI Dynamics (www.spidynamics.com/spilabs/education/whitepapers.html).

St. Johns, M. "Request for Comments (RFC) 1413: Identification Protocol." Internet Engineering Task Force (IETF), 1993.

Stevens, W. R. Advanced Programming in the UNIX™ Environment. Addison-Wesley, 1992.

Stevens, W. R. TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley, 1994.

Stewart, R. and Dalal, M. Improving TCP's Robustness to Blind In-Window Attacks. Internet Engineering Task Force (IETF), 2006.

Swiderski, F. and Snyder, W. Threat Modeling. Microsoft Press, 2004.

The Open Group. The Single UNIX Specification. The Austin Group (www.unix.org/version3/), 2004.

van der Linden, P. Expert C Programming. Prentice-Hall, 1994.

Wheeler, D. A. "Secure Programming for Linux and Unix HOWTO." www.dwheeler.com/secure-programs, 2003.

Zalewski, M. "Delivering Signals for Fun & Profit." Symantec (BindView publication, acquired by Symantec; www.bindview.com/Services/Razor/Papers/2001/signals.cfm), 2001.

Zalewski, M. Personal Web site (http://lcamtuf.coredump.cx/).