3.8 Endnotes

1. National Security Agency, Information Assurance Solutions Technical Directors. "Information Assurance Technical Framework, Version 3.1," September 2002 , at http://www.iatf.net .

2. Reference number ISO/IEC 15408-1:1999(E), "Information technology ”Security techniques ”Evaluation criteria for IT security ”Part 1: Introduction and general model," December 1999 , Joint Technical Committee ISO/IEC JTC 1, information technology.

3. Bouchard, Mark. "Plan for a Security Architecture: Guidelines and Relationships," Meta Group, November 11, 2002 , published on ZDNET, at http://techupdate.zdnet.com .

4. Hrivnak, Allison. "Host-Based Intrusion Detection: An Overview of Tripwire and Intruder Alert," January 29, 2002 , SANS, at http://www.sans.org .

5. See ftp.cert.org/pub/tools/tcp_wrappers_7.6.tar.gzand ftp.porcupine.org/pub/security .

6. CERT Advisory CA-1999-01, "Trojan Horse Version of TCP Wrappers," Original issue date, January 21, 1999 , at http://www.cert.org .

7. Lonvick, C. et al., editors. RFC 3164, "The BSD Syslog Protocol," IETF NWG, August 2001 , at http://www.ietf.org .

8. The reader is encouraged to consult http://www.tripwire.com for further details about Tripwire.

9. Available from http://www. sourceforge .net; search for " tripwire " to find the project information.

10. The CIDF URL reference is http://www.isi.edu/gost/cidf .

11. The CVE URL reference is http://www.cve.mitre.org/about .

12. Wahl, M. ed. RFC 2251, "Lightweight Directory Access Protocol (v3)," IETF NDW, December 1997 .

13. Caasi, Richard. SAIC, contributing to the Intrusion Detection FAQ, at http://www.sans.org/resources/idfaq/honeypot.php .

14. White paper by Kecia Gubbels, "Hands in the Honeypot," November 3, 2002 , SANS Institute, at http://www.sans.org/rr/intrusion/hands.php .