Technical Publications

Is the web a secure environment for electronic commerce?

This paper overviews conventional and extraordinary security threats and measures especially related to the World Wide Web. It shows that security is relative and that the balance between convenience and protection is hard to find. In consequence, the Internet does not offer more security than normal life and one has to go a certain risk to benefit from its potential. It is also available in Postscript format.

Defending against Unsolicited Commercial Email

This paper describes the UCE-filtering-approach deployed by the mapSoN utility. It is also available in Postscript format.

How to Organize Company-wide Authentication and E-Mail Encryption

In this paper, the authors present a skeleton security policy on which others can base their custom made solutions to the authentication problem. Experiences are also described from establishing a certification authority within the German National Research Center for Information Technology (GMD). It is also available in Postscript format.

The Secure Shell

With the growing importance of computers and computer networks in particular, networking security has become a cruicial issue in the Internet today. This document is meant as an introduction to the various attacks Internet users have to face. Furthermore, it explains how the Secure Shell (ssh) tool can be used to defend against many of these attacks. It is also available in Postscript format.

Securing Ordinary TCP Services through Tunnels

This paper explains the concept of tunneling TCP connections through secure channels by providing several examples how tunneling can be implemented transparently for the users of a system. It is written mostly for the administrators and users of Unix and Windows NT workstations. It is also available in Postscript format.

FastCGI — The Forgotten Treasure

This paper shows developers how high-performance web applications can be implemented quite easily using the FastCGI interface and C++. After a brief introduction to FastCGI, it develops a generic C++ framework for web-based applications, and concludes to discuss the advantages and disadvantages of the approach. It is also available in PDF format.

Sustaining Idle TCP Connections with Linux IP Chains

This paper describes a tricky problem in the Linux 2.x kernel, which causes idle TCP connections to abort for no apparent reason when they're routed through a Linx machine that performs masquerading (a.k.a. NAT). And not only that — it also explains how to fix that problem. It is also available in PDF format.