Copyright(c) Fred Cohen, 1995-2003 - All Rights Reserved

These journal articles are free to view in electronic form via your World Wide Web browser, however, the publications that originally published these articles maintain their copyrights. You may not copy or republish them or store them in your computer or elsewhere except as required by your browser for the sole purpose of viewing them while using the browser.

Notice

As of July, 2003, Managing Network Security will no longer be published by Network Security Magazine. After an 8 year run, they have finally given up the ghost to move back to more technical articles. Such is life. I would like to express my appreciation to the editors for supporting these articles for so many years and to you my readers for reading and enjoying them. Keep looking out for more in other forms. FC

Managing Network Security

2003

  • July, 2003 - Why?
  • June, 2003 - Background Checks
  • May, 2003 - Operations Security for the Rest of Us
  • April, 2003 - Documenting Security
  • March, 2003 - Novelty Detection
  • February, 2003 - Switching Your Infrastructure
  • January, 2003 - Security Programming

    2002

  • December, 2002 - Back Up a Minute
  • November, 2002 - Breaking In - to test security?
  • October, 2002 - Reworking Your Firewalls
  • Sepember, 2002 - Deception Rising
  • August, 2002 - You're in a Bind!
  • July, 2002 - Is Open Source More or Less Secure?
  • BOUNS ARTICLE - July, 2002 - Smashed Again by Stupid Security
  • June, 2002 - Academia's Vital Role in Information Protection
  • May, 2002 - Terrorism and Cyberspace
  • April, 2002 - Misimpressions We Need to Extinguish
  • March, 2002 - Embedded Security
  • February, 2002 - How to Get Around Your ISP
  • January, 2002 - The End of the Internet as we Know it

    2001

  • December, 2001 - The World Doesn't Want to be Fixed
  • November, 2001 - The Deception Defense
  • October, 2001 - The DMCA
  • September, 2001 Special Issue - The Balancing Act
  • September, 2001 - The Best Security Book Ever Written
  • August, 2001 - Bootable CDs
  • July, 2001 - A Matter of Power
  • June, 2001 - The Wireless Revolution
  • May, 2001 - The New Cyber Gang - A Real Threat Profile
  • April, 2001 - To Prosecute or Not to Prosecute
  • March, 2001 - Corporate Security Intelligence
  • February, 2001 - Testing Your Security by Breaking In - NOT
  • January, 2001 - Marketing Hyperbole at its Finest

    2000

  • December, 2000 - The Millennium Article - Yet Again! - The Bots are Coming!!! The Bots are Coming!!!
  • November, 2000 - Why Everything Keeps Failing
  • October, 2000 - The Threat
  • September, 2000 - Chipping
  • August, 2000 - Understanding Viruses Bio-logically
  • July, 2000 - What does it do behind your back?
  • June, 2000 - Why Can't We Do DNS Right?
  • May, 2000 - Eliminating IP Address Forgery - 5 Years Old and Going Strong
  • April, 2000 - Countering DCAs
  • March, 2000 - Collaborative Defense
  • February, 2000 - Worker Monitoring
  • January, 2000 - Digital Forensics

    1999

  • December, 1999 - Why it was done that way
  • BONUS ARTICLE - November, 1999 - So Much Evidence... So Little Time
  • November, 1999 - The Limits of Cryptography
  • October, 1999 - Security Education in the Information Age
  • September, 1999 - In Your Face Information Warfare
  • August, 1999 - What's Happening Out There
  • July, 1999 - Attack and Defense Strategies
  • June, 1999 - The Limits of Awareness
  • May, 1999 - Watching the World
  • April, 1999 - Simulating Network Security
  • Bonus Article: Incident at All.Net - 1999 Edition
  • March, 1999 - The Millisecond Fantasy
  • February, 1999 - Returning Fire
  • January, 1999 - Anatomy of a Successful Sophisticated Attack

    1998

  • December, 1998 - Balancing Risk
  • November, 1998 - The Real Y2K Issue?
  • October, 1998 - Time-Based Security?
  • September, 1998 - What Should I Report to Whom?
  • August, 1998 - Third Anniversary Article - The Seedy Side of Security
  • July, 1998 - How Does a Typical IT Audit Work?
  • June, 1998 - Technical Protection for the Joint Venture
  • May, 1998 - Risk Staging
  • April, 1998 - The Unpredictability Defense
  • March, 1998 - Red Teaming
  • February, 1998 - The Management of Fear
  • January, 1998 - Y2K – Alternative Solutions

    1997

  • December, 1997 - 50 Ways to Defeat Your Intrusion Detection System
  • November, 1997 - To Outsource or Not to Outsource - That is the Question.
  • October, 1997 - The Network Security Game
  • September, 1997 - Change Your Password – Do Si Do
  • August, 1997 - Penetration Testing?
  • July, 1997 -
  • June, 1997 - Relativistic Risk Analysis
  • May, 1997 - Prevent, Detect, and React
  • April, 1997 - Would You Like to Play a Game?
  • March, 1997 - Risk Management or Risk Analysis?
  • February, 1997 - Network Security as a Control Issue
  • January, 1997 - Integrity First - Usually

    1996

  • December, 1996 - Where Should We Concentrate Protection?
  • November, 1996 - How Good Do You Have to Be?
  • October, 1996 - Why Bother?

    Internet Holes

  • September, 1996 - The SYN Flood
  • August, 1996 - Internet Incident Response
  • July, 1996 - Internet Lightning Rods
  • June, 1996 - UDP Viruses
  • May, 1996 - Eliminating IP Address Forgery
  • April, 1996 - Spam
  • March, 1996 - Bonus: Incident at All.Net
  • March, 1996 - The Human Element
  • January, 1996 - Automated Attack and Defense

    1995

  • December, 1995 - 50 Ways to Attack Your World Wide Web Systems
  • November, 1995 - Network News Transfer Protocol
  • October, 1995 - The Sendmail Maelstrom
  • September, 1995 - Packet Fragmentation Attacks
  • August, 1995 - ICMP