Title: There Be Dragons Authors: Steven M. Bellovin    
File name:pubdocfirewallsSteven_Bellovin_dragon.ps.Z  
File size: 74285
bytes  

Abstract: Our security gateway to the Internet,
research.att.com, provides only a limited set of services. Most
of the standard servers have been replaced by a variety of trap
programs that look for attacks. Using these, we have detected a
wide variety of pokes, ranging from simple doorknob-twisting to
determined assaults. The attacks range from simple attempts to
log in as guest to forged NFS packets. We believe that many other
sites are being probed but are unaware of it: the standard
network daemons do not provide administrators with either
appropriate controls and filters or with the logging necessary to
detect attacks.