annotated link list about computer security
information
- Security Focus
- SecurityFocus.com assembles information from the security community, of which it is a focal point, synthesizes this data and packages it into expert information.
- SecuriTeam
- SecuriTeam is a central Security web site containing all the newest security information from various mailing lists, hacker channels and our own tools and knowledge.
- Computer Security Information
- This page features general information about computer security. Information is organized by source and each section is organized by topic.
- SecuritySearch
- SecuritySearch.Net features searchable security, industry and product news, an extensive and up-to-date directory and search engine of IT security web sites, downloadable tools, white papers, weekly e-mail newsletters, and online message boards.
- Attrition
- Windows IT Security News
- Security Archive
- This archive is a combination of the Bugtraq, CERT, linux-security, linux-alert, rootshell, security-discuss and security-audit mailing lists.
- @stake Research Labs
- Dan Farmers Website
- Wietse's collection of tools and papers
- Security Bugware
- Yahoo! Computers and Internet:Security and Encryption
- Security Alert for Enterprise Resources
- SABERNET : Papers
- Robert Graham's Papers
- IT Security Cookbook
- SUN Security FAQ
- Solaris Documentation online
- armoring whitepapers
- SC Magazine
- TDYC! diverse FAQs
- The Packetfactory
- Jericho
firewall
The first step in implementing your security policy typically requires installing a firewall...
- Firewalls
- The Official Firewall Toolkit FAQ (FWTK FAQ)
- Firewalls Mailing List
- Firewall-1 FAQ @ Phoneboy
- This site has links, downloads, documents, and over 400 FAQs relating to Check Point FireWall-1.
- FIREWALL 1 FAQ
virus protection
- Virus Test Center, Uni Hamburg
- The Virus Shop
- Virus Research Unit
- Virii page
- useful pages around McAfee/NAI virus protection
host security
-
Freeware Security Web Tools
The purpose of this article is to look at some freeware Linux tools the security-conscious administrator can use in the war against cyber attacks. -
CGI Security
One reason why cgi must be looked into more carefully is that no matter how much you firewall your website port 80 must remain open for webpage use. - http://www.grsecurity.net/
The goal of the project is to create the most secure system possible while requiring minimum configuration. [...] The project grew out of my desire for a standard set of security enhancements to the most current versions of Linux kernels - PAM
- PAM
Whitepaper from SUN -
Linux-PAM
This is the Linux-PAM System Administrator's Guide - PAM modules
PAM modules for Linux - PAM-SMB
integration with Windows world
- PAM
VPN
Although a VPN by itself does not necessarily mean that encryption is used, although most of the time encryption will be used on top of a VPN to add a layer of privacy...
Encryption can be a very strong tool, if you know how to use it properly. Many people seem to believe, that with encryption you can solve any security issue -- but in fact, if you have an unsecured, encrypted tunnel between two networks, an attacker can get into your network through this encrypted tunnel extremely securely...
-
What is a VPN (pdf format!)
This paper attempts to provide a common sense definition of a VPN, and an overview of different approaches to building them. - freeSwan
Linux FreeS/WAN is a VPN implementation of IPSEC & IKE for Linux. - HTTP-Tunnel
Tunnel your traffic through port 80...
intrusion detection
Intrusion detection is one more line of defense, that you can build up against attackers; if an attacker really has managed to break through your barriers, time is running against you -- the more time the attacker has the more havock he can wreack... Therefore, an intrusion detection system can offer some added value, although they are not completely fail safe...
- Deploying Open Sourced Network Intrusion Detection for the Enterprise
- To give Security Teams the ability to maintain complete control of their NIDS, a variety of solid open-sourced software can be loaded onto low-power, relatively inexpensive equipment while providing the same features as a commercial EMS NIDS component. This document can be looked at as a guideline for such an implementation.
- SHADOW
- SHADOW is the result of a project that was originally called the Cooperative Intrusion Detection Evaluation and Response (CIDER) project. It was an effort of NSWC Dahlgren, NFR, NSA, the SANS community and other interested parties to locate, document, and improve security software.
- libpcap
- this library provides a portable packet capture mechanism
- arachNIDS
- Snort
- Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
- SnortSnarf
- SnortSnarf is a Perl program to take files of alerts from the free Snort Intrusion Detection System , and produce HTML output intended for diagnosticinspection and tracking down problems.
- Running Snort on IIS Webservers
- an article explaining how to setup and run Snort on a Win32 plattform.
- ACID
- The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of incidents generated by security-related software such as IDSes and firewalls (e.g. Snort, ipchains).
- Portsentry
- It is [...] designed to detect and respond to port scans against a target host in real-time.
- Nmap
- Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.
- Linux Intrusion Detection System
- MCN's Intrusion Tools
other tools
- Logging Tools for Checkpoint Firewall One 2.0c
- Download Netcat for Windows NT
- swiss army knife for the networker
- Encrypted version of netcat
- Cryptcat is the standard netcat enhanced with twofish encryption.
- Medusa
- Medusa is a package that improves the overall security of the Linux OS by extending the standard Linux (Unix) security architecture while preserving backward compatibility.
- Insecure.org
- IP Filter
- IP Filter is a TCP/IP packet filter, suitable for use in a firewall environment. To use, it can either be used as a loadable kernel module or incorporated into your UNIX kernel; use as a loadable kernel module where possible is highly recommended. Scripts are provided to install and patch system files, as required.
- BOWall
- protection against buffer overflows for NT
- Distributed Attacks
- good terminal for Windows with SSH extension
- Openwall -- bringing security into open environments
- AppGate MindTerm
- MindTerm is an an implementation of a secure shell client in pure Java supporting both the ssh1 and the ssh2 protocols. MindTerm runs as a standalone application as well as an Applet.
- security scanner software
-
- Nessus
- The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner.
- nmap
- SAINT
- The Security Administrator's Integrated Network Tool (SAINT), an updated and enhanced version of SATAN, is designed to assess the security of computer networks.
- Cerberus' Internet Scanner
- CIS is a free security scanner written [...] and is designed to help administrators locate and fix security holes in their computer systems. This tool is a must! Click here for a screen shot. Runs on Windows NT or 2000.
websites with information about hacks, attacks, warez
- Attack Cross Reference
- Phrack Webpage
- Homepage von Markus Hübner
- IP Forging Tools
- rootshell.com
- Exploit world
- Happy Hacker
- X-Force Search
- ASTALAVISTA.BOX.SK
- The Hacker's Choice
- Infowar
- Nomad Mobile Research Centre
security organizations
- Information Systems Security Association
- The Information Systems Security Association (ISSA) is a not-for-profit international organization of information security professionals and practitioners. It provides education forums, pubdtcations and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.
- National Infrastructure Protection Center
- The National Infrastructure Protection Center (NIPC) serves as a national critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity.
- CIAC Security Web Site
- Security Management Online
- COAST
- COAST-- Computer Operations, Audit, and Security Technology -- is a multiple project, multiple investigator laboratory in computer security research in the Computer Sciences Department at Purdue University.
- CERT Coordination Center
- At the CERT, we study Internet security vulnerabilities, provide incident response services
- Forum of Incident Response and Security Teams
- EFF Crypto/Privacy/Security Archive
- NIST Computer Security Resource Clearinghouse
- This site contains information about a variety of computer security issues, products, and research
- @stake
- SANS
- The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization.
- Regulierungsbehörde (german signature law)
- DFN-CERT, DFN-PCA und DFN-FWL
- Security Research (IBM Zuerich)
privacy
- JAP -- JAVA ANON PROXY
- We help people to protect their E-Privacy: The JAP software provides anonymous and unobservable communication in the Internet.
articles about society and computer
- The Risks Digest
- Forum On Risks To The Public In Computers And Related Systems
- Computer underground Digest WWW Site
- The Cu Digest was a more-or-less weekly digest/newsletter/journal of debates, news, research, and discussion of legal, social, and other issues related to computer culture. Because of editors' time constraints and changes in computer culture, CuD has likely published its last issue in March, 2000.
- Centrum für angewandte Politikforschung (German site)
- Europäische Akademie
- zur Erforschung von Folgen wissenschaftlich-technischer Entwicklungen
- Sicherheit in der Informationsgesellschaft (German)
- TeleTrusT Deutschland e.V. (German)
- Datenschutz-Beauftragter (German Privacy Information)