information

Security Focus

SecurityFocus.com assembles information from the security community, of which it is a focal point, synthesizes this data and packages it into expert information.

SecuriTeam

SecuriTeam is a central Security web site containing all the newest security information from various mailing lists, hacker channels and our own tools and knowledge.

Computer Security Information

This page features general information about computer security. Information is organized by source and each section is organized by topic.

SecuritySearch

SecuritySearch.Net features searchable security, industry and product news, an extensive and up-to-date directory and search engine of IT security web sites, downloadable tools, white papers, weekly e-mail newsletters, and online message boards.

Attrition

Windows IT Security News

Security Archive

This archive is a combination of the Bugtraq, CERT, linux-security, linux-alert, rootshell, security-discuss and security-audit mailing lists.

@stake Research Labs

• Dan Farmers Website
• Wietse's collection of tools and papers
• Security Bugware
• Yahoo! Computers and Internet:Security and Encryption
• Security Alert for Enterprise Resources
• SABERNET : Papers
• Robert Graham's Papers
• IT Security Cookbook
• SUN Security FAQ
• Solaris Documentation online
• armoring whitepapers
• SC Magazine
• TDYC! diverse FAQs
• The Packetfactory
• Jericho

firewall

The first step in implementing your security policy typically requires installing a firewall...

Firewalls

The Official Firewall Toolkit FAQ (FWTK FAQ)

Firewalls Mailing List

Firewall-1 FAQ @ Phoneboy

This site has links, downloads, documents, and over 400 FAQs relating to Check Point FireWall-1.

FIREWALL 1 FAQ

virus protection

Virus Test Center, Uni Hamburg

The Virus Shop

Virus Research Unit

Virii page

useful pages around McAfee/NAI virus protection

host security

• Freeware Security Web Tools
  The purpose of this article is to look at some freeware Linux tools the security-conscious administrator can use in the war against cyber attacks.
• CGI Security
  One reason why cgi must be looked into more carefully is that no matter how much you firewall your website port 80 must remain open for webpage use.
• http://www.grsecurity.net/
  The goal of the project is to create the most secure system possible while requiring minimum configuration. [...] The project grew out of my desire for a standard set of security enhancements to the most current versions of Linux kernels
• PAM
  • PAM
    Whitepaper from SUN
  • Linux-PAM
    This is the Linux-PAM System Administrator's Guide
  • PAM modules
    PAM modules for Linux
  • PAM-SMB
    integration with Windows world

VPN

Although a VPN by itself does not necessarily mean that encryption is used, although most of the time encryption will be used on top of a VPN to add a layer of privacy...

Encryption can be a very strong tool, if you know how to use it properly. Many people seem to believe, that with encryption you can solve any security issue -- but in fact, if you have an unsecured, encrypted tunnel between two networks, an attacker can get into your network through this encrypted tunnel extremely securely...

• What is a VPN (pdf format!)
  This paper attempts to provide a common sense definition of a VPN, and an overview of different approaches to building them.
• freeSwan
  Linux FreeS/WAN is a VPN implementation of IPSEC & IKE for Linux.
• HTTP-Tunnel
  Tunnel your traffic through port 80...

intrusion detection

Intrusion detection is one more line of defense, that you can build up against attackers; if an attacker really has managed to break through your barriers, time is running against you -- the more time the attacker has the more havock he can wreack... Therefore, an intrusion detection system can offer some added value, although they are not completely fail safe...

Deploying Open Sourced Network Intrusion Detection for the Enterprise

To give Security Teams the ability to maintain complete control of their NIDS, a variety of solid open-sourced software can be loaded onto low-power, relatively inexpensive equipment while providing the same features as a commercial EMS NIDS component. This document can be looked at as a guideline for such an implementation.

SHADOW

SHADOW is the result of a project that was originally called the Cooperative Intrusion Detection Evaluation and Response (CIDER) project. It was an effort of NSWC Dahlgren, NFR, NSA, the SANS community and other interested parties to locate, document, and improve security software.

libpcap

this library provides a portable packet capture mechanism

arachNIDS

Snort

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

SnortSnarf

SnortSnarf is a Perl program to take files of alerts from the free Snort Intrusion Detection System , and produce HTML output intended for diagnosticinspection and tracking down problems.

Running Snort on IIS Webservers

an article explaining how to setup and run Snort on a Win32 plattform.

ACID

The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of incidents generated by security-related software such as IDSes and firewalls (e.g. Snort, ipchains).

Portsentry

It is [...] designed to detect and respond to port scans against a target host in real-time.

Nmap

Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.

Linux Intrusion Detection System

MCN's Intrusion Tools

other tools

Logging Tools for Checkpoint Firewall One 2.0c

Download Netcat for Windows NT

swiss army knife for the networker

Encrypted version of netcat

Cryptcat is the standard netcat enhanced with twofish encryption.

Medusa

Medusa is a package that improves the overall security of the Linux OS by extending the standard Linux (Unix) security architecture while preserving backward compatibility.

Insecure.org

IP Filter

IP Filter is a TCP/IP packet filter, suitable for use in a firewall environment. To use, it can either be used as a loadable kernel module or incorporated into your UNIX kernel; use as a loadable kernel module where possible is highly recommended. Scripts are provided to install and patch system files, as required.

BOWall

protection against buffer overflows for NT

Distributed Attacks

good terminal for Windows with SSH extension

Openwall -- bringing security into open environments

AppGate MindTerm

MindTerm is an an implementation of a secure shell client in pure Java supporting both the ssh1 and the ssh2 protocols. MindTerm runs as a standalone application as well as an Applet.

security scanner software

Nessus

The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner.

nmap

SAINT

The Security Administrator's Integrated Network Tool (SAINT), an updated and enhanced version of SATAN, is designed to assess the security of computer networks.

Cerberus' Internet Scanner

CIS is a free security scanner written [...] and is designed to help administrators locate and fix security holes in their computer systems. This tool is a must! Click here for a screen shot. Runs on Windows NT or 2000.

websites with information about hacks, attacks, warez

Attack Cross Reference

Phrack Webpage

Homepage von Markus Hübner

IP Forging Tools

rootshell.com

Exploit world

Happy Hacker

X-Force Search

ASTALAVISTA.BOX.SK

The Hacker's Choice

Infowar

Nomad Mobile Research Centre

security organizations

Information Systems Security Association

The Information Systems Security Association (ISSA) is a not-for-profit international organization of information security professionals and practitioners. It provides education forums, pubdtcations and peer interaction opportunities that enhance the knowledge, skill and professional growth of its members.

National Infrastructure Protection Center

The National Infrastructure Protection Center (NIPC) serves as a national critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity.

CIAC Security Web Site

Security Management Online

COAST

COAST-- Computer Operations, Audit, and Security Technology -- is a multiple project, multiple investigator laboratory in computer security research in the Computer Sciences Department at Purdue University.

CERT Coordination Center

At the CERT, we study Internet security vulnerabilities, provide incident response services

Forum of Incident Response and Security Teams

EFF Crypto/Privacy/Security Archive

NIST Computer Security Resource Clearinghouse

This site contains information about a variety of computer security issues, products, and research

@stake

SANS

The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization.

Regulierungsbehörde (german signature law)

DFN-CERT, DFN-PCA und DFN-FWL

Security Research (IBM Zuerich)

privacy

JAP -- JAVA ANON PROXY

We help people to protect their E-Privacy: The JAP software provides anonymous and unobservable communication in the Internet.

articles about society and computer

The Risks Digest

Forum On Risks To The Public In Computers And Related Systems

Computer underground Digest WWW Site

The Cu Digest was a more-or-less weekly digest/newsletter/journal of debates, news, research, and discussion of legal, social, and other issues related to computer culture. Because of editors' time constraints and changes in computer culture, CuD has likely published its last issue in March, 2000.

Centrum für angewandte Politikforschung (German site)

Europäische Akademie

zur Erforschung von Folgen wissenschaftlich-technischer Entwicklungen

Sicherheit in der Informationsgesellschaft (German)

TeleTrusT Deutschland e.V. (German)

Datenschutz-Beauftragter (German Privacy Information)

general software

perl extensions for Windows NT

Goodies an der TU Wien

Software-Archiv LEO

umfangreiche ftp-Link Sammlung