G2 Online

Home > Cyber Security Reference

REFERENCES
CERT	http://www.cert.org/nav/index.html
CERT Advisories	http://www.cert.org/advisories/
CERT Incident Notes	http://www.cert.org/incident_notes/
CERT Summaries	http://www.cert.org/summaries/
CERT Current Activity	http://www.cert.org/current/current_activity.html
DoD CERT	http://www.cert.mil
Computer Weekly	http://www.computerweekly.com
DeepSight Threat Management System	https://tms.symantec.com
DHS Daily Report Archives	http://www.nipc.gov/dailyreports/dailyindex.htm
Federal Computer Incident Response Center (FedCIRC)	http://www.fedcirc.gov/
iDefense	http://www.idefense.com/
Infosyssec	http://www.infosyssec.com/
SANS	http://www.sans.org
NIST Computer Security Resource Center (SCRC)	http://csrc.nist.gov/
NIST Vulnerability and Threat Portal	http://icat.nist.gov/vt_portal.cfm
NIST Security Bulletins	http://csrc.nist.gov/publications/nistbul/
Navy Information Security Techical Assistance Center (ITAC)	https://infosec.navy.mil
Navy Information Assurance	https://infosec.navy.mil/ps/?t=main/main.tag&bc=main/bc_main.html
Navy NAVCIRT Advisories Database (IAVAs)	https://infosec.navy.mil/Advisory/advi?
IATAC	http://iac.dtic.mil/iatac/
IATAC Digest	http://iac.dtic.mil/iatac/products/ia_digest.htm
Hacker Intel	http://www.hackerintel.com/
CERT Tech Tips on Improving Security	http://www.cert.org/tech_tips/
CIAC Documents http://ciac.llnl.gov/cgi-bin/index/documents	http://ciac.llnl.gov/cgi-bin/index/documents
The Cryptography Project	http://www.cosc.georgetown.edu/~denning/crypto
FIRST Security Papers	http://www.alw.nih.gov/Security/first-papers.html
Hideaway.Net - Security Texts	http://www.hideaway.net/Server_Security/Library/library.html
Information Warehouse! Technical Publications	http://iwi.com/iw-pubs.htm
Miscellaneous Security Papers (ftp)	ftp://jhunix.hcf.jhu.edu/pub/miscellaneous_security_papers
Model Security Policies (SANS Institute Resources)	http://www.sans.org/newlook/resources/policies/policies.htm
Rainbow Series Books	http://csrc.nist.gov/secpubs/rainbow/
Raptor Systems Security Library	http://www.raptor.com/lib/index.html
NSA Security Configuration Guides	http://www.nsa.gov/snac/

General Topics
Security Glossary of Terms	http://www.setsolutions.com/security.htm
Glossary of Terms Used in Security and Intrusion Detection	http://www.sans.org/resources/glossary.php
An Introduction to Computer Security , NIST Special Publication 800-12	http://csrc.nist.gov/publications/nistpubs/index.html
IT Baseline Protection Manual from BSI	http://www.bsi.bund.de/gshb/english/menue.htm
How To Eliminate The Ten Most Critical Internet Security Threats - SANS	http://www.sans.org/top20/top10.php


DATABASES
NIST - ICAT Vulnerability Database	http://icat.nist.gov/icat.cfm
NIST - ICAT Vulnerability Database - Top Ten Vulnerabilities	http://icat.nist.gov/icat.cfm?function=topten
NIST Computer Security Resource Center (SCRC) - Virus Information	http://csrc.nist.gov/virus/
Computer Vulnerabilities and Exposure (CVE)	http://cve.mitre.org/about/
CVE Index and Search	http://cve.mitre.org/cve/index.html
CVE Concordance	http://www.iss.net/security_center/advice/Concordance/default.htm
Full-Disclosure Archives	http://lists.netsys.com/pipermail/full-disclosure/
Virus Bulletin	http://www.virusbtn.com/resources/
eEye Digital Security	http://www.eeye.com/html/Research/Advisories/index.html
zone-h	http://www.zone-h.org/en/defacements/special
ICAT Metabase	http://icat.nist.gov
Open Source Vulnerability Database	http://www.osvdb.org

ACTIVITY MONITORING and REPORTS
Symantec Threat Monitoring System	https://tms.symantec.com
Internet Storm Center	http://isc.incidents.org
Internet Storm Center - Top 10	http://isc.incidents.org/top10.html
my NetWatchman - Top Ports	http://www.mynetwatchman.com/tp.asp
my NetWatchman - Top Port Increase	http://www.mynetwatchman.com/tpincr.asp
Dshield - General Lookup	http://www.dshield.org/reports.php
Dshield - Top 10 Most Wanted IP	http://www.infosyssec.com/cgi-bin/flink.cgi?target=www.infosyssec.com/infosyssec/bor1.htm
Dshield - Top 10 Target Ports	http://www.infosyssec.com/cgi-bin/flink.cgi?target=www.infosyssec.com/infosyssec/bor2.htm

IP ADDRESS LOOKUP
INTERNET REGISTRIES
American Registry for Internet Numbers (ARIN)	http://www.arin.net
Asia Pacific Network Information Centre	http://www.apnic.net
Réseaux IP Européens (RIPE)	http://www.ripe.net
Latin America and Caribbean Internet Registration (LACNIC)	http://lacnic.net/cgi-bin/lacnic/whois?lg=EN
APJII - Indonesia
CNNIC - China
JPNIC - Japan	http://whois.nic.ad.jp/cgi-bin/whois_gw
KRNIC - Korea	http://www.nic.or.kr/www/english/
TWNIC	http://www.twnic.net/index2.php
VNNIC - Vietnam
Military networks	http://www.nic.mil
Symantec TMS	https://tms.symantec.com
Dshield - General Lookup	http://www.dshield.org/reports.php

TOOLS
Network Calculator	http://www.telusplanet.net/public/sparkman/netcalc.htm
Visual Route	http://visualroute.visualware.com
Open Vulnerability Assessment Language	http://oval.mitre.org/
SPEW.org	http://spews.org
GeekTools	http://www.geektools.com/tools.php
Karen's Power Tools	http://www.karenware.com/powertools.asp
Mozilla Firefox 0.8	http://www.mozilla.org
New Work and Security Tools	http://thc.org
String encoder and decoder	http://umbrella.name/codenow.htm
Canvas	http://www.immunitysec.com/downloads.shtml
Datarescue	http://www.datarescue.com/idabase/index.htm
Ascii , dex , oct reference	http://www.asciitable.com/
Solidshell	http://solidshell.net/#
Fosh	http://www.fosh.com.au/Fosh/Support/hextoascii.htm
Spychecker	http://www.spychecker.com/
Hfnetchk	http://hfnetchk.shavlik.com/default.asp
netcraft	http://news.netcraft.com/
Proxypot	http://www.proxypot.org/
multiproxy	www.multiproxy.org
webferret	www.webferret.com

BACKGROUND / REFERENCES
Internet Security Systems	http://www.iss.net/security_center/advice
DeepSight Alert Services	https://alerts.symantec.com
Trojan List with Sorting Options	http://www.simovits.com/trojans/trojans.html
Trojan List v, Ports	http://www.jlathamsite.com/dslr/suspectports.htm
DosHelp.com Intrusion and Attack Reporting Center	http://www.doshelp.com/trojanports.htm
ONCTek - Trojan / Backdoor and TCP/UDP ports	http://www.onctek.com/trojanports.html
Linux Firewall Tools - Commonly Probed Ports	http://www.linux-firewall-tools.com/linux/ports.html
Commodon Communications	http://www.commodon.com/threat/frame.htm
InfoSysSec	http://www.infosyssec.org/
Commodon Communications-Current List of Trojans	http://www.commodon.com/threat/threat-all.htm
Internet Ports, Services and Trojans	http://andrew.triumf.ca/ports/other.html
X-Force Research	http://xforce.iss.net/
X-Force Research - Alerts and Advisories	http://xforce.iss.net/xforce/alerts
Port Knowledgebase	http://www.iss.net/security_center/advice/Exploits/Ports/
IANA Port Assignments	http://www.iana.org/assignments/port-numbers
astalavista	http://www.astalavista.com
Blackcode	http://www.blackcode.com
Church of the Swimming Elephant	http://www.cotse.com
CyHackPortal	http://www.cyhackportal.com
DShield	http://dshield.org
E-Week	http://www.eweek.com/
fatelabs	http://www.fatelabs.com
Hack in the Box	http://www.hackinthebox.com
HACK R. COM	http://www.hack3r.com
Hackersplayground	http://www.hackersplayground.org
Hackerthreads.org Security Forum	http://www.hackerthreads.org
Insecure.Org	http://www.insecure.org
Lame Industries	http://www.lameindustries.org
Linux Security.com	http://www.linuxsecurity.com
my NetWatchman	http://www.mynetwatchman.com
New Order	http://neworder.box.sk
Packet Storm	http://www.packetstormsecurity.com
ProgenicDotCom	http://www.progenic.com
Root Hack	http://www.roothack.org
SecurityFocus	http://www.securityfocus.com
The Hacktivist	http://www.thehacktivist.com/index.php
the Honeynet Project	http://www.honeynet.org
Zone-h	http;//www.zone-h.org
GoDaddy	http://www.godaddy.com
Security News Portal	http://securitynewsportal.com/index.html
Ziff Davis	http://www.zdnet.com
The Register	http://www.theregister.co.uk/content/1/index.html
Internet Assigned Numbers Authority	http://www.iana.org/
mlsecurity	http://www.mlsecurity.com/research/
Bsdhound	http://bsdhound.com/link.php
Security horizon	http://www.securityhorizon.com/security_whitepapers/
Cisco aironet moding	http://www.mrx.com.au/wireless/AironetModifications.htm
Cyruxnet	http://www.cyruxnet.org/news.htm
Deamonnews	http://www.daemonnews.org/200108/security-howto.html
I-eye	http://www.i-eye.de/dokumentation/index.php
bugtraq.underattack	http://bugtraq.underattack.co.kr/xploit.php3?line_1=0&line_2=10
Freebsd security	http://www.watson.org/fbsd-hardening/
hack canada	http://www.hackcanada.com/
rootkit	http://rootkit.host.sk/
Government security	http://www.governmentsecurity.org/
markusjansson	http://www.markusjansson.net/exp.html
HSC	http://www.hsc.fr/ressources/outils/idswakeup/index.html.en#copieecran
haxworx	http://www.haxworx.com/index.php
securiteam	http://www.securiteam.com/
hernanracciatti	http://www.hernanracciatti.com.ar/papers_and_download.html
Shellcode	http://www.shellcode.com.ar/
Security.ku.edu	http://security.ku.edu/hardening/freebsd.shtml
Securitytrap	http://www.securitytrap.com/
Sysinternals	http://www.sysinternals.com/
Cartel-Securite	http://www.cartel-securite.fr/pbiondi/projects/shellforge.html
Networkintrustion	http://www.networkintrusion.co.uk/fortools.htm
Community core sdi	http://community.core-sdi.com/~juliano/bufo.html
Security Corporation	http://www.security-corporation.com/
Underground Mac	http://undergroundmac.com/
theory X	http://www.theory-x.org/
windows security	http://www.windowsecurity.com/
critical security	http://www.criticalsecurity.com/
firewall	http://www.firewall.cx/
blackhate info	http://www.blackhat.info/live/
hacker news	http://www.hackers-news.com/
elcomsoft	http://www.elcomsoft.com/prs.html
Xatrix	http://www.xatrix.org/
Security Forums	http://www.security-forums.com/
Hack in the Box	http://www.hackinthebox.org
Camelot Newsletters and Library	http://www.camelot.com/newsletter.asp?PageID=69
Cipher Newsletter	http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/
Computer Incident Advisory Capability (CIAC) Notes	http://ciac.llnl.gov/cgi-bin/cnotes
Computer Security News Daily	http://www.MountainWave.com
Internet Security Newsletter	http://www.securecomputing.com/U_New_ISN.html
Internet Security Review	http://www.isr.net/index1.html
Hacker Quarterly	http://www.2600.com

USEFUL PRODUCTS
Technorati online forum search engine	http://www.technorati.com
Dogpile Search Engine	http://www.dogpile.com
Google Search Engine	http://www.google.coom
Babelfish Machine Translation	http://babelfish.altavista.com
All nettools	http://www.all-nettools.com/tools4.htm
Proxify	https://proxify.com/
CGIProxy 2.0.1	http://www.jmarshall.com/tools/cgiproxy/
eventlongscan	http://www.eventlogscan.com/
Eunet	http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html
Free Translation.com	http://Freetranslation.com

Security Software

Public Domain Security Software by Category
Authentication and Encryption Software	http://www.alw.nih.gov/Security/prog-auth.html
Firewall Software /Security/prog-firewall.html	http://www.alw.nih.gov/Security/prog-firewall.html
Network and Network Monitoring Software	http://www.alw.nih.gov/Security/prog-network.html
System Enhancements Software /	http://www.alw.nih.govSecurity/prog-enhance.html
System Monitoring Software /	http://www.alw.nih.govSecurity/prog-monitor.html

Public Domain Security Software
Abacus Sentry	http://www.psionic.com/abacus/abacus_sentry.html
AIDE	http://www.cs.tut.fi/~rammer/aide.html
Anonftpd	ftp://koobera.math.uic.edu/pub/software
Additional Info: anonftd	ftp://koobera.math.uic.edu/www/anonftpd.html
Argus	ftp.andrew.cmu.edu/pub/argus
Arpwatch	ftp://ftp.ee.lbl.gov/
COPS (Computer Oracle and Password System)	ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/cops
Courtney	ftp://ciac.llnl.gov/pub/ciac/sectools/unix
	http://www.alw.nih.gov/Security/CIAC-Notes/CIAC-Notes-08.html
Crack lib	ftp://ftp.cerias.purdue.edu/pub/tools/unix/libs/cracklib/
Deslogin	ftp://ftp.uu.net/pub/security/des/
Dig	ftp://venera.isi.edu/pub/
Drawbridge	ftp://net.tamu.edu/pub/security/TAMU/
Fcheck	http://sites.netscape.net/fcheck
Fping	ftp://ftp.stanford.edu/pub/packages/fping/
Icmpinfo	ftp://hplyot.obspm.fr/net/
Additional Info: icmpinfo man page	http://hplyot.obspm.fr/~dl/icmpinfo.html
Iss	ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/iss/
Additional Info: CERT Advisory 93:14.Internet.Security.Scanner	http://www.cert.org/advisories/CA-1993-14.html
IPACL	ftp://ftp.porcupine.org/pub/security/
Jetmon	http://jetmon.uoregon.edu/
Kerberos	http://web.mit.edu/network/kerberos-form.html
Additional Info: Kerberos: The Network Authentication Protocol	http://web.mit.edu/kerberos/www/
Klaxon	ftp://ftp.eng.auburn.edu/pub/doug/
L6	ftp://ftp.pgci.ca/pub/l6
Additional Info: L6	http://www.pgci.ca/l6.html
Lcrzo	http://www.laurentconstantin.com/us/lcrzo/lcrzo/
Lcrzoex	http://www.laurentconstantin.com/us/lcrzo/lcrzoex/
Logdaemon	ftp.porcupine.orgftp://ftp.porcupine.org/pub/security/
Additional Info: Wietse's tools and papers	ftp://ftp.porcupine.org/pub/security/index.html
Logsurfer	ftp.cert.dfn.deftp://ftp.cert.dfn.de/pub/tools/audit/logsurfer/
Additional Info: Lo gsurfer Homepage	http://www.cert.dfn.de/eng/team/wl/logsurf/
Lsof	ftp://vic.cc.purdue.edu/pub/tools/unix/lsof
Mangle	ftp://ftp.informatik.uni-erlangen.de/pub/utilities/pwtest/
Additional Info: Readme file for Mangle	ftp://ftp.informatik.uni-erlangen.de/pub/utilities/pwtest/README.mangle
Mason	http://www.pobox.com/~wstearns/mason/
Merlin	ftp://ciac.llnl.gov/pub/ciac/sectools/unix/merlin/merlin.tar.gz
Additional Info: Merlin Information	http://ciac.llnl.gov/ciac/ToolsMerlin.html
MD5	ftp://rsa.com/pub/
Additional Info: RFC 1544	http://www.rsa.com
MIME Object Security Services (MOSS)	ftp://ftp.tis.com/pub/MOSS
Additional Info: MOSS FAQ	ftp://ftp.tis.com/pub/MOSS/FAQ
The Nessus Project	http://www.nessus.org/
Netlog	ftp://net.tamu.edu/pub/security/TAMU/
Network Security Scanner (NSS)	ftp://jhunix.hcf.jhu.edu/pub/nss/
NFSWatch	ftp://ftp.cerias.purdue.edu/pub/tools/unix/nfswatch/
Nmap	http://www.insecure.org/nmap/index.html
Nnap for NT Download	http://www.eeye.com/html/Databases/Software/nmapnt.html
Npasswd	ftp://ftp.cc.utexas.edu/pub/npasswd/
Additional Info: Information about npasswd	http://uts.cc.utexas.edu/~clyde/npasswd.html
OPIE	ftp://ftp.nrl.navy.mil/pub/security/opie/
Osh	ftp://ftp.c3.lanl.gov/pub/mcn/
Additional Info: The Operator Shell	http://www.c3.lanl.gov/~mcn/osh.html
Passwd+	ftp://ftp.dartmouth.edu/pub/security/
PGP	ftp://www.eff.org/pub/Net_info/Tools/Crypto
Additional Info: Cryptography, PGP, and Your Privacy	http://world.std.com/~franl/crypto.html
Pidentd	ftp://ftp.lysator.liu.se/pub/ident/servers
PingLogger	http://www.students.uiuc.edu/~jwthomp/code
Portmapper	ftp.porcupine.orgftp://ftp.porcupine.org/pub/security/
RIPEM	ftp://ripem.msu.edu/pub/crypt/GETTING_ACCESS
Additional Info: Information about RIPEM	http://www.cs.indiana.edu/ripem/dir.html
Rpcbind	ftp://ftp.porcupine.org/pub/security/
Rscan	ftp://ftp.vis.colostate.edu/pub/rscan/
Additional Info: Rscan: Heterogeneous Network Interrogation	http://www.vis.colostate.edu/rscan
SAINT	ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/saint/
SARA	http://www-arc.com/sara/
SATAN	ftp://ftp.cerias.purdue.edu/pub/\tools/unix/scanners/satan/
Additional Info: Cert Advisory CA-95:06.satan	http://www.cert.org/advisories/CA-1995-06.html
Scan-Detector	ftp://ftp.cerias.purdue.edu/pub/tools/unix/logutils/scan-detector/
Additional Info: COAST Projects' Tools	http://www.cs.purdue.edu/coast/coast-tools.html
Sendmail	ftp://ftp.cs.berkeley.edu/ucb/sendmail
Sendmail Wrapper	ftp://ftp.auscert.org.au/pub/auscert/tools
SENSS	http://www.sun.com/software/communitysource/senss
Shadow	ftp://ftp.cs.widener.edu/pub/src/adm
Simple Socksd	http://www.leverage.com/users/tlod/ssockd.html
Additional Info: Simple SOCKS Daemon	http://waynesworld.ucsd.edu/~tlod/ssockd/ssockd.html
SKey	ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/skey/
Simple Key-Management For Internet Protocols (SKIP)	http://skip.incog.com/form.html
Additional Info: SKIP Information	http://skip.incog.com/
Siphon	http://www.subterrain.net/projects/siphon/
Smrsh	ftp://ftp.nec.com/pub/security/smrsh
Snort	http://www.snort.org
Socks	ftp://ftp.nec.com/pub/security
Additional Info: Welcome to SOCKS	http://www.socks.nec.com/
SSH	ftp://ftp.cs.hut.fi/pub/ssh
Additional Info: Ssh (Secure Shell) Home Page	http://www.cs.hut.fi/ssh
STEL	ftp://idea.sec.dsi.unimi.it/cert-it/
Strobe	ftp://suburbia.apana.org.au/pub/
Sudo	ftp://ftp.cs.colorado.edu/pub/sysadmin/utilities
Additional Info: Sudo - a utility to allow restricted root access	http://www.cs.colorado.edu/~millert/sudo/
Swatch	ftp://ftp.stanford.edu/general/security-tools/swatch
Syn	ftp://ftp.pgci.ca/pub/syn/
Additional Info: Syn	http://www.pgci.ca/syn.html
TCP Wrapper	ftp://ftp.porcupine.org/pub/security/
Additional Info: TCP Wrapper	ftp://ftp.porcupine.org/pub/security/tcp_wrapper.txt.Z
Tcpdump	ftp://ftp.ee.lbl.gov/
Tcpr	ftp://ftp.alantec.com/pub/tcpr/
Tiger	ftp://net.tamu.edu/pub/security/TAMU/
Traceroute	ftp://ftp.psc.edu/pub/net_tools/

Tripwire	ftp://ftp.cerias.purdue.edu
Additional Info: Tripwire	ftp://ftp.cerias.purdue.edu/pub/tools/unix/ids/tripwire/
TTY-Watcher	ftp.cerias.purdue.edu
Wu-ftpd	wuarchive.wustl.edu
Xinetd	qiclab.scn.rain.com
Xp-BETA	ftp.mri.co.jp
YPX	ftp.uu.net

SUBSCRIPTION SERVICES
IATAC NEWS LETTER	http://iac.dtic.mil/iatac
Microsoft Windows Security Bulletin	http://www.microsoft.com/technet/security/bulletin/notify.mspx
Sophos Alert System	Tosubscribetothelist,sendanemailto notification-subscribe@lists.sophos.com orvisithttp://www.sophos.com/virusinfo/notifications/
Full-Disclosure digest	http://lists.netsys.com/mailman/listinfo/full-disclosure
morning wood	http://exploitlabs.com/menu.html


FOCUS ON BROWSER SECURITY
People
Liu Die Yu	http://www.safecenter.net/UMBRELLAWEBV4/DirSvc/index.html
Jelmer	http://62.131.86.111/
Georgi Guninski	http://www.guninski.com/
http-eqiv	http://www.malware.com/

PENETRATION TESTING
Hammer of the gods	http://ettercap
Netbios attacks using samba	http://www.sorgonet.com/security/windows-shared-resources/
Netbios attacks using samba	http://www.hackinthebox.org/print.php?sid=5719
Secfr	http://secfr.nerim.net/docs/fingerprint/en/ttl_default.html
Enumeration	http://home.ubalt.edu/abento/753/enumeration/enumerationtools.html
Ettercap	http://ettercap.sourceforge.net/
Excoll	http://ers.pp.ru/excoll/
Rosiello	http://www.rosiello.org/en/index.html
Sql injection	http://www.sitepoint.com/article/sql-injection-attacks-safe
Rootexploit	http://rootexploit.net/docs/dictionaries/
Session hijack	http://staff.washington.edu/dittrich/talks/agora/script.html
Skopesix	http://www.skopesix.com/
Webhack	http://www.web-hack.ru/exploit/
lcamtuf	http://lcamtuf.coredump.cx/p0f.shtml
Wordlist	ftp://ftp.ox.ac.uk/pub/wordlists/

SECURITY TRAINING COMPANIES
Dave Aitel	http://www.immunitysec.com/news-latest.shtml
Foundstone	www.foundstone.com
Hacker Degree	http://www.hackerdegree.com/?source=adwords

SHELL SCRIPTING AND PROGRAMMING
Bash shell	http://www.tldp.org/LDP/abs/html/
Bash shell	http://www.arachnoid.com/linux/shell_programming.html
Bash shell	http://steve-parker.org/sh/loops.shtml
C basics	http://www.haxworx.com/texts/c_documentation.html
C programming XOR-Encryption	http://www.cprogramming.com/tutorial/xor.html
Buffer overflow	http://www.shellcode.com.ar/docz/bof/mixter-smash.txt
XML	http://64.26.23.218/gpage.html


Advisories from Independent Groups

8LGM Advisories	http://www.alw.nih.gov/Security/8lgm.html
AUSCERT Advisories	http://www.auscert.org.au/Information/advisories.html
Bugtraq Archives	http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html
CIAC Bulletins	http://ciac.llnl.gov/cgi-bin/index/bulletins/
DFN-CERT	http://www.cert.dfn.de/eng/
(@) Stake Advisories	http://www.atstake.com/research/advisories/
Rootshell	http://www.rootshell.com/
Secure Networks, Inc. (SNI) Advisories	http://www.secnet.com/advisories/
VulnWatch - Vulnerability Disclosure List http:///	http://www.vulnwatch.org/

Advisories from Vendors

Microsoft Security Advisor	http://www.microsoft.com/security/
OpenBSD Security Views	http://www.openbsd.org/security.html
Silicon Graphics Security Advisories	http://www.sgi.com/Support/security/advisories.html


Specialized Topics

Java
Java Security	http://swissnet.ai.mit.edu/~jbank/javapaper/javapaper.html
Java Security: From HotJava to Netscape and Beyond	http://www.cs.princeton.edu/sip/pub/secure96.html
Low Level Security in Java	http://java.sun.com/sfaq/verifier.html
Security in Java	http://java.sun.com/whitePaper/java-whitepaper-8.html

Network
Home PC Firewall Guide for Internet Security	http://www.FireWallGuide.Com
Internet Spoofing Reference http://	http://www.articsoft.com/web_spoofing.htm
Security in a Public World: A Survey	http://www.stanford.edu/group/DCE/Gaurav/sec_doc.html
Things that Go Bump in the Net	http://www.research.ibm.com/massdist/bump.html

PGP
PGP: a Nutshell Overview (PDF)	http://www.jjgb.com/public_files/pgpnut.pdf
PGP User's Guide Volume 1 (PDF)	http://www.jjgb.com/public_files/pgpvol1.pdf
PGP User's Guide Volume 2 (PDF)	http://www.jjgb.com/public_files/pgpvol2.pdf

Kerberos
Kerberos: Authentication for computer networks	http://nii.isi.edu/gost-group/products/kerberos/
Kerberos Information and Help by Lenny Miceli of SUNY at Buffalo	http://ubvms.cc.buffalo.edu/~tkslen/kerberos.html
Kerberos: The Network Authentication Protocol	http://web.mit.edu/kerberos/www/
Kerberos Reference Page l by Derrick Brashear of CMU	http://www.cs.cmu.edu/afs/andrew.cmu.edu/usr/shadow/www/kerberos.htm
State of Macintosh Kerberos Authentication	http://ccmc17.cc.ncsu.edu/sma/sma.html
Troubleshooting and Configuring Kerberos V5 Client Support in Cisco IOS Router Configuration	http://www.cisco.com/warp/public/106/kerb_pt1.html

Unix
An Architectural Overview of Unix Network Security	http://www.alw.nih.gov/Security/Docs/network-security.html
How to improve Security on SunOS 4.1.3	ftp://ftp.hawaii.edu/pub/security/doc/
Hardening Solaris. This article presents a concise step-by-step approach to securely installing Solaris for use in a firewall DMZ. l	http://securityportal.com/direct.cgi?/coverstory19991025.htm
Improving the Security of Your Site by Breaking Into it	http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html
Securing X Windows	http://ciac.llnl.gov/ciac/documents/ciac2316.html

Windows NT
The Hardening of Microsoft Windows NT	http://pw2.netcom.com/~honeyluv/HardNT40rev1.pdf
Windows NT Security Information	http://www.microsoft.com/security/products/windowsnt.asp.htm
Understanding Virus Behavior in the Windows NT Environment	http://www.symantec.com/avcenter/reference/vbnt.html
Windows NT Security l	http://world.std.com/~jimf/papers/nt-security/nt-security.htm
Windows NT Security Issues	http://www.somarsoft.com/security.htm

Netsurfer Focus	http://www.netsurf.com/nsf/
Secure News	http://www.isecure.com/newslet.htm
SecurityTracker.com	http://securitytracker.com/

Steganography
Steganography	http://www.thur.de/ulf/stegano/
Steganography by Neil F. Johnson	http://http://www.jjtc.com/stegdoc

Viruses
Security (Computer Technology)	http://www.einet.net/galaxy/Engineering-and-Technology/Computer-Technology/Security.html
Hideaway.Net - Anti-Virus Links http://www.hideaway.net/Anti-Virus/anti-virus.html
ICSA Labs Anti-Virus site	http://www.icsalabs.com/html/communities/antivirus/index.shtml
Internet Hoaxes	http://ciac.llnl.gov/ciac/CIACHoaxes.html
ITtoolbox Security	http://security.ittoolbox.com/
Macintosh Virus Information	http://wwwhost.ots.utexas.edu/mac/pub-mac-virus.html
Symantec Security Response	http://www.sarc.com
Virus Bulletin	http://www.virusbtn.com/

World Wide Web (WWW)
Netscape: On Security	http://home.netscape.com/info/security-doc.html
The World Wide Web Consortium	http://www.w3c.org/
Writing Secure CGI Scripts	http://hoohoo.ncsa.uiuc.edu/cgi/security.html
WWW Security	http://www-ns.rutgers.edu/www-security/index.html

Miscellaneous
ITtoolbox Security	http://security.ittoolbox.com/
Security on the Net by Law Journal Extra!	http://www.ljextra.com/securitynet
Hideaway.Net - Security Links	http://www.hideaway.net/Server_Security/Library/library.html
securitypointer.com - Computer Security Privacy and Tools http://www.securitypointer.com
SecuritySearch.Net - The Internet security resource	http://www.securitysearch.net/


Computer Security Organizations

American Society for Industrial Security	http://www.securitymanagement.com/asismore.html
Canadian Society for Industrial Security	http://www.csis-scsi.org

Communications Security Establishment	http://www.cse.dnd.ca/
Computer Security Institute http://www.gocsi.com/

Electronic Frontier Foundation	http://www.eff.org/
Forum of Incident Response and Security Teams (FIRST)	http://www.first.org/
FIRST Member Security Teams	http://www.first.org/team-info/www.html
High-Tech Crime Network	http://www.htcn.org

Information Systems Security Association (ISSA)	http://www.issa-intl.org
The Institute Of Information Security - INSTIS	http://www.instis.com
International Association for Cryptologic Research	http://www.swcp.com/~iacr/
ICSA Labs	http://www.icsalabs.com/
Italian Computer Antivirus Research Organization	http://www-iwi.unisg.ch/~sambucci/icaro/index.html
National Security Institute	http://nsi.org/
SANS Institute	http://www.sans.org/
The USENIX Association	http://www.usenix.org/

USENET Computer Security NewsGroups

alt.disasters.planning news:alt.disasters.planning	news:alt.disasters.planning
alt.hackers	news:alt.hackers
alt.security	news:alt.security
alt.security.alarms y	news:alt.security
alt.security.keydist	news:alt.security.keydist
alt.security.pgp	news:alt.security.pgp
alt.security.ripem	news:alt.security.ripem
alt.security.tscm	news:alt.security.tscm
comp.lang.java.security	news:comp.lang.java.security
comp.os.ms-windows.nt.admin.security	news:comp.os.ms-windows.nt.admin.security
comp.os.netware.security	news:comp.os.netware.security
comp.protocols.kerberos	news:comp.protocols.kerberos
comp.risks	news:comp.risks
comp.security.announce	news:comp.security.announce
comp.security.firewalls	news:comp.security.firewalls
comp.security.gss-api	news:comp.security.gss-api
comp.security.misc	news:comp.security.misc
comp.security.pgp	news:comp.security.pgp
comp.security.pgp.announce	news:comp.security.pgp.announce
comp.security.pgp.discuss	news:comp.security.pgp.discuss
comp.security.pgp.resources	news:comp.security.pgp.resources
comp.security.pgp.tech	news:comp.security.pgp.tech
comp.security.unix	news:comp.security.unix
comp.virus	news:comp.virus
info.firewalls-digest t	news:info.firewalls-diges
misc.security	news:misc.security
sci.crypt	news:sci.crypt
sci.crypt.research	news:sci.crypt.research



NEW

The Center for Education and Research in Information Assurance and Security (CERIAS)	http://www.cs.purdue.edu/coast/coast.html
SNP Security New Portal	http://www.securitynewsportal.com/index.shtml
Security Tracker	http://www.securitytracker.com/
	http://www.theregister.co.uk/
	http://www.infosecnews.com/home/index.cfm
Secunia Graphical Advisories page	http://secunia.com/
	http://www.securityfocus.com/
	http://www.zone-h.org/
	http://www.viruslist.com/en/weblog
	http://www.f-secure.com/weblog/
	http://securitywizardry.com/radar.htm
	http://www.internettrafficreport.com/main.htm
	http://www.internetpulse.net/
	http://www.us-cert.gov/current/current_activity.html
	http://www.security-forums.com/

Public Cooperative Vulnerability Database	https://cirdb.cerias.purdue.edu/coopvdb/public/pub_search.php
X-force DataBase (ISS)	http://xforce.iss.net/xforce/search.php
	http://www.auscert.org.au/
Hideaway.net	http://www.hideaway.net/home/public_html/index.php
United States Computer Security Emergency Readiness Team. (DHS)	http://www.us-cert.gov/current/current_activity.html
United States Computer Security Emergency Readiness Team. (DHS) Resources Page	http://www.us-cert.gov/resources.html
United States Computer Security Emergency Readiness Team. (DHS) Resources Page	http://www.us-cert.gov/federal/
Dartmouth College ISTS	http://www.ists.dartmouth.edu/library.php
The Information Warfare Site (UK mailing list)	http://www.iwar.org.uk/mailman/listinfo/infocon/
Attrition - / Defaced Commentary Mail List Archive	http://www.attrition.org/security/commentary/

Safemode - inactive defacement archive	http://www.safemode.org/

Zone-H - The Internet Thermometer - Defacement Archive and IT Security	http://www.zone-h.org/en/defacements

G2 Online

REFERENCES

General Topics

DATABASES

ACTIVITY MONITORING and REPORTS

IP ADDRESS LOOKUP

TOOLS

BACKGROUND / REFERENCES

USEFUL PRODUCTS

Security Software

SUBSCRIPTION SERVICES

FOCUS ON BROWSER SECURITY

PENETRATION TESTING

SECURITY TRAINING COMPANIES

SHELL SCRIPTING AND PROGRAMMING

Advisories from Independent Groups

Advisories from Vendors

Specialized Topics

Java

Network

PGP

Kerberos

Unix

Windows NT

Steganography

Viruses

World Wide Web (WWW)

Miscellaneous

Computer Security Organizations

USENET Computer Security NewsGroups

NEW