DHTML Menu, (c)2004 Apycom
 
 
Security Resources

Here you will find a myriad of security resources and tools that will help you in developing a robust security plan, increasing your knowledge of the threats that currently face your network and deploying safeguards to protect your business and its critical data.

Please exercise caution with the following tools. It is likely that, if not used properly, these tools may cause serious and permanent damage to your network.


EDUCATION

 


Center for Secure Information Systems (CSIS) Home Page
CERIAS - Purdue University
Crypto and Security Courses
Georgia Tech Information Security Center
Iowa State University - Information Systems Security Laboratory (ISSL)

AUTHENTICATION and ACCESS CONTROL 

TOP


BioAPI Consortium
Comprehensive list of Public Key Infrastructure (PKI) links
Kerberos FAQ
Smart Cards:Tamper Resistance - a Cautionary Note
Technical Advisory Committee to Develop a Federal Information Processing Standard for the Federal Key Management Infrastructure
Welcome to NRI-Finger-imaging, a biometric technology for secure authentication and identification
Face Recognition by Miros

COMPUTER VIRII

TOP


CERT Computer Virus Resources
Computer Immune System Project - Papers
Dr. Solomon's Anti-Virus
IBM Anti-Virus
ICSA.NET's Anti-Virus Community
McAfee VirusScan
Norton Anti-Virus
Virus Bulletin
Virus FAQ
Wildlist Organization International

CRYPTOGRAPHY and CRYPTANALYSIS

TOP


Cryptlib Encryption Toolkit
Counterpane Homepage
Cryptography FAQ
Cryptography Research, Inc.
MIT distribution site for PGP
Pretty Good Privacy, Inc. Home Page
The PGP Attack FAQ

TCP/UDP PORT LISTING

IANA Port List
Trojan Ports List
Trojan Ports.txt for import to port scanner
(right click and select "save target"

FIREWALLS

TOP


Check Point FireWall-1
Cisco PIX
Commercial Firewalls and Related FW Products
Cyberguard KnightSTAR
Internet Firewalls Frequently Asked Questions
Lucent Technologies' Inferno
The Official Firewall Toolkit FAQ (FWTK FAQ)
WatchGuard Firewall
Smoothwall Express
BizGuardian

GLOSSARIES and DICTIONARIES

TOP


Computer Security Incident Handling Terms and Abbreviations
ICSA Cryptographic Consortium
NSA Glossary of Security and Intrusion Detection Terms
RAINBOW Terms and Definitions
The New Hacker's Dictionary

HACKING 

Warning: May contain objectionable material.

TOP


advICE
2600: The Hacker Quarterly
Blacklisted! 411/THUD Magazines
Flashback Hacker Archive
Security Charlatans
Hacking - The World's Greatest Hacking Links 
Hack-Tic Magazine Archive
Attrition

INCIDENT RESPONSE

TOP


Australian CERT
CERT Coordination Center
Computer Incident Advisory Capability (CIAC)
Federal Bureau of Investigation / National Infrastructure Protection Center
Federal Computer Incident Response Capability (FedCIRC)
Forum of Incident Response and Security Teams (FIRST)
NASA Incident Response Center (NASIRC)

INTRUSION DETECTION

TOP


EMERALD Network Intrusion Detection Home Page
Intrusion Detection Commercial Product List
ISS RealSecure
NetRanger -- Cisco Corporation
Network Intrusion Detection Systems FAQ
Network Flight Recorder, Inc.
Network Security Wizard's Dragon

LEGAL and PRIVACY

TOP


COAST Hotlist: Computer Security, Law and Privacy
An Analysis of Security Incidents on the Internet 1989-1995
Center for Democracy and Technology
Computer Privacy Digest
Internet-Related Legal Issues
The Computer Law Resource
Univ. of Dayton School of Law - Cybercrimes
Electronic Privacy Information Center
Encryption, Organized Crime, and Terrorism
Mitch Kapor - Civil Liberties in Cyberspace
Public Safety & Scientific Investigations
The Stalker's Page

PORT SCANNERS AND SNIFFING

TOP


Welcome to Phaos Technology
ISS SAFEsuite™ Products
NetSonar
The SPI-NET Product
NID
nmap
SAINT
SATAN

Windows Security

TOP


Offline NT-pw-util, bootdisk
Windows NT Security Software Tools for Administration and Network Security Management

Known NT Exploits

WinNuke Testing Ground
NT Fixes
L0pht Heavy Industries Security Advisories
Known NT Exploits
NT Security - Frequently Asked Questions
Windows NT Security Update
NT Security - Frequently Asked Questions
Elias's NT Administration Tools & Scripts
Excel password remover
Windows NT Tips, Tricks and Registry Hacks. JSI, Inc is your Windows NT Resource

VIRTUAL PRIVATE NETWORKS

TOP


IPSEC Tutorial
Linux Free S/WAN Project
Cryptanalysis of Microsoft's Point-to-Point Tunneling Protocol (PPTP)
VPN Information on the World Wide Web

VULNERABILITY DATABASES

TOP


AntiCode
CERT Advisories
RSI Denial of Serivce (DoS) Page
X-Force
Security Focus

WEB SECURITY

TOP


Unofficial Cookie FAQ
Fortify for Netscape - Home Page
Edward Felten's Pages on Java Security
Java Security FAQ
Microsoft Authenticode
Microsoft Security Advisor
Netscape Security
Netscape Security Services
The WWW Security FAQ
The Unofficial Microsoft Internet Explorer Security FAQ

INTRUSION DETECTION

Snort Network Intrusion Detection
NFR Security
Enterasys Dragon

SECURITY SCANNERS

Retina Security Scanner
NetIQ
Harris Stat Analyzer
Symantec
Nessus

PASSWORD CRACKING

@Stake LC
John the Ripper

INTERNET HOAXES

CIAC Virus Hoaxes
ICSA Virus Alert Hoax Page
Rob Rosenberger's Computer Virus Myths
UrbanLegends.com
HoaxBusters @ US Dept. of Energy
Security Response at Symantec

CORPORATE POLICY

Security Policy Example
Security Information Web Site
Sans Step-By-Step
Acceptable Use Template
Policy Templates from SANS
Sample Computer Usage Guidelines from SANS.org

Click here to view the .pdf example - "Computer Usage Guidelines for NAS Systems Division Personnel"

Click here to download the template.

 

Acceptable Use Statement from SANS.org

Click here to view the .pdf example - "Acceptable Use Statement for NAS Systems Division Computing Resources"

Click here to download the template.

 

Special Access Policy from SANS.org

Click here to view the .pdf example - "NAS Policy for Special Access on NPSN Systems"

Click here to download the template.

 

Special Access Guidelines Agreement from SANS.org

Click here to view the .pdf example - "NAS Systems Division Special Access Guidelines Agreement"

Click here to download the template.

 

Network Connection Policy from SANS.org

Click here to view the .pdf example - "NSD Policy for NAS Computer Network Hook-Up (Draft)"

Click here to download the template.

 

Escalation Procedures for Security Incidents from SANS.org

Click here to view the .pdf example - "NAS System Control Section Escalation Procedures for Security Incidents"

Click here to download the template.

 

Incident Handling Procedure from SANS.org

Click here to view the .pdf example - "NAS Security Incident Handling Procedures"

Click here to download the template.

How-TO's

 
How to Develop Your Company's First Security Baseline Standard
Computing Policies 
The electronic resource usage and security policy for the University of Pennsylvania.
 
Shelfware: How to Avoid Writing Security Policy and Documentation That Doesn’t Work
Developing a Computer Security Proposal for Small Businesses - How to Start 
It has been widely reported that computerization has played a significant role in the current economic expansion. However, when it comes to systems management in general, and systems security in particular, small businesses are ill prepared to deal with the challenges that increased automation and increased connectivity bring.
 
A System Security Policy for You 
The purpose of this document is to meet the requirements of the GIAC Security Essentials assignment and to provide other interested parties with a reference document that they can use to get their System Security Policy (SSP) document started.
 
Murdoch University

DNS REFERENCE

BASICS

 
Internet Encyclopedia
Introduction to Domain Name Service (DNS)
How Domain Name Servers Work
How does a DNS server work?
Imagi-Net.com - A Brief Overview of DNS (Domain Name System)
 

Configuring and Registering a DNS

 
Setting Up A Basic DNS For A Domain
Acme Byte & Wire's "Ask Mr. DNS" column
InterNIC Registration Services
Domain name registries around the world
InterNIC's Accredited Registrar Directory
Domain Name Availability Check
RIPE Network Coordination Centre
 

DNS Mailing Lists

 
A list from DNSRD of mailing lists relating to DNS
A list from DNSRD of DNS newsgroups
The ISP-DNS discussion listDNS-Swap Mailing list(DNS) FAQ
 

The DNS FAQ

 
Domain Name System (DNS) FAQ
Domain Name Handbook - Site Index

 

Free virus and security scanners

Trend Micro


Symantec
Free Virus and security scans from Symantec
 
AV Testing:

Test your AV installation safely HERE. This is the EICAR Standard Anti-Virus Test file. This is not an actual virus, but is a harmless file that has been adopted by all major AV software makers for the purpose of testing the installation of their products.
 
Port Scanner
Gibson Research

 

  Free Consultation  |  Solutions  |   Training  |  Consulting Services  |  Customers
© Copyright 2002-2006,  ClearPath Security LLC   Terms of Use   Privacy