REFERENCES

CERT http://www.cert.org/nav/index.html
CERT Advisories http://www.cert.org/advisories/
CERT Incident Notes http://www.cert.org/incident_notes/
CERT Summaries http://www.cert.org/summaries/
CERT Current Activity http://www.cert.org/current/current_activity.html
DoD CERT http://www.cert.mil
Army Criminal Investigation Command http://www.cid.army.mil/cciu2can.html
Computer Weekly http://www.computerweekly.com
DeepSight Threat Management System https://tms.symantec.com
DHS Daily Report Archives http://www.nipc.gov/dailyreports/dailyindex.htm
Federal Computer Incident Response Center (FedCIRC) http://www.fedcirc.gov/
iDefense http://www.idefense.com/
Infosyssec http://www.infosyssec.com/
SANS http://www.sans.org
NIST Computer Security Resource Center (SCRC) http://csrc.nist.gov/
NIST Vulnerability and Threat Portal http://icat.nist.gov/vt_portal.cfm
NIST Security Bulletins http://csrc.nist.gov/publications/nistbul/
Navy Information Security Techical Assistance Center (ITAC) https://infosec.navy.mil
Navy Information Assurance https://infosec.navy.mil/ps/?t=main/main.tag&bc=main/bc_main.html
Navy NAVCIRT Advisories Database (IAVAs) https://infosec.navy.mil/Advisory/advi?
IATAC http://iac.dtic.mil/iatac/
IATAC Digest http://iac.dtic.mil/iatac/products/ia_digest.htm
Hacker Intel http://www.hackerintel.com/
CERT Tech Tips on Improving Security http://www.cert.org/tech_tips/
CIAC Documents http://ciac.llnl.gov/cgi-bin/index/documentstd>

http://ciac.llnl.gov/cgi-bin/index/documents
The Cryptography Project http://www.cosc.georgetown.edu/~denning/crypto
FIRST Security Papers http://www.alw.nih.gov/Security/first-papers.html
Hideaway.Net – Security Texts http://www.hideaway.net/Server_Security/Library/library.html
Information Warehouse! Technical Publications http://iwi.com/iw-pubs.htm
Miscellaneous Security Papers (ftp) ftp://jhunix.hcf.jhu.edu/pub/miscellaneous_security_papers
Model Security Policies (SANS Institute Resources) http://www.sans.org/newlook/resources/policies/policies.htm
Rainbow Series Books http://csrc.nist.gov/secpubs/rainbow/
Raptor Systems Security Library http://www.raptor.com/lib/index.html
NSA Security Configuration Guides http://www.nsa.gov/snac/

General Topics

Security Glossary of Terms http://www.setsolutions.com/security.htm
Glossary of Terms Used in Security and Intrusion Detection http://www.sans.org/resources/glossary.php
An Introduction to Computer Security , NIST Special Publication 800-12 http://csrc.nist.gov/publications/nistpubs/index.html
IT Baseline Protection Manual from BSI http://www.bsi.bund.de/gshb/english/menue.htm
How To Eliminate The Ten Most Critical Internet Security Threats – SANS http://www.sans.org/top20/top10.php

DATABASES

NIST – ICAT Vulnerability Database http://icat.nist.gov/icat.cfm
NIST – ICAT Vulnerability Database – Top Ten Vulnerabilities http://icat.nist.gov/icat.cfm?function=topten
NIST Computer Security Resource Center (SCRC) – Virus Information http://csrc.nist.gov/virus/
Computer Vulnerabilities and Exposure (CVE) http://cve.mitre.org/about/
CVE Index and Search http://cve.mitre.org/cve/index.html
CVE Concordance http://www.iss.net/security_center/advice/Concordance/default.htm
Full-Disclosure Archives http://lists.netsys.com/pipermail/full-disclosure/
Virus Bulletin http://www.virusbtn.com/resources/
eEye Digital Security http://www.eeye.com/html/Research/Advisories/index.html
zone-h http://www.zone-h.org/en/defacements/special
ICAT Metabase http://icat.nist.gov
Open Source Vulnerability Database http://www.osvdb.org

ACTIVITY MONITORING and REPORTS

Symantec Threat Monitoring System https://tms.symantec.com
Internet Storm Center http://isc.incidents.org
Internet Storm Center – Top 10 http://isc.incidents.org/top10.html
my NetWatchman – Top Ports http://www.mynetwatchman.com/tp.asp
my NetWatchman – Top Port Increase http://www.mynetwatchman.com/tpincr.asp
Dshield – General Lookup http://www.dshield.org/reports.php
Dshield – Top 10 Most Wanted IP http://www.infosyssec.com/cgi-bin/flink.cgi?target=www.infosyssec.com/infosyssec/bor1.htm
Dshield – Top 10 Target Ports http://www.infosyssec.com/cgi-bin/flink.cgi?target=www.infosyssec.com/infosyssec/bor2.htm

IP ADDRESS LOOKUP

INTERNET REGISTRIES
American Registry for Internet Numbers (ARIN) http://www.arin.net
Asia Pacific Network Information Centre http://www.apnic.net
Réseaux IP Européens (RIPE) http://www.ripe.net
Latin America and Caribbean Internet Registration (LACNIC) http://lacnic.net/cgi-bin/lacnic/whois?lg=EN
APJII – Indonesia
CNNIC – China
JPNIC – Japan http://whois.nic.ad.jp/cgi-bin/whois_gw
KRNIC – Korea http://www.nic.or.kr/www/english/
TWNIC http://www.twnic.net/index2.php
VNNIC – Vietnam
Military networks http://www.nic.mil
Symantec TMS https://tms.symantec.com
Dshield – General Lookup http://www.dshield.org/reports.php

TOOLS

Network Calculator http://www.telusplanet.net/public/sparkman/netcalc.htm
Visual Route http://visualroute.visualware.com
Open Vulnerability Assessment Language http://oval.mitre.org/
SPEW.org http://spews.org
GeekTools http://www.geektools.com/tools.php
Karen’s Power Tools http://www.karenware.com/powertools.asp
Mozilla Firefox 0.8 http://www.mozilla.org
New Work and Security Tools http://thc.org
String encoder and decoder http://umbrella.name/codenow.htm
Canvas http://www.immunitysec.com/downloads.shtml
Datarescue http://www.datarescue.com/idabase/index.htm
Ascii , dex , oct reference http://www.asciitable.com/
Solidshell http://solidshell.net/#
Fosh http://www.fosh.com.au/Fosh/Support/hextoascii.htm
Spychecker http://www.spychecker.com/
Hfnetchk http://hfnetchk.shavlik.com/default.asp
netcraft http://news.netcraft.com/
Proxypot http://www.proxypot.org/
multiproxy www.multiproxy.org
webferret www.webferret.com

BACKGROUND / REFERENCES

Internet Security Systems http://www.iss.net/security_center/advice
DeepSight Alert Services https://alerts.symantec.com
Trojan List with Sorting Options http://www.simovits.com/trojans/trojans.html
Trojan List v, Ports http://www.jlathamsite.com/dslr/suspectports.htm
DosHelp.com Intrusion and Attack Reporting Center http://www.doshelp.com/trojanports.htm
ONCTek – Trojan / Backdoor and TCP/UDP ports http://www.onctek.com/trojanports.html
Linux Firewall Tools – Commonly Probed Ports http://www.linux-firewall-tools.com/linux/ports.html
Commodon Communications http://www.commodon.com/threat/frame.htm
InfoSysSec http://www.infosyssec.org/
Commodon Communications-Current List of Trojans http://www.commodon.com/threat/threat-all.htm
Internet Ports, Services and Trojans http://andrew.triumf.ca/ports/other.html
X-Force Research http://xforce.iss.net/
X-Force Research – Alerts and Advisories http://xforce.iss.net/xforce/alerts
Port Knowledgebase http://www.iss.net/security_center/advice/Exploits/Ports/
IANA Port Assignments http://www.iana.org/assignments/port-numbers
astalavista http://www.astalavista.com
Blackcode http://www.blackcode.com
Church of the Swimming Elephant http://www.cotse.com
CyHackPortal http://www.cyhackportal.com
DShield http://dshield.org
E-Week http://www.eweek.com/
fatelabs http://www.fatelabs.com
Hack in the Box http://www.hackinthebox.com
HACK R. COM http://www.hack3r.com
Hackersplayground http://www.hackersplayground.org
Hackerthreads.org Security Forum http://www.hackerthreads.org
Insecure.Org http://www.insecure.org
Lame Industries http://www.lameindustries.org
Linux Security.com http://www.linuxsecurity.com
my NetWatchman http://www.mynetwatchman.com
New Order http://neworder.box.sk
Packet Storm http://www.packetstormsecurity.com
ProgenicDotCom http://www.progenic.com
Root Hack http://www.roothack.org
SecurityFocus http://www.securityfocus.com
The Hacktivist http://www.thehacktivist.com/index.php
the Honeynet Project http://www.honeynet.org
Zone-h http://www.zone-h.org
GoDaddy http://www.godaddy.com
Security News Portal http://securitynewsportal.com/index.html
Ziff Davis http://www.zdnet.com
The Register http://www.theregister.co.uk/content/1/index.html
Internet Assigned Numbers Authority http://www.iana.org/
mlsecurity http://www.mlsecurity.com/research/
Bsdhound http://bsdhound.com/link.php
Security horizon http://www.securityhorizon.com/security_whitepapers/
Cisco aironet moding http://www.mrx.com.au/wireless/AironetModifications.htm
Cyruxnet http://www.cyruxnet.org/news.htm
Deamonnews http://www.daemonnews.org/200108/security-howto.html
I-eye http://www.i-eye.de/dokumentation/index.php
bugtraq.underattack http://bugtraq.underattack.co.kr/xploit.php3?line_1=0&line_2=10
Freebsd security http://www.watson.org/fbsd-hardening/
hack canada http://www.hackcanada.com/
rootkit http://rootkit.host.sk/
Government security http://www.governmentsecurity.org/
markusjansson http://www.markusjansson.net/exp.html
HSC http://www.hsc.fr/ressources/outils/idswakeup/index.html.en#copieecran
haxworx http://www.haxworx.com/index.php
securiteam http://www.securiteam.com/
hernanracciatti http://www.hernanracciatti.com.ar/papers_and_download.html
Shellcode http://www.shellcode.com.ar/
Security.ku.edu http://security.ku.edu/hardening/freebsd.shtml
Securitytrap http://www.securitytrap.com/
Sysinternals http://www.sysinternals.com/
Cartel-Securite http://www.cartel-securite.fr/pbiondi/projects/shellforge.html
Networkintrustion http://www.networkintrusion.co.uk/fortools.htm
Community core sdi http://community.core-sdi.com/~juliano/bufo.html
Security Corporation http://www.security-corporation.com/
Underground Mac http://undergroundmac.com/
theory X http://www.theory-x.org/
windows security http://www.windowsecurity.com/
critical security http://www.criticalsecurity.com/
firewall http://www.firewall.cx/
blackhate info http://www.blackhat.info/live/
hacker news http://www.hackers-news.com/
elcomsoft http://www.elcomsoft.com/prs.html
Xatrix http://www.xatrix.org/
Security Forums http://www.security-forums.com/
Hack in the Box http://www.hackinthebox.org
Camelot Newsletters and Library http://www.camelot.com/newsletter.asp?PageID=69
Cipher Newsletter http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/
Computer Incident Advisory Capability (CIAC) Notes http://ciac.llnl.gov/cgi-bin/cnotes
Computer Security News Daily http://www.MountainWave.com
Internet Security Newsletter http://www.securecomputing.com/U_New_ISN.html
Internet Security Review http://www.isr.net/index1.html
Hacker Quarterly http://www.2600.com

USEFUL PRODUCTS

Technorati online forum search engine http://www.technorati.com
Dogpile Search Engine http://www.dogpile.com
Google Search Engine http://www.google.coom
Babelfish Machine Translation http://babelfish.altavista.com
All nettools http://www.all-nettools.com/tools4.htm
Proxify https://proxify.com/
CGIProxy 2.0.1 http://www.jmarshall.com/tools/cgiproxy/
eventlongscan http://www.eventlogscan.com/
Eunet http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html
Free Translation.com http://Freetranslation.com

Security Software

Public Domain Security Software by Category
Authentication and Encryption Software http://www.alw.nih.gov/Security/prog-auth.html
Firewall Software /Security/prog-firewall.html http://www.alw.nih.gov/Security/prog-firewall.html
Network and Network Monitoring Software http://www.alw.nih.gov/Security/prog-network.html
System Enhancements Software http://www.alw.nih.govSecurity/prog-enhance.html
System Monitoring Software / Public Domain Security Software http://www.alw.nih.govSecurity/prog-monitor.html
Abacus Sentry http://www.psionic.com/abacus/abacus_sentry.html
AIDE http://www.cs.tut.fi/~rammer/aide.html
Anonftpd ftp://koobera.math.uic.edu/pub/software
Additional Info: anonftd ftp://koobera.math.uic.edu/www/anonftpd.html
Argus ftp.andrew.cmu.edu/pub/argus
Arpwatch ftp://ftp.ee.lbl.gov/
COPS (Computer Oracle and Password System) ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/cops
Courtney ftp://ciac.llnl.gov/pub/ciac/sectools/unix
http://www.alw.nih.gov/Security/CIAC-Notes/CIAC-Notes-08.html
Crack lib ftp://ftp.cerias.purdue.edu/pub/tools/unix/libs/cracklib/
Deslogin ftp://ftp.uu.net/pub/security/des/
Dig ftp://venera.isi.edu/pub/
Drawbridge ftp://net.tamu.edu/pub/security/TAMU/
Fcheck http://sites.netscape.net/fcheck
Fping ftp://ftp.stanford.edu/pub/packages/fping/
Icmpinfo ftp://hplyot.obspm.fr/net/
Additional Info: icmpinfo man page http://hplyot.obspm.fr/~dl/icmpinfo.html
Iss ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/iss/
Additional Info: CERT Advisory 93:14.Internet.Security.Scanner http://www.cert.org/advisories/CA-1993-14.html
IPACL ftp://ftp.porcupine.org/pub/security/
Jetmon http://jetmon.uoregon.edu/
Kerberos http://web.mit.edu/network/kerberos-form.html
Additional Info: Kerberos: The Network Authentication Protocol http://web.mit.edu/kerberos/www/
Klaxon ftp://ftp.eng.auburn.edu/pub/doug/
L6 ftp://ftp.pgci.ca/pub/l6
Additional Info: L6 http://www.pgci.ca/l6.html
Lcrzo http://www.laurentconstantin.com/us/lcrzo/lcrzo/
Lcrzoex http://www.laurentconstantin.com/us/lcrzo/lcrzoex/
Logdaemon ftp.porcupine.orgftp://ftp.porcupine.org/pub/security/
Additional Info: Wietse’s tools and papers ftp://ftp.porcupine.org/pub/security/index.html
Logsurfer ftp.cert.dfn.deftp://ftp.cert.dfn.de/pub/tools/audit/logsurfer/
Additional Info: Lo gsurfer Homepage http://www.cert.dfn.de/eng/team/wl/logsurf/
Lsof ftp://vic.cc.purdue.edu/pub/tools/unix/lsof
Mangle ftp://ftp.informatik.uni-erlangen.de/pub/utilities/pwtest/
Additional Info: Readme file for Mangle ftp://ftp.informatik.uni-erlangen.de/pub/utilities/pwtest/README.mangle
Mason http://www.pobox.com/~wstearns/mason/
Merlin ftp://ciac.llnl.gov/pub/ciac/sectools/unix/merlin/merlin.tar.gz
Additional Info: Merlin Information http://ciac.llnl.gov/ciac/ToolsMerlin.html
MD5 ftp://rsa.com/pub/
Additional Info: RFC 1544 http://www.rsa.com
MIME Object Security Services (MOSS) ftp://ftp.tis.com/pub/MOSS
Additional Info: MOSS FAQ ftp://ftp.tis.com/pub/MOSS/FAQ
The Nessus Project http://www.nessus.org/
Netlog ftp://net.tamu.edu/pub/security/TAMU/
Network Security Scanner (NSS) ftp://jhunix.hcf.jhu.edu/pub/nss/
NFSWatch ftp://ftp.cerias.purdue.edu/pub/tools/unix/nfswatch/
Nmap http://www.insecure.org/nmap/index.html
Nnap for NT Download http://www.eeye.com/html/Databases/Software/nmapnt.html
Npasswd ftp://ftp.cc.utexas.edu/pub/npasswd/
Additional Info: Information about npasswd http://uts.cc.utexas.edu/~clyde/npasswd.html
OPIE ftp://ftp.nrl.navy.mil/pub/security/opie/
Osh ftp://ftp.c3.lanl.gov/pub/mcn/
Additional Info: The Operator Shell http://www.c3.lanl.gov/~mcn/osh.html
Passwd+ ftp://ftp.dartmouth.edu/pub/security/
PGP ftp://www.eff.org/pub/Net_info/Tools/Crypto
Additional Info: Cryptography, PGP, and Your Privacy http://world.std.com/~franl/crypto.html
Pidentd ftp://ftp.lysator.liu.se/pub/ident/servers
PingLogger http://www.students.uiuc.edu/~jwthomp/code
Portmapper ftp.porcupine.orgftp://ftp.porcupine.org/pub/security/
RIPEM ftp://ripem.msu.edu/pub/crypt/GETTING_ACCESS
Additional Info: Information about RIPEM http://www.cs.indiana.edu/ripem/dir.html
Rpcbind ftp://ftp.porcupine.org/pub/security/
Rscan ftp://ftp.vis.colostate.edu/pub/rscan/
Additional Info: Rscan: Heterogeneous Network Interrogation http://www.vis.colostate.edu/rscan
SAINT ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/saint/
SARA http://www-arc.com/sara/
SATAN ftp://ftp.cerias.purdue.edu/pub/\tools/unix/scanners/satan/
Additional Info: Cert Advisory CA-95:06.satan http://www.cert.org/advisories/CA-1995-06.html
Scan-Detector ftp://ftp.cerias.purdue.edu/pub/tools/unix/logutils/scan-detector/
Additional Info: COAST Projects’ Tools http://www.cs.purdue.edu/coast/coast-tools.html
Sendmail ftp://ftp.cs.berkeley.edu/ucb/sendmail
Sendmail Wrapper ftp://ftp.auscert.org.au/pub/auscert/tools
SENSS http://www.sun.com/software/communitysource/senss
Shadow ftp://ftp.cs.widener.edu/pub/src/adm
Simple Socksd http://www.leverage.com/users/tlod/ssockd.html
Additional Info: Simple SOCKS Daemon http://waynesworld.ucsd.edu/~tlod/ssockd/ssockd.html
SKey ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/skey/
Simple Key-Management For Internet Protocols (SKIP) http://skip.incog.com/form.html
Additional Info: SKIP Information http://skip.incog.com/
Siphon http://www.subterrain.net/projects/siphon/
Smrsh ftp://ftp.nec.com/pub/security/smrsh
Snort http://www.snort.org
Socks ftp://ftp.nec.com/pub/security
Additional Info: Welcome to SOCKS http://www.socks.nec.com/
SSH ftp://ftp.cs.hut.fi/pub/ssh
Additional Info: Ssh (Secure Shell) Home Page http://www.cs.hut.fi/ssh
STEL ftp://idea.sec.dsi.unimi.it/cert-it/
Strobe ftp://suburbia.apana.org.au/pub/
Sudo ftp://ftp.cs.colorado.edu/pub/sysadmin/utilities
Additional Info: Sudo – a utility to allow restricted root access http://www.cs.colorado.edu/~millert/sudo/
Swatch ftp://ftp.stanford.edu/general/security-tools/swatch
Syn ftp://ftp.pgci.ca/pub/syn/
Additional Info: Syn http://www.pgci.ca/syn.html
TCP Wrapper ftp://ftp.porcupine.org/pub/security/
Additional Info: TCP Wrapper ftp://ftp.porcupine.org/pub/security/tcp_wrapper.txt.Z
Tcpdump ftp://ftp.ee.lbl.gov/
Tcpr ftp://ftp.alantec.com/pub/tcpr/
Tiger ftp://net.tamu.edu/pub/security/TAMU/
Traceroute ftp://ftp.psc.edu/pub/net_tools/
Tripwire ftp://ftp.cerias.purdue.edu
Additional Info: Tripwire ftp://ftp.cerias.purdue.edu/pub/tools/unix/ids/tripwire/
TTY-Watcher ftp.cerias.purdue.edu
Wu-ftpd wuarchive.wustl.edu
Xinetd qiclab.scn.rain.com
Xp-BETA ftp.mri.co.jp
YPX ftp.uu.net

SUBSCRIPTION SERVICES

IATAC NEWS LETTER http://iac.dtic.mil/iatac
Microsoft Windows Security Bulletin http://www.microsoft.com/technet/security/bulletin/notify.mspx
Sophos Alert System Tosubscribetothelist,sendanemailto

notification-subscribe@lists.sophos.com

orvisithttp://www.sophos.com/virusinfo/notifications/

Full-Disclosure digest http://lists.netsys.com/mailman/listinfo/full-disclosure
morning wood http://exploitlabs.com/menu.html

FOCUS ON BROWSER SECURITY

Liu Die Yu http://www.safecenter.net/UMBRELLAWEBV4/DirSvc/index.html
Jelmer http://62.131.86.111/
Georgi Guninski http://www.guninski.com/
http-eqiv http://www.malware.com/

PENETRATION TESTING

Hammer of the gods http://ettercap
Netbios attacks using samba http://www.sorgonet.com/security/windows-shared-resources/
Netbios attacks using samba http://www.hackinthebox.org/print.php?sid=5719
Secfr http://secfr.nerim.net/docs/fingerprint/en/ttl_default.html
Enumeration http://home.ubalt.edu/abento/753/enumeration/enumerationtools.html
Ettercap http://ettercap.sourceforge.net/
Excoll http://ers.pp.ru/excoll/
Rosiello http://www.rosiello.org/en/index.html
Sql injection http://www.sitepoint.com/article/sql-injection-attacks-safe
Rootexploit http://rootexploit.net/docs/dictionaries/
Session hijack http://staff.washington.edu/dittrich/talks/agora/script.html
Skopesix http://www.skopesix.com/
Webhack http://www.web-hack.ru/exploit/
lcamtuf http://lcamtuf.coredump.cx/p0f.shtml
Wordlist ftp://ftp.ox.ac.uk/pub/wordlists/

SECURITY TRAINING COMPANIES

Dave Aitel http://www.immunitysec.com/news-latest.shtml
Foundstone www.foundstone.com
Hacker Degree http://www.hackerdegree.com/?source=adwords

SHELL SCRIPTING AND PROGRAMMING

Bash shell http://www.tldp.org/LDP/abs/html/
Bash shell http://www.arachnoid.com/linux/shell_programming.html
Bash shell http://steve-parker.org/sh/loops.shtml
C basics http://www.haxworx.com/texts/c_documentation.html
C programming XOR-Encryption http://www.cprogramming.com/tutorial/xor.html
Buffer overflow http://www.shellcode.com.ar/docz/bof/mixter-smash.txt
XML http://64.26.23.218/gpage.html

Advisories from Independent Groups

8LGM Advisories http://www.alw.nih.gov/Security/8lgm.html
AUSCERT Advisories http://www.auscert.org.au/Information/advisories.html
Bugtraq Archives http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html
CIAC Bulletins http://ciac.llnl.gov/cgi-bin/index/bulletins/
DFN-CERT http://www.cert.dfn.de/eng/
(@) Stake Advisories http://www.atstake.com/research/advisories/
Rootshell http://www.rootshell.com/
Secure Networks, Inc. (SNI) Advisories http://www.secnet.com/advisories/
VulnWatch – Vulnerability Disclosure List http:/// http://www.vulnwatch.org/

Advisories from Vendors

Microsoft Security Advisor http://www.microsoft.com/security/
OpenBSD Security Views http://www.openbsd.org/security.html
Silicon Graphics Security Advisories http://www.sgi.com/Support/security/advisories.html

Specialized Topics

Java

Java Security http://swissnet.ai.mit.edu/~jbank/javapaper/javapaper.html
Java Security: From HotJava to Netscape and Beyond http://www.cs.princeton.edu/sip/pub/secure96.html
Low Level Security in Java http://java.sun.com/sfaq/verifier.html
Security in Java http://java.sun.com/whitePaper/java-whitepaper-8.html

Network

Home PC Firewall Guide for Internet Security http://www.FireWallGuide.Com
Internet Spoofing Reference http:// http://www.articsoft.com/web_spoofing.htm
Security in a Public World: A Survey http://www.stanford.edu/group/DCE/Gaurav/sec_doc.html
Things that Go Bump in the Net http://www.research.ibm.com/massdist/bump.html

PGP

PGP: a Nutshell Overview (PDF) http://www.jjgb.com/public_files/pgpnut.pdf
PGP User’s Guide Volume 1 (PDF) http://www.jjgb.com/public_files/pgpvol1.pdf
PGP User’s Guide Volume 2 (PDF) http://www.jjgb.com/public_files/pgpvol2.pdf

Kerberos

Kerberos: Authentication for computer networks http://nii.isi.edu/gost-group/products/kerberos/
Kerberos Information and Help by Lenny Miceli of SUNY at Buffalo http://ubvms.cc.buffalo.edu/~tkslen/kerberos.html
Kerberos: The Network Authentication Protocol http://web.mit.edu/kerberos/www/
Kerberos Reference Page l by Derrick Brashear of CMU http://www.cs.cmu.edu/afs/andrew.cmu.edu/usr/shadow/www/kerberos.htm
State of Macintosh Kerberos Authentication http://ccmc17.cc.ncsu.edu/sma/sma.html
Troubleshooting and Configuring Kerberos V5 Client Support in Cisco IOS
Router Configuration
http://www.cisco.com/warp/public/106/kerb_pt1.html

Unix

An Architectural Overview of Unix Network Security http://www.alw.nih.gov/Security/Docs/network-security.html
How to improve Security on SunOS 4.1.3 ftp://ftp.hawaii.edu/pub/security/doc/
Hardening Solaris. This article presents a concise step-by-step approach
to securely installing Solaris for use in a firewall DMZ. l
http://securityportal.com/direct.cgi?/coverstory19991025.htm
Improving the Security of Your Site by Breaking Into it http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html
Securing X Windows http://ciac.llnl.gov/ciac/documents/ciac2316.html

Windows NT

The Hardening of Microsoft Windows NT http://pw2.netcom.com/~honeyluv/HardNT40rev1.pdf
Windows NT Security Information http://www.microsoft.com/security/products/windowsnt.asp.htm
Understanding Virus Behavior in the Windows NT Environment http://www.symantec.com/avcenter/reference/vbnt.html
Windows NT Security l http://world.std.com/~jimf/papers/nt-security/nt-security.htm
Windows NT Security Issues http://www.somarsoft.com/security.htm
Netsurfer Focus http://www.netsurf.com/nsf/
Secure News http://www.isecure.com/newslet.htm
SecurityTracker.com http://securitytracker.com/

Steganography

Steganography http://www.thur.de/ulf/stegano/
Steganography by Neil F. Johnson http://http://www.jjtc.com/stegdoc

Viruses

Security (Computer Technology) http://www.einet.net/galaxy/Engineering-and-Technology/Computer-Technology/Security.html
Hideaway.Net – Anti-Virus Links http://www.hideaway.net/Anti-Virus/anti-virus.html
ICSA Labs Anti-Virus site http://www.icsalabs.com/html/communities/antivirus/index.shtml
Internet Hoaxes http://ciac.llnl.gov/ciac/CIACHoaxes.html
ITtoolbox Security http://security.ittoolbox.com/
Macintosh Virus Information http://wwwhost.ots.utexas.edu/mac/pub-mac-virus.html
Symantec Security Response http://www.sarc.com
Virus Bulletin http://www.virusbtn.com/

World Wide Web (WWW)

Netscape: On Security http://home.netscape.com/info/security-doc.html
The World Wide Web Consortium http://www.w3c.org/
Writing Secure CGI Scripts http://hoohoo.ncsa.uiuc.edu/cgi/security.html
WWW Security http://www-ns.rutgers.edu/www-security/index.html

Miscellaneous

ITtoolbox Security http://security.ittoolbox.com/
Security on the Net by Law Journal Extra! http://www.ljextra.com/securitynet
Hideaway.Net – Security Links http://www.hideaway.net/Server_Security/Library/library.html
securitypointer.com – Computer Security Privacy and Tools http://www.securitypointer.com
SecuritySearch.Net – The Internet security resource http://www.securitysearch.net/

Computer Security Organizations

American Society for Industrial Security http://www.securitymanagement.com/asismore.html
Canadian Society for Industrial Security http://www.csis-scsi.org
Communications Security Establishment http://www.cse.dnd.ca/
Computer Security Institute http://www.gocsi.com/
Electronic Frontier Foundation http://www.eff.org/
Forum of Incident Response and Security Teams (FIRST) http://www.first.org/
FIRST Member Security Teams http://www.first.org/team-info/www.html
High-Tech Crime Network http://www.htcn.org
Information Systems Security Association (ISSA) http://www.issa-intl.org
The Institute Of Information Security – INSTIS http://www.instis.com
International Association for Cryptologic Research http://www.swcp.com/~iacr/
ICSA Labs http://www.icsalabs.com/
Italian Computer Antivirus Research Organization http://www-iwi.unisg.ch/~sambucci/icaro/index.html
National Security Institute http://nsi.org/
SANS Institute http://www.sans.org/
The USENIX Association http://www.usenix.org/

USENET Computer Security NewsGroups

alt.disasters.planning news:alt.disasters.planning
alt.hackers news:alt.hackers
alt.security news:alt.security
alt.security.alarms y news:alt.security
alt.security.keydist news:alt.security.keydist
alt.security.pgp news:alt.security.pgp
alt.security.ripem news:alt.security.ripem
alt.security.tscm news:alt.security.tscm
comp.lang.java.security news:comp.lang.java.security
comp.os.ms-windows.nt.admin.security news:comp.os.ms-windows.nt.admin.security
comp.os.netware.security news:comp.os.netware.security
comp.protocols.kerberos news:comp.protocols.kerberos
comp.risks news:comp.risks
comp.security.announce news:comp.security.announce
comp.security.firewalls news:comp.security.firewalls
comp.security.gss-api news:comp.security.gss-api
comp.security.misc news:comp.security.misc
comp.security.pgp news:comp.security.pgp
comp.security.pgp.announce news:comp.security.pgp.announce
comp.security.pgp.discuss news:comp.security.pgp.discuss
comp.security.pgp.resources news:comp.security.pgp.resources
comp.security.pgp.tech news:comp.security.pgp.tech
comp.security.unix news:comp.security.unix
comp.virus news:comp.virus
info.firewalls-digest t news:info.firewalls-diges
misc.security news:misc.security
sci.crypt news:sci.crypt
sci.crypt.research news:sci.crypt.research

NEW

The Center for Education and Research in Information Assurance and
Security (CERIAS)
http://www.cs.purdue.edu/coast/coast.html
SNP Security New Portal http://www.securitynewsportal.com/index.shtml
Security Tracker http://www.securitytracker.com/
http://www.theregister.co.uk/
http://www.infosecnews.com/home/index.cfm
Secunia Graphical Advisories page http://secunia.com/
http://www.securityfocus.com/
http://www.zone-h.org/
http://www.viruslist.com/en/weblog
http://www.f-secure.com/weblog/
http://securitywizardry.com/radar.htm
http://www.internettrafficreport.com/main.htm
http://www.internetpulse.net/
http://www.us-cert.gov/current/current_activity.html
http://www.security-forums.com/
Public Cooperative Vulnerability Database https://cirdb.cerias.purdue.edu/coopvdb/public/pub_search.php
X-force DataBase (ISS) http://xforce.iss.net/xforce/search.php
http://www.auscert.org.au/
Hideaway.net http://www.hideaway.net/home/public_html/index.php
United States Computer Security Emergency Readiness Team. (DHS) http://www.us-cert.gov/current/current_activity.html
United States Computer Security Emergency Readiness Team. (DHS)
Resources Page
http://www.us-cert.gov/resources.html
United States Computer Security Emergency Readiness Team. (DHS)
Resources Page
http://www.us-cert.gov/federal/
Dartmouth College ISTS http://www.ists.dartmouth.edu/library.php
The Information Warfare Site (UK mailing list) http://www.iwar.org.uk/mailman/listinfo/infocon/
Attrition – / Defaced Commentary Mail List Archive http://www.attrition.org/security/commentary/
Safemode – inactive defacement archive http://www.safemode.org/
Zone-H – The Internet Thermometer – Defacement Archive and IT Security http://www.zone-h.org/en/defacements