S E C U R I T Y   R E S O U R C E S

Seminar Resources || Security Resources || Guy's List

A compiled list of security related sites to scare you out of your wits, and then hopefully help you find some peace of mind.  This is just here for all those that may feel that networks are not the safest of environments, and want to take the appropriate steps to increase your ability to avoid a break-in..

Organizations & Agencies

  • FIRST Teams (Forum of Incident Response and Security Teams)
  • Professional Organizations
  • U.S. Government
  • Others
  • Education in Computer Security
  • Major Research Centers
  • Other Education/Research Projects
  • Research Conferences [New!]
  • Publications
  • Journals, Newsletters and Mailing Lists [New!]
  • FAQs and Glossaries
  • Books & Book Info
  • Other Publications
  • Security Archives, Servers & Indicies
  • Comprehensive Sites
  • Tools
  • "Underground" Sites
  • Cryptography
  • PGP-related
  • Export Control & Politics
  • Other cryptography
  • Computer Viruses
  • Privacy Issues
  • Computing Ethics
  • Network Security [New!]
  • Firewalls [New!]
  • Security in WWW
  • Electronic Commerce [New!]
  • Other [New!]
  • Commercial Sites
  • Computer Vendors
  • Primarily Firewalls
  • Others
  • Law
  • Miscellaneous

    • Organizations & Agencies

    FIRST Teams (Forum of Incident Response and Security Teams)

  • FIRST Homepage
  • FIRST members' PGP keys (ASCII)
  • AUSCERT - Australian Computer Emergency Response Team
  • CERT Coordination Center (U.S.)
  • CIAC Web Site (U.S. Department of Energy)
  • DFN-CERT - German Federal Networks CERT, Germany
  • CERT-NL - SURFnet Response Team, Netherlands
  • DISA ASSIST
  • NASIRC - NASA Automated Systems Incident Response Capability, USA
  • NAVCIRT - Naval Computer Incident Response Team, USA
  • PCERT - Purdue University Computer Emergency Response Team, USA
  • SWITCH-CERT - Swiss Academic and Research Network CERT, Switzerland

    • Professional Organizations

  • ACM SIGSAC (SIG on Security, Audit, and Control)
  • Computing Professionals for Social Responsibility (CPSR)
  • HTCIA (High-Tech Crime Investigators Association) [New!]
  • HTCIA, Northern CA Chapter [New!]
  • IEEE-CS TC on Security and Privacy
  • IEEE SSITSociety for Social Implications of Technology Home Page [New!]
  • International Federation for Information Processing
  • International Association for Cryptologic Research
  • The Internet Society
  • ISSA Home Page
  • USENIX & SAGE
  • Usenix Security-related Events

    • U.S. Government

  • ARPA home page
  • Central Intelligence Agency Home Page
  • Computer Security Technology Center at Lawrence Livermore National Laboratory (DOE)
  • DoD Information Analysis Center (IAC) Hub Page
  • Defense Information Systems Agency (DISA)
  • The Department of the Treasury: Financial Crimes Enforcement Network [New!]
  • FBI computer crime information
  • National Computer System Security and Privacy Board
  • NIST Computer Systems Laboratory
  • NRL Center for High Assurance Computer Systems (Naval Research Lab)
  • National Security Agency
  • Office of Technology Assessment
  • Office of the U.S. Secretary of Defense (OSD)
  • US Navy SPAWAR

    • Others

  • NCSA (National Computer Security Association)
  • Software Publishers' Association
  • ASET Security group (Rockwell, NASA, others)
  • Communications Security Establishment (Canada's version of the NSA)
  • ITAA Home Page
  • Voters Telecommunications Watch (vtw@vtw.org)
  • EWOS/EG SEC [New!]
  • Computer Security Institute [New!]

    • Education in Computer Security

    Major Research Centers

  • Center for Secure Information Systems (CSIS) at George Mason University.
  • The Centre for the Study of Public Order at the University of Leicester (UK), MSc in Security Management and Information Technology.
  • COAST Project at Purdue University.
  • Computer Security Group at University of Cambridge (UK).
  • Computer Security Research at UC Davis.
  • Information Security Research Centre at Queensland University of Technology, Australia.
  • Institute for Computer & Telecommunications Systems Policy at George Washington University.
  • Computer Security Research Centre at the London School of Economics & Political Science (UK)
  • SECLAB The Laboratory for Computer Security and Security Informatics at University of Stockholm
  • SIRENE: SIcherheit in REchnerNEtzen (Security in Computer Networks) at the University of Hildesheim/IBM Zurich.
  • Sicherheit in der Kommunikationstechnik (German, University of Freiburg)
  • Centre for Computer Security Research at the University of Wollongong (Australia) [New!]

    • Other Education/Research Projects

  • Computer Security Research at the University of Idaho
  • Computer Security Research at Iowa State [New!]
  • The GOST Group at ISI/USC.
  • Information Security Institute (short courses)
  • Research in Cooperating Computer Systems at La Trobe University School of Computer Science and Computer Engineering [New!]
  • Cryptography & Security Research at PSU
  • Royal Holloway College (University of London) program in Information Security
  • Doug Tygar's security projects at CMU

    • Research Conferences

  • 1996 Symposium on Security and Privacy [New!]
  • IFIP 96 Working Conference on Database Security [New!]
  • Ninth IEEE Computer Security Foundations Workshop [New!]
  • Eleventh Annual Computer Security Applications Conference [New!]
  • 2nd ICE Workshop Summary (Draft Version 1.2) [New!]

    • Publications

    Journals, Newsletters and Mailing Lists

  • COAST Newsletter ("CoastWatch")
  • Bugtraq archives
  • Bugtraq list in hypermail
  • The PRIVACY Forum
  • Intrusion Detection Mailing List Archive
  • IEEE-CS TC on Security and Privacy Cipher newsletter
  • Computer Underground Digest WWW Site
  • NetWatchers Front Page [New!]
  • The RISKS Forum
  • Firewalls mailing list
  • 2600 Magazine
  • Phrack
  • Security mailing mix
  • Sneakers-Internet Wide Area "Tiger Teamers" mailing list.
  • Virtual Library Mailing List Archive (includes bugtraq and firewalls lists)
  • GrayAreas
  • Sources eJournal [New!]
  • Journal of Computer Security [New!]
  • Disaster Recovery Journal [New!]
  • Back issues of Computer and Communications Security Reviews [New!]
  • Infosecurity News - Introductory Home Page [New!]
  • Computers & Security [New!]
  • Computer Fraud & Security Bulletin [New!]
  • Computer Audit Update [New!]
  • Computer Law & Security Report [New!]
  • The Virus Bulletin [New!]

    • FAQs and Glossaries

  • PGP 2.6.2 FAQ, Buglist, Fixes, and Improvements
  • RSA's Frequently Asked Questions
  • FAQ: Computer Security Frequently Asked Questions (Usenet)
  • ISS FAQ collection
  • Security term glossary
  • Usenet security FAQs
  • Marcus Ranum's Internet Firewalls FAQ
  • The alt.2600/#hack FAQ Introduction
  • Frequently Asked Questions on VIRUS-L/comp.virus
  • The WWW Security FAQ

    • Books & Book Info

  • The Hacker Crackdown by Bruce Sterling
  • US site
  • another US site
  • German site
  • O'Reilly Security Book info
  • Computer Security Basics by Russell and Gangemi
  • Practical Unix Security by Garfinkel and Spafford [New!]
  • UNIX & Internet Security, 2nd Edition [New!]
  • PGP: Pretty Good Privacy by Garfinkel
  • Computer Crime: A Crimefighter's Handbook by Icove, Seger & VonStorch
  • Building Internet Firewalls by Chapman and Zwicky
  • PGP: Source Code and Internals by Phil Zimmermann
  • The Official PGP User's Guide by Phil Zimmermann
  • Building in Big Brother by Lance Hoffman
  • Cryptography Theory and Practice [New!]

    • Other Publications

  • U.S. Congress Office of Technology Assessment
  • Common Criteria Draft [New!]
  • National Standards System Network Prototype
  • Site Security Handbook (FYI #8)
  • GAO reports on computer security
  • The Info-Sec Super Journal
  • The Group Administration Shell and the GASH Network Computing Environment
  • "Internet Tools: If you can reach them, they can reach you"
  • Harvard's Information Security Handbook
  • Bibliography of Computer Security Incident Response Documents
  • NewsPage Hierarchy Level: Information Security
  • FIRST Archive of Security Papers
  • Rainbow Series & other InfoSec standards
  • IPng Specifications
  • Building Internet Servers
  • A_Structured_Approach_To_Computer_Security
  • AUSCERT Papers

    • Security Archives, Servers & Indicies

    Comprehensive Sites

    These sites may have documents, tools, standards, advisories, and pointers to other security collections.

  • COAST Archive (via WWW index)
  • COAST Archive (via ftp)
  • NIST Computer Security Resource Clearinghouse
  • NRL's High Assurance Computing Systems
  • Security Reference Index
  • EINet's Security Page
  • Comprehensive page at NIH
  • Hotlist by Bennet Yee [New!]
  • Directory at Yahoo
  • Security (Computer Technology) index at EInet
  • CIAC Web Site
  • NRL ADP Security
  • Security for Businesses on the Internet
  • U. Pennsylvania - Information Security and Privacy
  • Raptor Systems Security Library
  • Information Technology Security (ITS) Home Page [New!]
  • AuditNet
  • EFF Crypto/Privacy/Security Archive
  • Sirene Pointers
  • Idaho State's Security Library page
  • V-One Technical Publications
  • A general index at CNS (Luxembourg)
  • Szymon Sokol's security page
  • SIMS Security links page
  • Mary Ellen Zurko's list
  • Network/Computer Security Technology
  • Unix Net for Computer security in Law Enforcement (U.N.C.L.E.)
  • CNS - Network Security Pages
  • Phoenix Systems' Index
  • Sanda International's index
  • Collection at Management Analytics
  • Matrix Group (largely unreadable)
  • RFC Index
  • Linux Security WWW
  • FORMIS Workspace
  • Information Technology Assurance and Trustworthiness
  • Document Summary
  • Computer Security index @ Chalmers
  • Comprehensive index of Computer Security Issues [New!]
  • Pilot's Network Security Guide (CK)
  • funet.fi ftp archive
  • Computer Security Web Pages
  • rpwaterb's Computer Security links [New!]
  • Tiamat's lair (a different spin on this hotlist) [New!]
  • UNIX Security Topics [New!]
  • "Unix Guru Universe" hotlist [New!]

    • Tools

    These are pointers to collections of tools, or good archives where you can find security-related tools.

  • COAST Archive (via WWW index)
  • COAST Archive (via ftp)
  • Unix System Monitoring Tools
  • Doug's tools page
  • Internet Locations for Materials on the Disks for Applied Cryptography
  • Klaxon (a port monitoring tool)
  • Rscan Homepage
  • About AccessManager
  • Netpassword - changing passwords safely across the net
  • The Kerberos Network Authentication Service
  • The Sesame Distributed Authentication System
  • Security tools at Dartmouth (Matt Bishop)
  • System administration tools
  • funet.fi ftp archive
  • Wietse Venema's collection of tools and papers
  • Frank O'Dwyer's Homepage - Security Code [New!]
  • Ssh (Secure Shell) Home Page [New!]

    • "Underground" Sites

    These sites may or may not advertise themselves as "underground" sites. Last time we looked, you might be as likely to find tools or instructions about how to break into a system as protect it. These links are provided for information use only.

  • The Internet Underground (John Gott's list)
  • Spy.org
  • Aleph1's security page
  • Uebercracker's Security Web
  • A list of "underground" sites
  • Arny's unix / net / hack page
  • 8LGM group
  • L0pht Heavy Industries
  • The DEFCON site
  • Unauthorized Access Home Page (videotape)
  • HacKeR WorLD
  • Computer underground Digest WWW Site
  • CuD "Computer Underground E-Publications - Top Level" Archive
  • Middle Of Nowhere/Outlaws [New!]
  • The AOL Toys Page [New!]
  • Directory of /pub/hacker at Giga Internet Group [New!]
  • The Zionet Underground [New!]
  • SaTaN's Lair [New!]
  • Vexation's -_-UnDeRgRoUnD-_- [New!]
  • daddict's Computer Underground [New!]
  • Phil's: Phil's (Unix & Hacking) Texts [New!]

    • Cryptography

    PGP-related

  • Home page for www.pgp.net
  • Cryptography, PGP, and Your Privacy page [New!]
  • Getting PGP
  • PGPfone Home Page
  • PGP 2.6.2 FAQ, Buglist, Fixes, and Improvements
  • Finding someone's PGP key
  • ViaCrypt WWW Site
  • MCIP HomePage (PGP for Macs)
  • EFH Pretty Good Privacy Workshop
  • PGP Resources [New!]
  • NCSA httpd/Mosaic: Using PGP/PEM auth
  • MacPGP Control - MPGPC [New!]
  • MacPGP Accessories [New!]
  • Books on PGP
  • PGP: Pretty Good Privacy by Garfinkel
  • The Official PGP User's Guide by Phil Zimmermann
  • PGP: Source Code and Internals by Phil Zimmermann

    • Export Control & Politics

  • Cryptography Export Control Archives
  • EPIC's page on crypto policy in the US
  • CPSR Clipper Chip page
  • Information on the NIST Key Escrow Export meeting
  • Building in Big Brother by Lance Hoffman
  • The Applied Cryptography Case [New!]
  • COECouncil of Europe Recommendation No. R (95) 13 [New!]

    • Other cryptography

  • Cryptography: The Study of Encryption [New!]
  • Quadralay Cryptology Archive
  • Lawrie Brown's crypto bibliography
  • Cypherpunks's Homepage
  • RSA's Frequently Asked Questions
  • BIG crypto code archive @ University of Milan.
  • International Association of Cryptologic Research (IACR)
  • The Cryptography Project (Dorothy Denning @ Georgetown University)
  • The Betsi System @ Bellcore
  • Ross Anderson's homepage (some papers on crypto)
  • Ronald L. Rivest's Cryptography and Security page
  • CDT's Crypto Page
  • TEA, a Tiny Encryption Algorithm.
  • Steganography [New!]
  • Cryptography Theory and Practice [New!]
  • International Cryptographic Software Pages for Encryption, Decryption, Cryptanalysis, Steganography, and Related Methods [New!]

    • Computer Viruses

  • IBM Computer Virus Information Center
  • Chris Johnson's Gatekeeper Mac Anti-virus Tool
  • John Norstad'sDisinfectant Mac Anti-virus Tool
  • Safetynet, Inc.
  • Computer Viruses page by Lorna @ SigNet
  • Data Fellows WWW pages (F-PROT Professional)
  • IBM's Anti-Virus page
  • Dr. Solomon's Virus Info
  • Symantec Anti-Virus Reference Center
  • Alwil Software
  • Macintosh Virus info
  • Things that Go Bump in the Net
  • MS-DOS Anti-virus Tools
  • WinWord Nuclear virus
  • Virus-L/comp.virus FAQ [New!]
  • Information on the Word Prank Macro [New!]

    • Privacy Issues

  • The PRIVACY Forum
  • alt.privacy archive (Usenet)
  • An extensive set of references on privacy
  • Alan Wexelblat's paper Why is the NII Like a Prison?
  • Joel McNamara's page

    • Computing Ethics

  • Ethical and Professional Issues in Computing, Rensselaer Polytechnic Institute [New!]
  • NCSU Computer Ethics Page
  • Science Ethics Resources on the Net
  • LBL ELSI Home Page

    • Network Security

    Firewalls

  • Firewalls mailing list [New!]
  • Marcus Ranum's Firewall FAQ [New!]
  • Livermore Software Labs, Firewall tutorial [New!]

    • Security in WWW

  • Ches's security page
  • World Wide Web (in)Security
  • Security in Mosaic
  • Another page on secure WWW server setup
  • Trusted Information Systems's notes on secure WWW
  • Rutger's documents on WWW security
  • WWW-security info
  • HotJava: The Security Story
  • The Java Security FAQ
  • HotJava Security [New!]
  • NCSA httpd/Mosaic: Using PGP/PEM auth
  • HTTP Security group of W3C
  • Secure NCSA httpd Manual
  • Security in Netscape/SSL
  • The WWW Security FAQ
  • Netscape Security (problems) [New!]
  • Internet Holes: 50 Ways to Attack Your Web Systems [New!]
  • Browser Crasher [New!]

    • Internet Commerce

  •  
  • Basic Flaws in Internet Security and Commerce [New!]
  • Maintaining Privacy in Electronic Transactions [New!]
  • The NetBill Project [New!]
  • Open Market Security Watch [New!]

    • Other

  • Netsurfer Focus: Computer and Network Security [New!]
  • Network Security (Moderators: P. Lipp, R. Posch) [New!]
  • Win 95 Net Bugs [New!]

    • Commercial Sites

    Computer Vendors

    This is a collection of pointers to vendor-provided security patches.

  • Digital Equipment Corporation
  • Harris Trusted Systems Division
  • Hewlett Packard SupportLine Services
  • Directory of security patches for SGI
  • SunSolve Online Patch Access
  • Sun Microsystems Sponsor Page (SunSite)
  • Security Research at IBM Watson

    • Primarily Firewalls

  • List of Commercial Firewalls and Related FW Products (Cathy Fulmer's list)
  • Another list of Firewall Vendors
  • ANS HOME PAGE
  • BorderWare software by Border Network Technologies
  • CheckPoint Software Technologies (Firewall-1)
  • Cohesive Systems
  • Cisco Systems
  • Firewalls R Us
  • Global Technology Associates
  • KarlBridge/KarlBrouter [New!]
  • Livermore Software Labs
  • Milkyway Networks Corporation
  • NetLOCK(tm) from Hughes
  • Network Systems Corporation
  • Network Translation
  • PORTUS
  • Raptor Systems
  • Secure Computing Corporation (Sidewinder)
  • SecurIt Firewall
  • Sun's SunScreen SPF-100
  • TIS Gauntlet

    • Others

  • /sys/admin, inc.: Home Page [New!]
  • AXENT Technologies Home Page
  • Atlantic Systems Group Mosaic Index
  • Bellcore Security Products
  • CERBERUS Information Security Consulting Inc.
  • Citadel Computer Systems, Inc. [New!]
  • Computer Systems Consulting
  • COST Computer Security Technologies (Sweden)
  • CRAK Software
  • Cylink Corporation
  • Data Discovery Computer Data Examination [New!]
  • DynaSoft Sweden
  • e.g. Software, Inc. [New!]
  • Elementrix Technologies [New!]
  • En Garde Systems [New!]
  • Enterprise Integration Technologies S-HTTP
  • FSA Corporation
  • Great Circle Associates Home Page
  • Information Warehouse! Inc. Corporate Page
  • Ingress Communications
  • Internet Security Corporation [New!]
  • Internet Security Systems, Inc.
  • IST (InfoStructure Services & Technology)
  • Intrusion Detection Inc. Home Page [New!]
  • Los Altos technologies
  • Management Analytics
  • Mergent
  • Minatronics Corporation
  • NEC Socks Web Archive [New!]
  • PRC Corp
  • Rocksoft (Veracity)
  • RSA, Inc.
  • SAIC
  • Security Dynamics [New!]
  • SecureWare
  • Somar Software
  • SOS Corporation
  • SRI
  • SRI CSL
  • Sun's Internet Commerce Group Home Page
  • Welcome to Telequip
  • Welcome to Templar Net
  • Terisa Systems
  • Trusted Information Systems
  • ViaCrypt WWW Site

    • Law

  • Law resources [New!]
  • Morris, Manning & Martin homepage
  • Porn and regulation of the Internet
  • Comprehensive Law Page at Cornell
  • Computer Crime: A Crimefighter's Handbook by Icove, Seger & VonStorch
  • Intellectual Property and the National Information Infrastructure
  • Law Enforcement Related Links [New!]
  • Cop Net & Police Resource List [New!]
  • HTCIA, Northern CA Chapter [New!]
  • HTCIA Main [New!]
  • Cecil Greek's Criminal Justice Page [New!]
  • Kevin Manson's Cybercop.org [New!]
  • Crime Links [New!]

    • Miscellaneous

  • Ches's security page
  • Cliff Stoll's Performance Art Theater and Networking Security Revue
  • Info on IPng
  • X Windows Security
  • Why send email when you can Fakemail?
  • Routing Arbiter Project
  • DigiCash - ecash home page
  • Massively Distributed Systems [New!]
  • MS-DOS System Security Tools
  • Covert Services Investigation Agency
  • Project on Intelligence Reform
  • IntelWeb - The WWW Site of Intelligence Watch Report (IWR)
  • PASSWORD Project (OSI security)

    • Special thanks to Gene Spafford and Mary Ellen Zurko for compiling this information.

    Seminar Resources || Security Resources || Guy's List