REFERENCES

  
CERT http://www.cert.org/nav/index.html
CERT Advisories http://www.cert.org/advisories/
CERT Incident Notes http://www.cert.org/incident_notes/
CERT Summaries http://www.cert.org/summaries/
CERT Current Activity http://www.cert.org/current/current_activity.html
DoD CERT http://www.cert.mil
Computer Weekly http://www.computerweekly.com
DeepSight Threat Management System https://tms.symantec.com
DHS Daily Report Archives http://www.nipc.gov/dailyreports/dailyindex.htm
Federal Computer Incident Response Center (FedCIRC) http://www.fedcirc.gov/
iDefense http://www.idefense.com/
Infosyssec http://www.infosyssec.com/
SANS http://www.sans.org
NIST Computer Security Resource Center (SCRC) http://csrc.nist.gov/
NIST Vulnerability and Threat Portal http://icat.nist.gov/vt_portal.cfm
NIST Security Bulletins http://csrc.nist.gov/publications/nistbul/
Navy Information Security Techical Assistance Center (ITAC) https://infosec.navy.mil
Navy Information Assurance https://infosec.navy.mil/ps/?t=main/main.tag&bc=main/bc_main.html
Navy NAVCIRT Advisories Database (IAVAs) https://infosec.navy.mil/Advisory/advi?
IATAC http://iac.dtic.mil/iatac/
IATAC Digest http://iac.dtic.mil/iatac/products/ia_digest.htm
Hacker Intel http://www.hackerintel.com/
CERT Tech Tips on Improving Security   http://www.cert.org/tech_tips/
CIAC Documents http://ciac.llnl.gov/cgi-bin/index/documents  http://ciac.llnl.gov/cgi-bin/index/documents
The Cryptography Project   http://www.cosc.georgetown.edu/~denning/crypto
FIRST Security Papers   http://www.alw.nih.gov/Security/first-papers.html
Hideaway.Net - Security Texts   http://www.hideaway.net/Server_Security/Library/library.html
Information Warehouse! Technical Publications   http://iwi.com/iw-pubs.htm
Miscellaneous Security Papers (ftp)   ftp://jhunix.hcf.jhu.edu/pub/miscellaneous_security_papers
Model Security Policies (SANS Institute Resources)   http://www.sans.org/newlook/resources/policies/policies.htm
Rainbow Series Books   http://csrc.nist.gov/secpubs/rainbow/
Raptor Systems Security Library   http://www.raptor.com/lib/index.html
NSA Security Configuration Guides http://www.nsa.gov/snac/
   

General Topics

  
Security Glossary of Terms   http://www.setsolutions.com/security.htm
Glossary of Terms Used in Security and Intrusion Detection   http://www.sans.org/resources/glossary.php
An Introduction to Computer Security , NIST Special Publication 800-12  http://csrc.nist.gov/publications/nistpubs/index.html
IT Baseline Protection Manual from BSI  http://www.bsi.bund.de/gshb/english/menue.htm
How To Eliminate The Ten Most Critical Internet Security Threats - SANS  http://www.sans.org/top20/top10.php
   
   

DATABASES

  
NIST - ICAT Vulnerability Database http://icat.nist.gov/icat.cfm
NIST - ICAT Vulnerability Database - Top Ten Vulnerabilities http://icat.nist.gov/icat.cfm?function=topten
NIST Computer Security Resource Center (SCRC) - Virus Information http://csrc.nist.gov/virus/
Computer Vulnerabilities and Exposure (CVE) http://cve.mitre.org/about/
CVE Index and Search http://cve.mitre.org/cve/index.html
CVE Concordance http://www.iss.net/security_center/advice/Concordance/default.htm
Full-Disclosure Archives http://lists.netsys.com/pipermail/full-disclosure/
Virus Bulletin http://www.virusbtn.com/resources/
eEye Digital Security http://www.eeye.com/html/Research/Advisories/index.html
zone-h http://www.zone-h.org/en/defacements/special
ICAT Metabase http://icat.nist.gov
Open Source Vulnerability Database http://www.osvdb.org
   

ACTIVITY MONITORING and REPORTS
Symantec Threat Monitoring System https://tms.symantec.com
Internet Storm Center http://isc.incidents.org
Internet Storm Center - Top 10 http://isc.incidents.org/top10.html
my NetWatchman -  Top Ports http://www.mynetwatchman.com/tp.asp
my NetWatchman - Top Port Increase http://www.mynetwatchman.com/tpincr.asp
Dshield - General Lookup http://www.dshield.org/reports.php
Dshield - Top 10 Most Wanted IP http://www.infosyssec.com/cgi-bin/flink.cgi?target=www.infosyssec.com/infosyssec/bor1.htm
Dshield - Top 10 Target Ports http://www.infosyssec.com/cgi-bin/flink.cgi?target=www.infosyssec.com/infosyssec/bor2.htm
   

IP ADDRESS LOOKUP

  
INTERNET REGISTRIES  
American Registry for Internet Numbers (ARIN) http://www.arin.net
Asia Pacific Network Information Centre http://www.apnic.net
Réseaux IP Européens (RIPE) http://www.ripe.net
Latin America and Caribbean Internet Registration (LACNIC) http://lacnic.net/cgi-bin/lacnic/whois?lg=EN
APJII - Indonesia  
CNNIC - China  
JPNIC - Japan http://whois.nic.ad.jp/cgi-bin/whois_gw
KRNIC - Korea http://www.nic.or.kr/www/english/
TWNIC http://www.twnic.net/index2.php
VNNIC - Vietnam  
Military networks http://www.nic.mil
Symantec TMS https://tms.symantec.com
Dshield - General Lookup http://www.dshield.org/reports.php
   

TOOLS

  
Network Calculator http://www.telusplanet.net/public/sparkman/netcalc.htm
Visual Route http://visualroute.visualware.com
Open Vulnerability Assessment Language http://oval.mitre.org/
SPEW.org http://spews.org
GeekTools http://www.geektools.com/tools.php
Karen's Power Tools http://www.karenware.com/powertools.asp
Mozilla Firefox 0.8 http://www.mozilla.org
New Work and Security Tools http://thc.org
String encoder and decoder http://umbrella.name/codenow.htm
Canvas http://www.immunitysec.com/downloads.shtml
Datarescue http://www.datarescue.com/idabase/index.htm
Ascii , dex , oct reference  http://www.asciitable.com/
Solidshell http://solidshell.net/#
Fosh http://www.fosh.com.au/Fosh/Support/hextoascii.htm
Spychecker http://www.spychecker.com/
Hfnetchk http://hfnetchk.shavlik.com/default.asp
netcraft http://news.netcraft.com/
Proxypot http://www.proxypot.org/
multiproxy www.multiproxy.org
webferret www.webferret.com
   

BACKGROUND / REFERENCES
Internet Security Systems http://www.iss.net/security_center/advice
DeepSight Alert Services https://alerts.symantec.com
Trojan List with Sorting Options http://www.simovits.com/trojans/trojans.html
Trojan List v, Ports http://www.jlathamsite.com/dslr/suspectports.htm
DosHelp.com Intrusion and Attack Reporting Center http://www.doshelp.com/trojanports.htm
ONCTek - Trojan / Backdoor and TCP/UDP ports http://www.onctek.com/trojanports.html
Linux Firewall Tools - Commonly Probed Ports http://www.linux-firewall-tools.com/linux/ports.html
Commodon Communications http://www.commodon.com/threat/frame.htm
InfoSysSec http://www.infosyssec.org/
Commodon Communications-Current List of Trojans http://www.commodon.com/threat/threat-all.htm
Internet Ports, Services and Trojans http://andrew.triumf.ca/ports/other.html
X-Force Research http://xforce.iss.net/
X-Force Research - Alerts and Advisories http://xforce.iss.net/xforce/alerts
Port Knowledgebase http://www.iss.net/security_center/advice/Exploits/Ports/
IANA Port Assignments http://www.iana.org/assignments/port-numbers
astalavista http://www.astalavista.com
Blackcode http://www.blackcode.com
Church of the Swimming Elephant http://www.cotse.com
CyHackPortal http://www.cyhackportal.com
DShield http://dshield.org
E-Week http://www.eweek.com/
fatelabs http://www.fatelabs.com
Hack in the Box http://www.hackinthebox.com
HACK R. COM http://www.hack3r.com
Hackersplayground http://www.hackersplayground.org
Hackerthreads.org Security Forum http://www.hackerthreads.org
Insecure.Org http://www.insecure.org
Lame Industries http://www.lameindustries.org
Linux Security.com http://www.linuxsecurity.com
my NetWatchman http://www.mynetwatchman.com
New Order http://neworder.box.sk
Packet Storm http://www.packetstormsecurity.com
ProgenicDotCom http://www.progenic.com
Root Hack http://www.roothack.org
SecurityFocus http://www.securityfocus.com
The Hacktivist http://www.thehacktivist.com/index.php
the Honeynet Project http://www.honeynet.org
Zone-h http;//www.zone-h.org
GoDaddy http://www.godaddy.com
Security News Portal http://securitynewsportal.com/index.html
Ziff Davis http://www.zdnet.com
The Register http://www.theregister.co.uk/content/1/index.html
Internet Assigned Numbers Authority http://www.iana.org/
mlsecurity http://www.mlsecurity.com/research/
Bsdhound http://bsdhound.com/link.php
Security horizon http://www.securityhorizon.com/security_whitepapers/
Cisco aironet moding http://www.mrx.com.au/wireless/AironetModifications.htm
Cyruxnet http://www.cyruxnet.org/news.htm
Deamonnews  http://www.daemonnews.org/200108/security-howto.html
I-eye http://www.i-eye.de/dokumentation/index.php
bugtraq.underattack http://bugtraq.underattack.co.kr/xploit.php3?line_1=0&line_2=10
Freebsd security http://www.watson.org/fbsd-hardening/
hack canada http://www.hackcanada.com/
rootkit http://rootkit.host.sk/
Government security http://www.governmentsecurity.org/
markusjansson http://www.markusjansson.net/exp.html
HSC http://www.hsc.fr/ressources/outils/idswakeup/index.html.en#copieecran
haxworx http://www.haxworx.com/index.php
securiteam http://www.securiteam.com/
hernanracciatti http://www.hernanracciatti.com.ar/papers_and_download.html
Shellcode http://www.shellcode.com.ar/
Security.ku.edu http://security.ku.edu/hardening/freebsd.shtml
Securitytrap http://www.securitytrap.com/
Sysinternals http://www.sysinternals.com/
Cartel-Securite http://www.cartel-securite.fr/pbiondi/projects/shellforge.html
Networkintrustion http://www.networkintrusion.co.uk/fortools.htm
Community core sdi  http://community.core-sdi.com/~juliano/bufo.html
Security Corporation http://www.security-corporation.com/
Underground Mac http://undergroundmac.com/
theory X http://www.theory-x.org/
windows security http://www.windowsecurity.com/
critical security  http://www.criticalsecurity.com/
firewall http://www.firewall.cx/
blackhate info http://www.blackhat.info/live/
hacker news http://www.hackers-news.com/
elcomsoft http://www.elcomsoft.com/prs.html
Xatrix http://www.xatrix.org/
Security Forums http://www.security-forums.com/
Hack in the Box http://www.hackinthebox.org
Camelot Newsletters and Library  http://www.camelot.com/newsletter.asp?PageID=69
Cipher Newsletter  http://www.itd.nrl.navy.mil/ITD/5540/ieee/cipher/
Computer Incident Advisory Capability (CIAC) Notes  http://ciac.llnl.gov/cgi-bin/cnotes
Computer Security News Daily  http://www.MountainWave.com
Internet Security Newsletter   http://www.securecomputing.com/U_New_ISN.html
Internet Security Review  http://www.isr.net/index1.html
Hacker  Quarterly http://www.2600.com
   

USEFUL PRODUCTS
Technorati online forum search engine http://www.technorati.com
Dogpile Search Engine http://www.dogpile.com
Google Search Engine http://www.google.coom
Babelfish Machine Translation http://babelfish.altavista.com
All nettools http://www.all-nettools.com/tools4.htm
Proxify  https://proxify.com/
CGIProxy 2.0.1 http://www.jmarshall.com/tools/cgiproxy/
eventlongscan http://www.eventlogscan.com/
Eunet http://home.eunet.no/~pnordahl/ntpasswd/bootdisk.html
Free Translation.com http://Freetranslation.com
   

Security Software
   
Public Domain Security Software by Category  
Authentication and Encryption Software   http://www.alw.nih.gov/Security/prog-auth.html
Firewall Software /Security/prog-firewall.html  http://www.alw.nih.gov/Security/prog-firewall.html
Network and Network Monitoring Software   http://www.alw.nih.gov/Security/prog-network.html
System Enhancements Software /  http://www.alw.nih.govSecurity/prog-enhance.html
System Monitoring Software / http://www.alw.nih.govSecurity/prog-monitor.html
   
Public Domain Security Software  
Abacus Sentry  http://www.psionic.com/abacus/abacus_sentry.html
AIDE  http://www.cs.tut.fi/~rammer/aide.html
Anonftpd  ftp://koobera.math.uic.edu/pub/software
Additional Info: anonftd  ftp://koobera.math.uic.edu/www/anonftpd.html
Argus  ftp.andrew.cmu.edu/pub/argus
Arpwatch  ftp://ftp.ee.lbl.gov/
COPS (Computer Oracle and Password System)  ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/cops
Courtney  ftp://ciac.llnl.gov/pub/ciac/sectools/unix
  http://www.alw.nih.gov/Security/CIAC-Notes/CIAC-Notes-08.html
Crack lib  ftp://ftp.cerias.purdue.edu/pub/tools/unix/libs/cracklib/
Deslogin  ftp://ftp.uu.net/pub/security/des/
Dig  ftp://venera.isi.edu/pub/
Drawbridge  ftp://net.tamu.edu/pub/security/TAMU/
Fcheck  http://sites.netscape.net/fcheck
Fping  ftp://ftp.stanford.edu/pub/packages/fping/
Icmpinfo  ftp://hplyot.obspm.fr/net/
Additional Info: icmpinfo man page  http://hplyot.obspm.fr/~dl/icmpinfo.html
Iss  ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/iss/
Additional Info: CERT Advisory 93:14.Internet.Security.Scanner  http://www.cert.org/advisories/CA-1993-14.html
IPACL  ftp://ftp.porcupine.org/pub/security/
Jetmon  http://jetmon.uoregon.edu/
Kerberos  http://web.mit.edu/network/kerberos-form.html
Additional Info: Kerberos: The Network Authentication Protocol  http://web.mit.edu/kerberos/www/
Klaxon  ftp://ftp.eng.auburn.edu/pub/doug/
L6  ftp://ftp.pgci.ca/pub/l6
Additional Info: L6 http://www.pgci.ca/l6.html
Lcrzo  http://www.laurentconstantin.com/us/lcrzo/lcrzo/
Lcrzoex  http://www.laurentconstantin.com/us/lcrzo/lcrzoex/
Logdaemon  ftp.porcupine.orgftp://ftp.porcupine.org/pub/security/
Additional Info: Wietse's tools and papers  ftp://ftp.porcupine.org/pub/security/index.html
Logsurfer  ftp.cert.dfn.deftp://ftp.cert.dfn.de/pub/tools/audit/logsurfer/
Additional Info: Lo gsurfer Homepage  http://www.cert.dfn.de/eng/team/wl/logsurf/
Lsof  ftp://vic.cc.purdue.edu/pub/tools/unix/lsof
Mangle  ftp://ftp.informatik.uni-erlangen.de/pub/utilities/pwtest/
Additional Info: Readme file for Mangle ftp://ftp.informatik.uni-erlangen.de/pub/utilities/pwtest/README.mangle
Mason  http://www.pobox.com/~wstearns/mason/
Merlin  ftp://ciac.llnl.gov/pub/ciac/sectools/unix/merlin/merlin.tar.gz
Additional Info: Merlin Information  http://ciac.llnl.gov/ciac/ToolsMerlin.html
MD5  ftp://rsa.com/pub/
Additional Info: RFC 1544  http://www.rsa.com
MIME Object Security Services (MOSS)  ftp://ftp.tis.com/pub/MOSS
Additional Info: MOSS FAQ ftp://ftp.tis.com/pub/MOSS/FAQ
The Nessus Project  http://www.nessus.org/
Netlog  ftp://net.tamu.edu/pub/security/TAMU/
Network Security Scanner (NSS)  ftp://jhunix.hcf.jhu.edu/pub/nss/
NFSWatch  ftp://ftp.cerias.purdue.edu/pub/tools/unix/nfswatch/
Nmap  http://www.insecure.org/nmap/index.html
Nnap for NT Download  http://www.eeye.com/html/Databases/Software/nmapnt.html
Npasswd  ftp://ftp.cc.utexas.edu/pub/npasswd/
Additional Info: Information about npasswd  http://uts.cc.utexas.edu/~clyde/npasswd.html
OPIE  ftp://ftp.nrl.navy.mil/pub/security/opie/
Osh  ftp://ftp.c3.lanl.gov/pub/mcn/
Additional Info: The Operator Shell  http://www.c3.lanl.gov/~mcn/osh.html
Passwd+  ftp://ftp.dartmouth.edu/pub/security/
PGP  ftp://www.eff.org/pub/Net_info/Tools/Crypto
Additional Info: Cryptography, PGP, and Your Privacy  http://world.std.com/~franl/crypto.html
Pidentd  ftp://ftp.lysator.liu.se/pub/ident/servers
PingLogger  http://www.students.uiuc.edu/~jwthomp/code
Portmapper  ftp.porcupine.orgftp://ftp.porcupine.org/pub/security/
RIPEM  ftp://ripem.msu.edu/pub/crypt/GETTING_ACCESS
Additional Info: Information about RIPEM  http://www.cs.indiana.edu/ripem/dir.html
Rpcbind  ftp://ftp.porcupine.org/pub/security/
Rscan  ftp://ftp.vis.colostate.edu/pub/rscan/
Additional Info: Rscan: Heterogeneous Network Interrogation  http://www.vis.colostate.edu/rscan
SAINT  ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/saint/
SARA  http://www-arc.com/sara/
SATAN  ftp://ftp.cerias.purdue.edu/pub/\tools/unix/scanners/satan/
Additional Info: Cert Advisory CA-95:06.satan  http://www.cert.org/advisories/CA-1995-06.html
Scan-Detector  ftp://ftp.cerias.purdue.edu/pub/tools/unix/logutils/scan-detector/
Additional Info: COAST Projects' Tools  http://www.cs.purdue.edu/coast/coast-tools.html
Sendmail  ftp://ftp.cs.berkeley.edu/ucb/sendmail
Sendmail Wrapper  ftp://ftp.auscert.org.au/pub/auscert/tools
SENSS  http://www.sun.com/software/communitysource/senss
Shadow  ftp://ftp.cs.widener.edu/pub/src/adm
Simple Socksd  http://www.leverage.com/users/tlod/ssockd.html
Additional Info: Simple SOCKS Daemon  http://waynesworld.ucsd.edu/~tlod/ssockd/ssockd.html
SKey  ftp://ftp.cerias.purdue.edu/pub/tools/unix/netutils/skey/
Simple Key-Management For Internet Protocols (SKIP)  http://skip.incog.com/form.html
Additional Info: SKIP Information http://skip.incog.com/
Siphon  http://www.subterrain.net/projects/siphon/
Smrsh  ftp://ftp.nec.com/pub/security/smrsh
Snort http://www.snort.org
Socks  ftp://ftp.nec.com/pub/security
Additional Info: Welcome to SOCKS   http://www.socks.nec.com/
SSH  ftp://ftp.cs.hut.fi/pub/ssh
Additional Info: Ssh (Secure Shell) Home Page  http://www.cs.hut.fi/ssh
STEL  ftp://idea.sec.dsi.unimi.it/cert-it/
Strobe  ftp://suburbia.apana.org.au/pub/
Sudo  ftp://ftp.cs.colorado.edu/pub/sysadmin/utilities
Additional Info: Sudo - a utility to allow restricted root access   http://www.cs.colorado.edu/~millert/sudo/
Swatch  ftp://ftp.stanford.edu/general/security-tools/swatch
Syn  ftp://ftp.pgci.ca/pub/syn/
Additional Info: Syn   http://www.pgci.ca/syn.html
TCP Wrapper  ftp://ftp.porcupine.org/pub/security/
Additional Info: TCP Wrapper   ftp://ftp.porcupine.org/pub/security/tcp_wrapper.txt.Z
Tcpdump  ftp://ftp.ee.lbl.gov/
Tcpr  ftp://ftp.alantec.com/pub/tcpr/
Tiger  ftp://net.tamu.edu/pub/security/TAMU/
Traceroute  ftp://ftp.psc.edu/pub/net_tools/
   
Tripwire  ftp://ftp.cerias.purdue.edu
Additional Info: Tripwire   ftp://ftp.cerias.purdue.edu/pub/tools/unix/ids/tripwire/
TTY-Watcher  ftp.cerias.purdue.edu
Wu-ftpd  wuarchive.wustl.edu
Xinetd  qiclab.scn.rain.com
Xp-BETA  ftp.mri.co.jp
YPX  ftp.uu.net
   

SUBSCRIPTION SERVICES
IATAC NEWS LETTER http://iac.dtic.mil/iatac
Microsoft Windows Security Bulletin http://www.microsoft.com/technet/security/bulletin/notify.mspx
Sophos Alert System Tosubscribetothelist,sendanemailto

notification-subscribe@lists.sophos.com

orvisithttp://www.sophos.com/virusinfo/notifications/
Full-Disclosure digest http://lists.netsys.com/mailman/listinfo/full-disclosure
morning wood http://exploitlabs.com/menu.html
   
   

FOCUS ON BROWSER SECURITY
People   
Liu Die Yu http://www.safecenter.net/UMBRELLAWEBV4/DirSvc/index.html
Jelmer http://62.131.86.111/
Georgi Guninski http://www.guninski.com/
http-eqiv http://www.malware.com/
   

PENETRATION TESTING
Hammer of the gods http://ettercap
Netbios attacks using samba  http://www.sorgonet.com/security/windows-shared-resources/
Netbios attacks using samba  http://www.hackinthebox.org/print.php?sid=5719
Secfr http://secfr.nerim.net/docs/fingerprint/en/ttl_default.html
Enumeration http://home.ubalt.edu/abento/753/enumeration/enumerationtools.html
Ettercap http://ettercap.sourceforge.net/
Excoll http://ers.pp.ru/excoll/
Rosiello http://www.rosiello.org/en/index.html
Sql injection http://www.sitepoint.com/article/sql-injection-attacks-safe
Rootexploit http://rootexploit.net/docs/dictionaries/
Session hijack http://staff.washington.edu/dittrich/talks/agora/script.html
Skopesix http://www.skopesix.com/
Webhack http://www.web-hack.ru/exploit/
lcamtuf http://lcamtuf.coredump.cx/p0f.shtml
Wordlist ftp://ftp.ox.ac.uk/pub/wordlists/
   

SECURITY TRAINING COMPANIES
Dave Aitel http://www.immunitysec.com/news-latest.shtml
Foundstone www.foundstone.com
Hacker Degree http://www.hackerdegree.com/?source=adwords
   

SHELL SCRIPTING AND PROGRAMMING
Bash shell  http://www.tldp.org/LDP/abs/html/
Bash shell  http://www.arachnoid.com/linux/shell_programming.html
Bash shell  http://steve-parker.org/sh/loops.shtml
C basics http://www.haxworx.com/texts/c_documentation.html
C programming XOR-Encryption http://www.cprogramming.com/tutorial/xor.html
Buffer overflow  http://www.shellcode.com.ar/docz/bof/mixter-smash.txt
XML  http://64.26.23.218/gpage.html
   
   

Advisories from Independent Groups
   
8LGM Advisories http://www.alw.nih.gov/Security/8lgm.html
AUSCERT Advisories http://www.auscert.org.au/Information/advisories.html
Bugtraq Archives  http://www.eecs.nwu.edu/~jmyers/bugtraq/index.html
CIAC Bulletins http://ciac.llnl.gov/cgi-bin/index/bulletins/
DFN-CERT http://www.cert.dfn.de/eng/
(@) Stake Advisories http://www.atstake.com/research/advisories/
Rootshell http://www.rootshell.com/
Secure Networks, Inc. (SNI) Advisories  http://www.secnet.com/advisories/
VulnWatch - Vulnerability Disclosure List http:///  http://www.vulnwatch.org/
   

Advisories from Vendors
   
Microsoft Security Advisor   http://www.microsoft.com/security/
OpenBSD Security Views  http://www.openbsd.org/security.html
Silicon Graphics Security Advisories   http://www.sgi.com/Support/security/advisories.html
   
   

Specialized Topics
   

Java

  
Java Security   http://swissnet.ai.mit.edu/~jbank/javapaper/javapaper.html
Java Security: From HotJava to Netscape and Beyond   http://www.cs.princeton.edu/sip/pub/secure96.html
Low Level Security in Java   http://java.sun.com/sfaq/verifier.html
Security in Java   http://java.sun.com/whitePaper/java-whitepaper-8.html
   

Network 

  
Home PC Firewall Guide for Internet Security   http://www.FireWallGuide.Com
Internet Spoofing Reference http:// http://www.articsoft.com/web_spoofing.htm
Security in a Public World: A Survey   http://www.stanford.edu/group/DCE/Gaurav/sec_doc.html
Things that Go Bump in the Net http://www.research.ibm.com/massdist/bump.html
   

PGP 

  
PGP: a Nutshell Overview  (PDF)  http://www.jjgb.com/public_files/pgpnut.pdf
PGP User's Guide Volume 1  (PDF)  http://www.jjgb.com/public_files/pgpvol1.pdf
PGP User's Guide Volume 2  (PDF)  http://www.jjgb.com/public_files/pgpvol2.pdf
   

Kerberos 

  
Kerberos: Authentication for computer networks  http://nii.isi.edu/gost-group/products/kerberos/
Kerberos Information and Help by Lenny Miceli of SUNY at Buffalo  http://ubvms.cc.buffalo.edu/~tkslen/kerberos.html
Kerberos: The Network Authentication Protocol   http://web.mit.edu/kerberos/www/
Kerberos Reference Page l by Derrick Brashear of CMU  http://www.cs.cmu.edu/afs/andrew.cmu.edu/usr/shadow/www/kerberos.htm
State of Macintosh Kerberos Authentication   http://ccmc17.cc.ncsu.edu/sma/sma.html
Troubleshooting and Configuring Kerberos V5 Client Support  in Cisco IOS Router Configuration  http://www.cisco.com/warp/public/106/kerb_pt1.html
   

Unix 

  
An Architectural Overview of Unix Network Security http://www.alw.nih.gov/Security/Docs/network-security.html
How to improve Security on SunOS 4.1.3 ftp://ftp.hawaii.edu/pub/security/doc/
Hardening Solaris. This article presents a concise step-by-step approach to securely installing Solaris for use in a firewall DMZ. l  http://securityportal.com/direct.cgi?/coverstory19991025.htm
Improving the Security of Your Site by Breaking Into it   http://www.alw.nih.gov/Security/Docs/admin-guide-to-cracking.101.html
Securing X Windows   http://ciac.llnl.gov/ciac/documents/ciac2316.html
   

Windows NT 

  
The Hardening of Microsoft Windows NT   http://pw2.netcom.com/~honeyluv/HardNT40rev1.pdf
Windows NT Security Information   http://www.microsoft.com/security/products/windowsnt.asp.htm
Understanding Virus Behavior in the Windows NT Environment   http://www.symantec.com/avcenter/reference/vbnt.html
Windows NT Security l  http://world.std.com/~jimf/papers/nt-security/nt-security.htm
Windows NT Security Issues   http://www.somarsoft.com/security.htm
   
Netsurfer Focus  http://www.netsurf.com/nsf/
Secure News  http://www.isecure.com/newslet.htm
SecurityTracker.com   http://securitytracker.com/
   

Steganography 

  
Steganography   http://www.thur.de/ulf/stegano/
Steganography by Neil F. Johnson  http://http://www.jjtc.com/stegdoc
   

Viruses

  
Security (Computer Technology)  http://www.einet.net/galaxy/Engineering-and-Technology/Computer-Technology/Security.html
Hideaway.Net - Anti-Virus Links http://www.hideaway.net/Anti-Virus/anti-virus.html   
ICSA Labs Anti-Virus site   http://www.icsalabs.com/html/communities/antivirus/index.shtml
Internet Hoaxes   http://ciac.llnl.gov/ciac/CIACHoaxes.html
ITtoolbox Security   http://security.ittoolbox.com/
Macintosh Virus Information   http://wwwhost.ots.utexas.edu/mac/pub-mac-virus.html
Symantec Security Response   http://www.sarc.com
Virus Bulletin   http://www.virusbtn.com/
   

World Wide Web (WWW)
Netscape: On Security  http://home.netscape.com/info/security-doc.html
The World Wide Web Consortium http://www.w3c.org/
Writing Secure CGI Scripts   http://hoohoo.ncsa.uiuc.edu/cgi/security.html
WWW Security   http://www-ns.rutgers.edu/www-security/index.html
   

Miscellaneous 

  
ITtoolbox Security  http://security.ittoolbox.com/
Security on the Net  by Law Journal Extra!  http://www.ljextra.com/securitynet
Hideaway.Net - Security Links http://www.hideaway.net/Server_Security/Library/library.html
securitypointer.com - Computer Security Privacy and Tools http://www.securitypointer.com   
SecuritySearch.Net - The Internet security resource   http://www.securitysearch.net/
   
   

Computer Security Organizations
   
American Society for Industrial Security   http://www.securitymanagement.com/asismore.html
Canadian Society for Industrial Security   http://www.csis-scsi.org
   
Communications Security Establishment  http://www.cse.dnd.ca/
Computer Security Institute http://www.gocsi.com/   
   
Electronic Frontier Foundation   http://www.eff.org/
Forum of Incident Response and Security Teams (FIRST)   http://www.first.org/
FIRST Member Security Teams   http://www.first.org/team-info/www.html
High-Tech Crime Network   http://www.htcn.org
   
Information Systems Security Association (ISSA)   http://www.issa-intl.org
The Institute Of Information Security - INSTIS   http://www.instis.com
International Association for Cryptologic Research   http://www.swcp.com/~iacr/
ICSA Labs   http://www.icsalabs.com/
Italian Computer Antivirus Research Organization   http://www-iwi.unisg.ch/~sambucci/icaro/index.html
National Security Institute   http://nsi.org/
SANS Institute   http://www.sans.org/
The USENIX Association   http://www.usenix.org/
   

USENET Computer Security NewsGroups
   
alt.disasters.planning news:alt.disasters.planning  news:alt.disasters.planning
alt.hackers   news:alt.hackers
alt.security   news:alt.security
alt.security.alarms y  news:alt.security
alt.security.keydist   news:alt.security.keydist
alt.security.pgp   news:alt.security.pgp
alt.security.ripem   news:alt.security.ripem
alt.security.tscm   news:alt.security.tscm
comp.lang.java.security   news:comp.lang.java.security
comp.os.ms-windows.nt.admin.security   news:comp.os.ms-windows.nt.admin.security
comp.os.netware.security   news:comp.os.netware.security
comp.protocols.kerberos   news:comp.protocols.kerberos
comp.risks   news:comp.risks
comp.security.announce   news:comp.security.announce
comp.security.firewalls   news:comp.security.firewalls
comp.security.gss-api   news:comp.security.gss-api
comp.security.misc   news:comp.security.misc
comp.security.pgp   news:comp.security.pgp
comp.security.pgp.announce   news:comp.security.pgp.announce
comp.security.pgp.discuss   news:comp.security.pgp.discuss
comp.security.pgp.resources   news:comp.security.pgp.resources
comp.security.pgp.tech   news:comp.security.pgp.tech
comp.security.unix   news:comp.security.unix
comp.virus   news:comp.virus
info.firewalls-digest t  news:info.firewalls-diges
misc.security   news:misc.security
sci.crypt   news:sci.crypt
sci.crypt.research   news:sci.crypt.research
   
   
   

NEW

  
   
The Center for Education and Research in Information Assurance and Security (CERIAS) http://www.cs.purdue.edu/coast/coast.html
SNP Security New Portal http://www.securitynewsportal.com/index.shtml
Security Tracker http://www.securitytracker.com/
  http://www.theregister.co.uk/
  http://www.infosecnews.com/home/index.cfm
Secunia Graphical Advisories page http://secunia.com/
  http://www.securityfocus.com/
  http://www.zone-h.org/
  http://www.viruslist.com/en/weblog
  http://www.f-secure.com/weblog/
  http://securitywizardry.com/radar.htm
  http://www.internettrafficreport.com/main.htm
  http://www.internetpulse.net/
  http://www.us-cert.gov/current/current_activity.html
  http://www.security-forums.com/
   
Public Cooperative Vulnerability Database https://cirdb.cerias.purdue.edu/coopvdb/public/pub_search.php
X-force DataBase (ISS) http://xforce.iss.net/xforce/search.php
  http://www.auscert.org.au/
Hideaway.net http://www.hideaway.net/home/public_html/index.php
United States Computer Security Emergency Readiness Team. (DHS) http://www.us-cert.gov/current/current_activity.html
United States Computer Security Emergency Readiness Team. (DHS) Resources Page http://www.us-cert.gov/resources.html
United States Computer Security Emergency Readiness Team. (DHS) Resources Page http://www.us-cert.gov/federal/
Dartmouth College ISTS http://www.ists.dartmouth.edu/library.php
The Information Warfare Site (UK mailing list) http://www.iwar.org.uk/mailman/listinfo/infocon/
Attrition - / Defaced Commentary Mail List Archive http://www.attrition.org/security/commentary/
   
Safemode  - inactive defacement archive http://www.safemode.org/
   
Zone-H  - The Internet Thermometer - Defacement Archive and IT Security http://www.zone-h.org/en/defacements