I thought it would be beneficial for our AO newbies if we talked about what our favorite security websites are beyond AO, plus I'm just curious myself. What do you think are the best places to go for resources and learning?
Printable View
I thought it would be beneficial for our AO newbies if we talked about what our favorite security websites are beyond AO, plus I'm just curious myself. What do you think are the best places to go for resources and learning?
www.securityfocus.com is awesome
www.wbglinks.net has links to heaps of great sites and is a good site itself
www.packetstormsecurity.org
www.insecure.org < -- nmaps creator's site
www.eeye.com <-- commercial products
i reckon securityfocus is the best .. not only does it have articles on everything security but it also has a heap of mailing lists .. including bugtraq :)
One of my favorite sites, has tons upon tons of freeware/shareware security tools as well as a horde of non-security-related goodies:
www.snapfiles.com
mm.. i like cliche threads, very easy to answer =)
im not big on read security news unless its some big issue thats mentioned on cnn or some other news website which i normally find under thier tech sections.... but i do normally check microsoft.com and symantec.com for news =)
http://www.symantec.com/index.htm <---- maker of norton line of products, has to update to info on virii and etc
http://www.microsoft.com/technet/Security/default.mspx <----- maker of greatest OS ever ( ;) ), has news on latest security things
Let's not forget Jupiter Media's Enterprise IT Planet ;)
My favorite security testing site by far has to be
http://www.staff.uiuc.edu/~ehowes/info17.htm#Links
OK................terribly lazy I know, but a newbie could do a lot worse than check out these sites and bookmark the ones they like:
www.auditmypc.com
www.bulletproofsoft.net
www.cexx.org
www.computercops.us
www.ct7support.com
www.doxdesk.com
www.eblocs.com
www.enigmasoftwaregroup.com
www.free-spyware-scan.com
www.free-web-browsers.com
www.grc.com
www.grisoft.com
www.hackfaq.org
www.hazeleger.net
www.javacoolsoftware.com
www.kellys-korner-xp.com
www.kephyr.com
www.lavasoft.de
www.lavasoftusa.com
www.majorgeeks.com
www.merijn.org
www.mjc1.com
www.moosoft.com
www.mvps.org
www.net-integration.net
www.noadware.net
www.no-spybot.com
www.onlinepcfix.com
www.pchell.com
www.pestpatrol.com
www.secureie.com
www.security.kolla.de
www.spybot.info
www.spychecker.com
www.spychecker.com
www.spycop.com
www.spyguard.com
www.spykiller.com
www.spyware.co.uk
Working on the principle that if the bad guys try to block access to those sites, they must have something useful on them.
:D
<COUGH> Company man...... ;)Quote:
Let's not forget Jupiter Media's Enterprise IT Planet
It can be horrendously "noisy" but the discussions can be fun to watch..... The information is "bleeding edge" and usually pretty accurate.
Subscribe to Bugtraq and pick your region(s) of interest.....
[Edit]
Damn Nihil..... You bored???? :D
[/Edit]
www.attrition.org is one of my fav's aswell that i forgot earlier. its got news, howto's an area for new guys etc
Here is one that I learned about on this site about a year ago: Foundstone.
Quote:
Let's not forget Jupiter Media's Enterprise IT Planet
ummmm........
/me thinks someone is looking for a raise :)
hjack
http://www.sans.org/
http://slashdot.org/
http://www.infosyssec.com/
http://www.securityfocus.com/
http://www.cert.org/
http://www.messagelabs.com/viruseye/
http://gtoc.iss.net/
http://www.securitywizardry.com/
That and what has been posted should be enough to make your eyes bleed. :D
www.sans.org/rr (SANS Reading Room, SANS was mentioned above but this is where all the good white papers are)
Also check out mjk's guide to computers and security (link in my sig) it's just a large collection of links about various topics (security, programming, networking).. It's still under construction but it's already pretty big and there's some good stuff there.
Later
mjk
Nice selection of rooms guys:
How bout:
www.astalavista.com(well,its been better but the site was pretty cool once upon a time)
www.neworder.box.sk
http://www.slac.stanford.edu/xorg/nmtf/nmtf-tools.html(nice set of tools)
You all are forgetting one of our own member's sites!
http://netsecurity.about.com/
Tony Bradley has TONS of good info for newbies. He has a whole set of tutorials and reviews of products along with best practices for internet security. He writes more towards the "newbie" audience and this site should not be overlooked. Word on the street is he will also be releasing a book soon that is intended for a "newbie" or non-technical audience.
Tony Bradley has been a valuable member here and he knows his stuff. I recommend you check out his site. Its well worth the time. The content is great. (aside from the annoying about.com ads that are all over... but that is beyond his control)
To find out more about Tony Bradley, visit his http://netsecurity.about.com site or his personal site @ http://www.tonybradley.com/ He has info about his upcoming book on his personal site too.
I'm still missing some of my own favs..
http://www.theregister.co.uk
http://lwn.net
and let's not forget my own site (spammer_the_spam) http://www.tp2.be wich syndicates the headlines of some news sites too..
Depends on what I am trying to find out. I do have some sites I frequent often and these are ...
www.antionline.com :thumbsup:
www.incidents.org
www.astalavista.net
www.hackinthebox.org
www.ntbugtraq.com
www.sans.org/rr
www.securityfocus.com
www.spywareinfo.com
www.wilderssecurity.com
www.virusbtn.com
^^ That's one Negative introduced me too. Very good website that does some in-depth reviewing of various different AV products.
As far as security white papers go with sans, you may also want to check out www.giac.org
A good number of papers end up on there from people doing their certification that do not make it to the main sans reading room.
Here are some sites I have bookmarked
www.informit.com
www.linuxsecurity.com
http://trinux.sourceforge.net
www.mycrypto.net
Infosyssec
Not really security sites, but helpful sites:
SysInfo
Startup List
Tasklist Programs
29a.host.sk/
-Cheers-
Never knew that a virus trading site was considered a security site :rolleyes:Quote:
29a.host.sk/
The 29a site has some very interesting stuff i dowloaded their "newsletter" a whiles back and it has some very interesting ideas and stuff , as well as some very naughty source and tools.
"They don't like outsiders roaming around their territory, especially security nuts like ourselves. Enter with caution."
If they didn't want people to read their stuff it would be a private site and not indexed by google. If you are on win and dumb enough to execute some of the binarys on your computer you deserve what you get As it is pretty apparant/explained what they do.
Pretty gutsy posting 29a the holier than thous are bound to whine and cry
Whine about what? The site has immense amounts of information and code that could be helpful. The people that are crying are ignorant, uptight *******s, nothing I can do about that.Quote:
Pretty gutsy posting 29a the holier than thous are bound to whine and cry
-Cheers-
Isc.sans.org and www.sans.org/rr are two favorites. The first is good for getting a picture of INternet traffic and breaking threats, the second is good for research.
If you can ignore his boredom-induced flaming, PM does a have a point. Those kinda websites do provide a means of watching the newest trends emerge. And lumpy, I was referring to hacker sites in general, but you're right, if you are naive enough to walk in there that way you are asking for it.
From 6 pages to 3... Peace-making the Negative-way :rolleyes:
Lol, it looked a bit different. :)Quote:
From 6 pages to 3... Peace-making the Negative-way
-Cheers-
It's 4 buddy. :DQuote:
It was 3 when I posted... I didn't count my post, since it wasn't part of the original thread.
I knew someone was going to say something, though :rolleyes:
Liar! You would've posted it before I said it. :pQuote:
Originally posted here by Negative
It was 3 when I posted... I didn't count my post, since it wasn't part of the original thread.
I knew someone was going to say something, though :rolleyes:
Yaaaaay, all better! ;) So, back to business, shall we?
Underground News
Underground News is one of the few security sites which does not restrict or censor news or information
http://www.undergroundnews.com/
Hackwire
Hackwire offers daily up-to-date news delivered from the underground.
http://www.hackwire.com/
Computer Security Now
CSN is geared towards those that don't want to spend a great deal of time getting up to speed on security issues, but do want to understand how to better secure their systems and networks. CSN provides inhouse written articles, reviews of products, and links to popular run of the mill security news and tools.
http://www.computersecuritynow.com/
Makesecure.com
MakeSecure.com is information security web site, providing security information to the community. Includes Tools, Links, News, Advisories and online remote security lab.
http://www.makesecure.com
Start Plaza
A large compilation of security links including Security News sites, Security Advisory sites, Security Scanners, Programming sites, Anti-virus, Phreaking sites, E-Zine sites, and more. All sites are rated for quality.
http://www.startplaza.nu
WindowSecurity.com
Windows security site which provides Windows security news, articles, tutorials, software listings and reviews for information security professionals covering topics such as firewalls, viruses, intrusion detection and other security topics.
http://www.windowsecurity.com/
eBCVG Network Security
eBCVG is a security portal dedicated to providing security professionals with the knowledge and resources to help protect all of their data. They provide daily updated news, information on the latest viruses, security articles and more.
http://www.ebcvg.com/
Hideaway.Net
Hideaway.Net is an Internet security portal that covers the latest developments in PC & server security, virus protection, and privacy on-line. There is content on the site for users of all levels, from system administrators to home users.
http://www.hideaway.net
Firewall.cx
At Firewall.cx you will find information related to all networking topics. There is networking forum, a wide range of software and an online test center to help you test your knowledge.
http://www.firewall.cx/
TESO
TESO is an international group motivated computer security programmers. With over a dozen members specialized in the network security field they research and develop new vulnerabilities and exploitation tools that are useful to a wide range of security enthusiasts.
http://teso.scene.at/
Help Net Security
Help Net Security has been online since 1998. Initially conceived as a download archive, the site has grown into a daily updated security related news site with lots of additional content.
http://net-security.org
The Hackers Choice
Founded in 1994, the Hacker's Choice (THC) is a group of security engineers that through the years have released several papers and applications covering telecommunication, credit card, Unix and NT security.
http://www.thehackerschoice.com/
w00w00 security
w00w00 (WSD), with 30+ active members, is currently the largest non-profit security team in the world. They have members on three continents, and in eight countries including Australia, Canada, France, Russia, United Kingdom, Netherlands, Sweden, Germany, and the United States.
http://www.w00w00.org/"
Fringe of the Web
Started in 1994 as a ring of only the best 'fringe' underground and computer security sites. Users vote on sites, bringing the quality sites to the top and slowly eliminating the lacking sites.
http://www.webfringe.com
SecurityTracker
Security Tracker is a site devoted to tracking security vulnerabilities, and nothing else.
http://www.securitytracker.com/
Dutch Security Information Network
An international Dutch view upon the networking and security world. DSInet.org provides its visitors with information, files, tools, news items, columns, opinions and an editorial view upon the genre in general.
http://www.dsinet.org/
Neohapsis Ports List
Updated often, it's the most comprehensive listing of default TCP/UDP ports around.
http://www.neohapsis.com/neolabs/neo-ports/
COAST
Computer Operations, Audit, and Security Technology is a multiple project, multiple investigator laboratory in computer security research and functions with close ties to researchers and engineers in major companies and government agencies.
http://www.cerias.purdue.edu/coast/
Synnergy Networks
Synnergy Laboratories is comprised of a team of computer and network specialists from around the world. Using our combined efforts we help bring you the most current security issues which concern you and your business.
http://www.synnergy.net/
Underground Security Systems Research
USSR has many homegrown exploits and advisories, encryption resources, and much more.
http://www.ussrback.com/
sub Zone-H
Zone-H is a large computer crime archive and resource for security news, advisories, and tools for IT professionals.
http://www.zone-h.org/
Phreak.org
Phreak.org also offers a wide variety of files, links, and data in relation to accessing phone systems.
http://www.phreak.org/
Computer Crime and Intellectual Property Section
CCIPS focuses exclusively on the issues raised by computer and intellectual property crime. They advise federal prosecutors and law enforcement agents; comment upon and propose legislation; coordinate international efforts to combat computer crime; litigate cases; and train all law enforcement groups.
http://www.cybercrime.gov/
Computer Incident Advisory Capability
CIAC provides on-call technical assistance and information to U.S. Department of Energy sites faced with computer security incidents. This central incident handling capability is one component of all encompassing service provided to the DOE community.
http://ciac.llnl.gov
Computer Security Resource *************
CSRC is designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems.
http://csrc.nist.gov/
The Smoking Gun
The Smoking Gun brings you exclusive documents that can't be found elsewhere on the Web. They feature material obtained from government and law enforcement sources, via Freedom of Information requests, and from court files nationwide.
Http://www.thesmokinggun.com
CCCure:
http://www.cccure.org/
A site dedicated to helping folks with their SSCP and CISSP. If you go to the download section http://www.cccure.org/modules.php?name=Downloads it has a wealth of information concerning the most basic aspect of network/computer security to the very specific. Lots of PDF's, which I like.
It also has a quiz engine, I like to test myself even though I'm not ready for the CISSP yet.
The Register
http://www.theregister.com
Yeah I know, a Brit site =P but they update alot, and have news that is not found on your normal security sites. Where else are you going to find out about corporate take-overs and such. Good to have a site that gives you the big picture.