Security Hotlist Contents

Security Tools

  • CIAC Unix General Security Tools
  • Internet Security Systems, Inc.
  • SPAWAR archive for Computer Security Tools - Military use only
  • U.S. Department of Energy's Computer Incident Advisory Capability's Tools
  • COAST's list of security tools for DOS, Macintosh, and UNIX
  • COAST Archive (via ftp)
  • Unix System Monitoring Tools
  • Doug's tools page
  • Internet Locations for Materials on the Disks for Applied Cryptography
  • Klaxon (a port monitoring tool)
  • Rscan Homepage
  • About AccessManager
  • Netpassword - changing passwords safely across the net
  • The Kerberos Network Authentication Service
  • The Sesame Distributed Authentication System
  • Security tools at Dartmouth (Matt Bishop)
  • System administration tools
  • funet.fi ftp archive
  • Wietse Venema's collection of tools and papers
  • Frank O'Dwyer's Homepage - Security Code
  • Ssh (Secure Shell) Home Page

    • Cryptology

  • PGP-Related Utilities and Services
  • Home page for www.pgp.net
  • Cryptography, PGP, and Your Privacy page
  • Getting PGP
  • PGPfone Home Page
  • PGP 2.6.2 FAQ, Buglist, Fixes, and Improvements
  • Finding someone's PGP key
  • ViaCrypt WWW Site
  • MCIP HomePage (PGP for Macs)
  • EFH Pretty Good Privacy Workshop
  • PGP Resources
  • NCSA httpd/Mosaic: Using PGP/PEM auth
  • MacPGP Control - MPGPC
  • MacPGP Accessories
  • Book: PGP: Pretty Good Privacy by Garfinkel
  • Book: The Official PGP User's Guide by Phil Zimmermann
  • Book: PGP: Source Code and Internals by Phil Zimmermann
  • Cryptography: The Study of Encryption
  • Quadralay Cryptology Archive
  • Lawrie Brown's crypto bibliography
  • Cypherpunks's Homepage
  • RSA's Frequently Asked Questions
  • BIG cryptocode archive @ University of Milan.
  • International Association of Cryptologic Research (IACR)
  • The Cryptography Project (Dorothy Denning @ Georgetown University)
  • The Betsi System @ Bellcore
  • Ross Anderson's homepage (some papers on crypto)
  • Ronald L. Rivest's Cryptography and Security page
  • CDT's Crypto Page
  • TEA, a Tiny Encryption Algorithm.
  • Steganography
  • Cryptography Theory and Practice
  • International Cryptographic Software Pages for Encryption, Decryption, Cryptanalysis, Steganography, and Related Methods

    • Underground

  • The Internet Underground (John Gott's list)
  • Spy.org
  • Aleph1's security page
  • Uebercracker's Security Web
  • A list of "underground" sites
  • Arny's unix / net / hack page
  • 8LGM group
  • L0pht Heavy Industries
  • The DEFCON site
  • Unauthorized Access Home Page (videotape)
  • HacKeR WorLD
  • Computer underground Digest WWW Site
  • CuD "Computer Underground E-Publications - Top Level" Archive
  • Middle Of Nowhere/Outlaws
  • The AOL Toys Page
  • Directory of /pub/hacker at Giga Internet Group
  • The Zionet Underground
  • SaTaN's Lair
  • Vexation's -_-UnDeRgRoUnD-_-
  • daddict's Computer Underground
  • Phil's: Phil's (Unix & Hacking) Texts

    • Virus Information

  • IBM Computer Virus Information Center
  • Chris Johnson's Gatekeeper Mac Anti-virus Tool
  • John Norstad's Disinfectant Mac Anti-virus Tool
  • Safetynet, Inc.
  • Computer Viruses page by Lorna @ SigNet
  • Data Fellows WWW pages (F-PROT Professional)
  • IBM's Anti-Virus page
  • Dr. Solomon's Virus Info
  • Symantec Anti-Virus Reference Center
  • Alwil Software
  • Macintosh Virus info
  • Things that Go Bump in the Net
  • MS-DOS Anti-virus Tools
  • WinWord Nuclear virus
  • Virus-L/comp.virus FAQ
  • Information on the Word Prank Macro

    • Electronic Mail

  • Henry's sendmail Page!
  • Information on the Sendmail

    • Firewall Information

  • Great Circle Associates home page
  • Firewalls mailing list
  • Marcus Ranum's Firewall FAQ
  • Livermore Software Labs, Firewall tutorial
  • List of Commercial Firewalls and Related FW Products (Cathy Fulmer's list)
  • Another list of Firewall Vendors
  • ANS HOME PAGE
  • BorderWare software by Border Network Technologies
  • CheckPoint Software Technologies (Firewall-1)
  • Cohesive Systems
  • Cisco Systems
  • Firewalls R Us
  • Global Technology Associates
  • KarlBridge/KarlBrouter
  • Livermore Software Labs
  • Milkyway Networks Corporation
  • NetLOCK(tm) from Hughes
  • Network Systems Corporation
  • Network Translation
  • PORTUS
  • Raptor Systems
  • Secure Computing Corporation (Sidewinder)
  • SecurIt Firewall
  • Sun's SunScreen SPF-100
  • TIS Gauntlet

    • World Wide Web (WWW) Security

  • Ches's security page
  • World Wide Web (in)Security
  • Security in Mosaic
  • Another page on secure WWW server setup
  • Trusted Information Systems's notes on secure WWW
  • Rutger's documents on WWW security
  • WWW-security info
  • HotJava: The Security Story
  • The Java Security FAQ
  • HotJava Security
  • NCSA httpd/Mosaic: Using PGP/PEM auth
  • HTTP Security group of W3C
  • Secure NCSA httpd Manual
  • Breaking SSL with RC40
  • Netscape Data Security
  • Applying brute force against SSL
  • Hack Netscape
  • Security Issue in Netscape
  • The WWW Security FAQ
  • Netscape Security (problems)
  • Internet Holes: 50 Ways to Attack Your Web Systems
  • Browser Crasher

    • Miscelanious

  • Netsurfer Focus: Computer and Network Security
  • Network Security (Moderators: P. Lipp, R. Posch)
  • Win 95 Net Bugs
  • Ches's security page
  • Cliff Stoll's Performance Art Theater and Networking Security Revue
  • Info on IPng
  • X Windows Security
  • Why send email when you can Fakemail?
  • Routing Arbiter Project
  • DigiCash - ecash home page
  • Massively Distributed Systems
  • MS-DOS System Security Tools
  • Covert Services Investigation Agency
  • Project on Intelligence Reform
  • IntelWeb - The WWW Site of Intelligence Watch Report (IWR)
  • PASSWORD Project (OSI security)

    • Whitepapers and Documents

  • NRL IS Security Course and Handbook
  • U.S. Department of Energy's Computer Incident Advisory Capability documentation
  • Navy Supply Office Publications
  • NASIRC Important Reference Materials and Checklists - NASA Use Only
  • AUSCERT Papers
  • DFN-CERT Documents
  • COAST Security Related Documents
  • FTP archive of papers from NU-CERT
  • Internet FAQs from Ohio State University
  • COAST Newsletter ("CoastWatch")
  • Bugtraq archives
  • Bugtraq list in hypermail
  • The PRIVACY Forum
  • Intrusion Detection Mailing List Archive
  • IEEE-CS TC on Security and Privacy Cipher newsletter
  • Computer Underground Digest WWW Site
  • NetWatchers Front Page
  • The RISKS Forum
  • Firewalls mailing list
  • 2600 Magazine
  • Phrack
  • Security mailing mix
  • Sneakers-Internet Wide Area "Tiger Teamers" mailing list.
  • Virtual Library Mailing List Archive (includes bugtraq and firewalls lists)
  • GrayAreas
  • Sources eJournal
  • Journal of Computer Security
  • Disaster Recovery Journal
  • Back issues of Computer and Communications Security Reviews
  • Infosecurity News - Introductory Home Page
  • Computers & Security
  • Computer Fraud & Security Bulletin
  • Computer Audit Update
  • Computer Law & Security Report
  • The Virus Bulletin

    • Books

  • The Hacker Crackdown by Bruce Sterling US site, another US site, German site
  • O'Reilly: Computer Security Basics by Russell and Gangemi
  • O'Reilly: Practical Unix Security by Garfinkel and Spafford
  • O'Reilly: UNIX & Internet Security, 2nd Edition
  • O'Reilly: PGP: Pretty Good Privacy by Garfinkel
  • O'Reilly: Computer Crime: A Crimefighter's Handbook by Icove, Seger & VonStorch
  • O'Reilly: Building Internet Firewalls by Chapman and Zwicky
  • PGP: Source Code and Internals by Phil Zimmermann
  • The Official PGP User's Guide by Phil Zimmermann
  • Building in Big Brother by Lance Hoffman
  • Cryptography Theory and Practice

    • Advisories and Alerts

  • NAVCIRT advisories
  • AUSCERT Advisories and Alerts
  • NIST/CSL Computer Security Alerts
  • CIAC Security Bulletins

    • Security Models

  • User UNIX Model
  • Sysadmin UNIX Model
  • Sysadmin VMS Model
  • DOS Security Model
  • Linux Security Model

    • Security Archives

  • COAST Archive (via WWW index)
  • COAST Archive (via ftp)
  • NIST Computer Security Resource Clearinghouse
  • NRL's High Assurance Computing Systems
  • Security Reference Index
  • EINet's Security Page
  • Comprehensive page at NIH
  • Hotlist by Bennet Yee
  • Directory at Yahoo
  • Security (Computer Technology) index at EInet
  • CIAC Web Site
  • NRL ADP Security
  • Security for Businesses on the Internet
  • U. Pennsylvania - Information Security and Privacy
  • Raptor Systems Security Library
  • Information Technology Security (ITS) Home Page
  • AuditNet
  • EFF Crypto/Privacy/Security Archive
  • Sirene Pointers
  • Idaho State's Security Library page
  • V-One Technical Publications
  • A general index at CNS (Luxembourg)
  • Szymon Sokol's security page
  • SIMS Security links page
  • Mary Ellen Zurko's list
  • Network/Computer Security Technology
  • Unix Net for Computer security in Law Enforcement (U.N.C.L.E.)
  • CNS - Network Security Pages
  • Phoenix Systems' Index
  • Sanda International's index
  • Collection at Management Analytics
  • Matrix Group (largely unreadable)
  • RFC Index
  • Linux Security WWW
  • FORMIS Workspace
  • Information Technology Assurance and Trustworthiness
  • Document Summary
  • Computer Security index @ Chalmers
  • Comprehensive index of Computer Security Issues
  • Pilot's Network Security Guide (CK)
  • funet.fi ftp archive
  • Computer Security Web Pages
  • rpwaterb's Computer Security links
  • Tiamat's lair (a different spin on this hotlist)
  • UNIX Security Topics
  • "Unix Guru Universe" hotlist

    Other Security Link Pages

  • Government INFOSEC resource links
  • National Institute of Standards and Technology's Computer Security Resource Clearinghouse
  • U.S. Department of Energy's Computer Incident Advisory Capability's security resource page
  • COAST Security Hotlist
  • Henry's Pretty Good Security Page

    • Computer Security Response Teams and other groups

  • Forum of Incident Response and Security Teams (FIRST)
  • Computer Emergency Response Team Coordination Center, USA (CERT)
  • DOE Computer Incident Advisory Capability, USA (CIAC)
  • NASA Automated Systems Incident Response Capability, USA (NASIRC)
  • Australian Computer Emergency Response Team, Australia (AUSCERT)
  • German Federal Networks CERT, Germany (DFN-CERT)
  • SURFnet Response Team, Netherlands (CERT-NL)
  • Naval Computer Incident Response Team, USA (NAVCIRT)
  • NIST Computer Security Resource Clearinghouse, USA (NIST/CSRC)
  • Northwestern University Computer Emergency Response Team, USA (NU-CERT)
  • Purdue University Computer Emergency Response Team, USA (PCERT)
  • Stanford University Security Team, USA (SUNSeT)
  • Swiss Academic and Research Network CERT, Switzerland (SWITCH-CERT)
  • Computer Operations, Audit, and Security Technology (COAST)

    • Computer Security Professional Organizations

  • ACM SIGSAC (SIG on Security, Audit, and Control)
  • Computing Professionals for Social Responsibility (CPSR)
  • HTCIA (High-Tech Crime Investigators Association)
  • HTCIA, Northern CA Chapter
  • IEEE-CS TC on Security and Privacy
  • IEEE SSIT Society for Social Implications of Technology Home Page
  • International Federation for Information Processing
  • IFIP TC 6 (Communication Systems)
  • IFIP Technical Committee 11 on Security and Protection in Information Processing
  • IFIP WG 11.3 on Database Security
  • IFIP WG 11.4 on Network Security
  • International Association for Cryptologic Research
  • The Internet Society
  • ISSA Home Page
  • USENIX & SAGE
  • Usenix Security-related Events

    • U.S. Government

  • ARPA home page
  • Central Intelligence Agency Home Page
  • Computer Security Technology Center at Lawrence Livermore National Laboratory (DOE)
  • DoD Information Analysis Center (IAC) Hub Page
  • Defense Information Systems Agency (DISA)
  • The Department of the Treasury: Financial Crimes Enforcement Network
  • FBI computer crime information
  • National Computer System Security and Privacy Board
  • NIST Computer Systems Laboratory
  • NRL Center for High Assurance Computer Systems (Naval Research Lab)
  • National Security Agency
  • Office of Technology Assessment
  • Office of the U.S. Secretary of Defense (OSD)
  • US Navy SPAWAR