Security Resources

Organizations

• CERT Coordination Center
• Computer Security Institute
• SANS Institute
• Information Systems Security Association (ISSA)
• International Information Systems Security Certification Consortium (ISC)²

Publications

• Information Security Magazine
• SC Magazine
• RISKS Digest
• Computer Security News Daily

Documents

• Internet Firewalls FAQ
• RFC 2196: Site Security Handbook
• RFC 2350: Expectations for Computer Security Incident Response
• RFC 2504: Users' Security Handbook

Web Sites

• Computer Incident Advisory Capability (CIAC) operated by the U.S. Department of Energy
• Hoaxbusters - Not all security and virus alerts are legitimate. Visit this site for information on distinguishing the real from the false.
• Computer Security Resource Center operated by the U.S. National Institute of Standards and Technology (NIST)
• SecurityFocus
• Common Vulnerabilities and Exposures (CVE) centralized naming system for known security vulnerabilties and exposures

Vendor Security Web Sites

• Microsoft
• Sun
• Cisco
• HP

Tools

• nmap
• netcat
• SAINT
• Nessus
• TCP Wrapper
• OpenSSH
• tcpdump
• traceroute
• lsof