NOTE: These links are intended to provide security education
and awareness. You are solely responsible if you misuse the
information contained at any of these sites.
- AVERT - Anti-Virus Emergency Response Team
- OpenAntiVirus Project
- AMaViS (A Mail Virus Scanner)
- FAQ on Worms and Worm Containment
- Vmyths.com - Truth About Computer Virus Myths & Hoaxes
- The Complete Social Engineering FAQ
- Internet/Network Security - Social Engineering
- People Hacking: The Psychology of Social Engineering
- Social Engineering - IT Security Threat of Informatics
- Social Engineering
- Penetration Testing Using Social Engineering
- Human Firewall
- alt.2600/#hack FAQ
- 8200.org
- Warhol Worms
- Root Solutions [root.org]
- vpnd (Virtual Private Network Daemon)
- OpenVPN
- @stake Security News
- Net::RawIP
- Spak (Send PAcKet)
- Firewalk
- SecurityPortal
- Network Flight Recorder, Inc.
- QueSO
- attrition.org
- ATTRITION Mirrored Sites
- alldas.de defacement archives
- The Hacker's Choice
- AntiOnline - Computer Security - Hacking & Hackers
- Hacked Webpages Archive
- AntiCode
- SAINT
- Cryptography A-2-Z
- RSA Labs' Cryptography FAQ
- Snake Oil Warning Signs: Encryption Software to Avoid
- ent - Pseudorandom Number Sequence Test Program
- UNIX Security Checklist
- Solaris Security FAQ
- Writing Safe Setuid Programs
- Chrooting daemons and system processes HOW-TO
- Security Code Review Guidelines
- comp.security.misc FAQ
- Secure UNIX Programming FAQ
- Secure Programming for Linux and Unix HOWTO
- The Peon's Guide to Secure System Development
- Developing secure programs
- Ideahamster
- The Schmoo Group - Security Geeks
- The Shmoo Group - How to Write Secure Code
- Matt's Unix Security Page
- Unix Security Concepts
- Implementing Security in FreeBSD UNIX System, Part One
- FreeBSD Security How-To, Chapter One
- A basic guide to securing FreeBSD 4.x-STABLE
- Delivering Signals for Fun and Profit
- Statically Detecting Likely Buffer Overflow Vulnerabilities
- Keeping Your Site Comfortably Secure
- Internet Security Policy: A Technical Guide
- Computer Security Incident Handling Guide
- NSA Security Recommendation Guides
- Marcus J. Ranum's Publications, Rants, Presentations, and Code
- CERIAS (Center for Education and Research in Information Assurance and Security
- COAST Home Page
- COAST Hotlist - Internet Firewalls
- Autonomous Agents for Intrusion Detection
- Probing TCP Implementations
- CERT Coordination Center
- CERT List of Security Tools
- CERT Home Network Security
- HERT (Hacker Emergency Response Team)
- National Infrastructure Protection Center
- CIAC Security Web Site
- SANS (System Administration, Networking, and Security)
- SANS/FBI Twenty Most Critical Internet Security Vulnerabilities
- Incidents.org
- GIAC (Global Incident Analysis Center)
- Black Hat Briefings
- Def Con
- COVERT Labs
- Core SDI
- Razor
- How To Eliminate The Ten Most Critical Internet Security Threats
- FIRST
- AusCERT
- Center for Internet Security
- Packet Storm
- SecuriTeam.com
- RAID (Recent Advances in Intrusion Detection)
- TIS Firewall Toolkit (FWTK)
- fwtk.org
- Juniper Firewall Toolkit
- Secure Shell (SSH)
- OpenSSH
- Free SSH Programs
- SSH FAQ
- Another SSH FAQ
- Timing Analysis of Keystrokes and Timing Attacks on SSH
- Stunnel -- Universal SSL Wrapper
- Secure Telnet (STEL)
- Internet Firewalls FAQ
- PhoneBoy's FireWall-1 FAQ
- Dreamwvr's FireWall-1 FAQ
- fw-1-mailinglist searchable archive (securepoint.com)
- A Stateful Inspection of FireWall-1
- Firewall.com
- Intrusion Detection for Firewall 1
- An Intro to Computer Security
- Nessus
- Next Generation Security Software - Typhon Security Scanner
- ISS - Internet Security Systems
- ISS SecurityNews
- Counterintelligence and Technical Security
- Wietse Venema's Tools and Papers
- Forensic Computing & Analysis
- The Coroner's Toolkit
- SOCKS
- Linux Security
- Linux Administrators Security Guide
- Linux Firewall and Proxy Server HOWTO
- Creating a Linux Firewall with TIS FWTK
- FirePlug EDGE
- WWW Security FAQ
- Open Web Application Security Project
- 21 Rules for Writing Secure CGI Programs
- Cgisecurity.com
- Neil's Security and Privacy Resources
- CGI Security FAQ
- Cross Site Scripting FAQ
- Brute-Force Exploitation of Web Application Session IDs
- S/Key Password System
- SecurityFocus (also Bugtraq archives)
- BugTraq FAQ (old)
- securesoftware Full-Disclosure Computer-Security Mailing List
- Internet Draft: Responsible Vulnerability Disclosure Process
- L0pht Heavy Industries
- Whitehat.org: The site for ethical hacking
- HackPhreak
- Open Source Vulnerability Database
- Common Vulnerabilities and Exposures
- ICAT Metabase: A CVE Based Searchable Vulnerability Index
- Security Bugware
- Crash Course in X Windows Security
- Phrack Magazine
- phrack.org
- Phrack Magazine Archives
- Dan Farmer's security page
- Dan Farmer's Internet Security Survey
- NMRC Links
- NMRC FAQs
- Web Hack FAQ
- Crack
- John the Ripper
- Kerberos: The Network Authentication Protocol
- IP Filter
- Real Stateful TCP Packet Filtering in IP Filter
- pf - OpenBSD Packet Filter
- T.REX: Open Source Firewall
- Seattle Firewall (Seawall)
- xinetd
- Information Warfare and INFOSEC
- IWS - The Information Warfare Site
- Information Warfare Defense
- JavaScript Problems
- Computer Security Institute
- sniffit
- Any Port in a Datastorm
- FAQ: Firewalls: What am I seeing?
- FAQ: Sniffing (network wiretap, sniffer)
- FAQ: Network Intrusion Detection Systems
- DShield.org - Distributed Intrusion Detection System
- Firewall Piercing mini-HOWTO
- The Internet Ports Database
- Trojan list
- Insecure.org
- nmap
- Remote OS detection via TCP/IP Stack FingerPrinting
- Strange Attractors and TCP/IP Sequence Number Analysis
- Strange Attractors and TCP/IP Sequence Number Analysis - One Year Later
- fragroute
- Know Your Enemy: Passive Fingerprinting
- Reverse Engineering Malware
- TBIT, the TCP Behavior Inference Tool
- Hping
- VLAD the Scanner
- dsniff
- Ping of Death
- packetninja.net
- nemesis packet injection tool-suite
- rootshell.com
- rootprompt.org
- rootsecure.net
- How to 0wn the Internet in Your Spare Time
- chkrootkit -- locally checks for signs of a rootkit
- SSL-Talk FAQ
- ssyslog - Secure Syslog
- SKIP (Simple Key management for Internet Protocols)
- SRP (Secure Remote Password)
- OpenSSL
- SSLeay Documentation
- GnuTLS
- SET (Secure Electronic Transaction)
- Smurf Amplifier Registry
- netscan.org
- Lance Spitzner's Technical Whitepapers and Publications
- Honeynet Project
- Know Your Enemy: Project Honeynet Security Papers
- Deception Toolkit
- RobertGraham.com
- pulltheplug.com
- GNU httptunnel
- Closing the Window of Exposure
- Crypto-Gram Newsletter
- Steven M. Bellovin -- Papers
- security.royans.net
- Snort
- Firestorm NIDS
- Portsentry
- An Overview of Internet Security
- secureroot.com
- Cult of the Dead Cow
- The Happy Hacker
- HackerZ Hideout
- Root-Core Network
- I.C.E. Fortress - International Cracking Experts
- KSOZE's Cracking WorkShop
- CyberArmy HeadQuarters
- SamSpade.org
- Hacker Whacker
- OutGuess - Universal Steganography
- North American Cryptography Archives
- SPEKE (Simple Password-authenticated Exponential Key Exchange)
- Sys-Security.com
- Sys-Security.com: X (Xprobe)
- Cryptome
- NACSIM 5000 Tempest Fundamentals
- Libsafe
- Security-Protocols.com
- Whitehats Network Security Resource
- The Alice and Bob After Dinner Speech
- infosyssec.net
- SFS: Self-Certifying File System
- A Study In Scarlet: Exploiting Common Vulnerabilities in PHP Applications
- AES (Advanced Encryption Standard) Home page
- "Security Through Obscurity" Ain't What They Think
- RATS - Rough Auditing Tool for Security
- Unix Auditors Practical Handbook
- Employees' Guide to Security Responsibilities
- SYN Flood DoS Attack Experiments
- Sudo
- Security holes... Who cares?
- Port Knocking
- cosign: community sign on
- Team Cymru Darknet Project
- An Illustrated Guide to Cryptographic Hashes
![[back]](../images/hand.right.gif)
Michael Fuhr's Home Page
![[back]](../images/hand.up.gif)
Back to the Index
webmaster@fuhr.org
/
PGP Public Key