General IT and Security Web Sites
68
WatchGuard System Manager
project.honeynet.org
The Honeynet Project is a non-profit research organization of security professionals dedicated to
information security. They have no products, services or employees, and all research is done on a
volunteer basis. Their goal is to learn the tools, tactics, and motives of the blackhat community
and share these lessons learned. Founded in October, 1999, all work is OpenSource and shared
with the security community.
www.infosecuritymag.com
Information Security
is the enterprise security and risk managers' leading source of critical,
objective information on strategic and practical security issues.
Information Security
's team of
veteran security journalists and experts break down the security problems challenging
enterprises and provide practical resolutions.
www.interhack.net/pubs/fwfaq
This collection of Frequently Asked Questions and answers about Internet firewalls has been
compiled over the years from fora such as Usenet, mailing lists, and Web sites. If you have a
question, looking here to see whether it has been answered before posting your question is
good form. Don’t send your questions to the FAQ maintainers.
www.cerias.purdue.edu/coast/firewalls
This site provides the comprehensive list of resources associated with Internet firewalls. The list is
divided into sections to make finding information easier.
www.microsoft.com/technet/security
The Microsoft homepage for computer security resources.
csrc.nist.gov
National Institute of Standards and Technology, Computer Security Division.
www.networkcomputing.com
Network Computing magazine, part of the tech web business technology network, features
content covering general networking topics as well as specific security topics.
www.securityfocus.com
Formerly the preferred clearing house for security vulnerability announcements, Security Focus
lost prestige after Symantec bought them (many readers assumed Symantec would bias the
reporting). We haven't noticed any dramatic decline in quality, and we routinely use the site --
especially its acclaimed Bugtraq list -- for information about new vulnerabilities.
Pro:
Often the
first place security researchers post their advisories. Has a great "Basics" reading room for IT
beginners.
Cons:
Advisories are posted in dense jargon difficult for beginners to comprehend.
Poorly organized site can make finding a specific item tricky.
Net:
Authoritative, comprehensive,
definitely a useful arrow in any sys admin's quiver.
NewsNow
NewsNow's UK-based spiders and bots automatically search over 15,000 news sources and
return live links with the results, updated every five minutes. They offer dozens of newsfeeds (but
do we really need to hear the latest on Michael Jackson every five minutes?). The feed you want
is called "Security" (listed under "Internet" in the left column. Don't choose "Hacking;" you'll get
countless articles about various hackers in legal trouble.) Pro: Comprehensive, up-to-the-minute
survey of worldwide Internet security.
Con:
The same information repeats countless times as
various online sources report it.
Net:
A great glimpse of security issues worldwide.