eWeek Labs Recommends: Key Security Resources

By Jim Rapoza  |  Posted 2001-06-11 Print this article Print

The following sites are tried-and-true security destinations.

The following sites are tried-and-true security destinations. Every IT pro should bookmark and visit these sites—often.

www.securityfocus.com Home of the Bugtraq mailing list archive, plus a good source of security white papers

www.sans.org Includes the SANS Institutes vulnerability list, white papers and port scan statistics from monitors spread around the Internet

www.cert.org The CERT Coordination Center at Carnegie Mellon provides one of the best resources for security advisories and best-practices information

cve.mitre.org Common Vulnerabilities and Exposures, the authoritative list of vulnerability definitions

icat.nist.gov The National Institute of Standards and Technologys search engine for the CVE database

www.securityportal.com Security news and commentary

www.ntbugtraq.com A Windows-specific vulnerability Web site and mailing list

www.linuxsecurity.com All things Linux security

www.microsoft.com/technet/ security Microsoft Product Security Notification Service, Microsofts security vulnerability mailing list

project.honeynet.org The Honeynet Project: Learn how to do detailed forensics after a compromise

www.wiretrip.net/rfp/ The "skinnable" home of Rain Forest Puppy provides detailed information on exploits and has been first to list several prominent vulnerabilities

www.insecure.org Home of the definitive port scanner nmap, plus a great list of security tools

www.atstake.com/research/advisories/index.html Formerly Lopht advisories, this is an excellent list of advisories that often covers applications skipped by other lists

www.2600.com Home of the venerable hacker magazine

Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr Rapoza's current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel