The following sites are tried-and-true security destinations.
The following sites are tried-and-true security destinations. Every IT pro should bookmark and visit these sitesoften.
Home of the Bugtraq mailing list archive, plus a good source of security white papers
Includes the SANS Institutes vulnerability list, white papers and port scan statistics from monitors spread around the Internet
The CERT Coordination Center at Carnegie Mellon provides one of the best resources for security advisories and best-practices information
Common Vulnerabilities and Exposures, the authoritative list of vulnerability definitions
The National Institute of Standards and Technologys search engine for the CVE database
Security news and commentary
A Windows-specific vulnerability Web site and mailing list
All things Linux security
security Microsoft Product Security Notification Service, Microsofts security vulnerability mailing list
The Honeynet Project: Learn how to do detailed forensics after a compromise
The "skinnable" home of Rain Forest Puppy provides detailed information on exploits and has been first to list several prominent vulnerabilities
Home of the definitive port scanner nmap, plus a great list of security tools
Formerly Lopht advisories, this is an excellent list of advisories that often covers applications skipped by other lists
Home of the venerable hacker magazine