Search Amazon 
upComputer/Internet Security & Forensics
upComputer/Internet Security
Looking for freeware/shareware anti-virus and anti-spyware? See the Internet Resources Software page
ZoneAlarm"ZoneAlarm is an easy to use always-on Internet security utility (firewall) that is essential for DSL and cable modem users. It increases security for any computer connected to the Internet, including dial-up connections." Free for personal use.
DSL Reports"Shield Probe.. Get an instant security analysis now. You dont even need to know your own IP address!" - Very much like ShieldsUp! Also of interest: FAQ on Security
Free Port Scan & Firewall TestChoose between Home Office/Personal Firewall Test or Business Server/Firewall Test - similar to like ShieldsUp!, but with some additional features.
ShieldsUP!"Can anyone crawl into your computer while you're connected to the Internet? You may be VERY surprised to find out!" - a free service of Gibson Research Corporation makers of the famous Spinrite disk utility software. Check out their other goodies, like the free "Trouble In Paradise" Iomega Zip and Jaz drive testing! (only 52k!)
Home PC Firewall Guide"A detailed personal resource guide to broadband (cable modem/DSL) and dial-up Internet security hacker protection for home and SOHO computer users."
SANS Institute"The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. ... It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center."
The Twenty Most Critical Internet Security Vulnerabilities"The SANS/FBI Top Twenty list is valuable because the majority of successful attacks on computer systems via the Internet can be traced to exploitation of security flaws on this list."
Linux and Windows security compared"The overall findings of this qualitative assessment are that Linux provides superior to comparable security capabilities in comparison to Windows, except in the category of assurance -- for now."
E-Week Security PortalReports on many and varied threats to networked computers, especially new e-mail worms that cause so much havoc and frustration.
WindowSecurity.comDedicated to providing one central, structured informative starting point to issues directly affecting the Windows NT/Windows 2000 community
Windows Security BulletinsWindows Security Information
Help Net SecurityHelp Net Security (HNS) is an online portal that covers all the major information security happenings.
IIS 5.0 and Windows 2000 Hardening GuideWindows vulnerabilities and fixes.
LinuxSecurity.comNews and articles on Linux security issues
Real-Time Top Ten Vulnerabilities"A dynamic list of the ten most critical and prevalent security vulnerabilities. The RV10 is the first of its kind, updated automatically and continuously from a statistically representative sample of a few thousand networks."
Incidents.org"A virtual organization of advanced intrusion detection analysts, forensics experts and incident handlers from across the globe. The organization's mission is to provide real time "threat-driven" security intelligence and support to organizations and individuals."
Internet Security I - Internet TechnologyRealvideo lectures which give "a detailed introduction into Internet Technology. It explains the function mode and architecture of Internets and Intranets and discusses important Internet protocols like IP, TCP, UDP, ICMP, as well as Internet addressing and DNS. Moreover, the Internet Protocol Next Generation - IPv6 - will be introduced. Furthermore important Internet services like WWW, email, ftp, telnet, rsh and more will be treated. Encryptions standards like IPSec show possibilities for information security. New techniques like LDAP and Multimedia applications will complete this lecture part about Internet Technology."
Internet Security II - Weaknesses and TargetsRealvideo lectures which give "a detailed introduction into problems concerning Internet and Intranet security. After starting with a some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion of possibilities to detect attacks and intrusions, and ethical issuses."
IP Spoofing: An Introduction"The concepts of IP spoofing: why it is possible, how it works, what it is used for and how to defend against it" an article from SecurityFocus.com, a useful source of Internet security info.
Internet Explorer Security AreaInternet Explorer vulnerabilities and fixes.
A Security Review of Protocols"A look at the lower layers, areas of possible dangers, and some basic infrastructure protocols, such as DNS, UDP, SCTP, ARP, TCP/IP, DHCP, IPv6, and WEP."
Cookies Central"Comprehensive resource on Internet cookies, including what they are, how to block or stop them."
Script Kiddies"Much to the surprise of most people, the typical network cracker is a 12-16 year old boy who found some cracking code on the Internet and decided to try it out. What makes the script kiddie so dangerous is not the vast amount of knowledge that they possess, but rather their lack of knowledge."
The World Wide Web Security FAQ"Attempts to answer some of the most frequently asked questions relating to the security implications of running a Web server and using Web browsers."
securityspace"To prove that we can find problems on YOUR system, we offer this comprehensive No Risk audit, for free."
dshield.org"Distributed Intrusion Detection System. Submit your firewall log excerpts or browse through current activity reported to the system. Featuring a list of 10 Most Wanted IP Addresses"
Microsoft TechNet Security"Provides technical how-to information about network, web site, email, database and Windows security and links to other security resources."
SecurityFocus"Designed to facilitate discussion on security related topics, create security awareness, and to provide the Internet's largest and most comprehensive database of security knowledge and resources to the public. It also hosts the BUGTRAQ mailing list."
PacketStormA "large and current security tools resource ... dedicated to providing the information necessary to secure the World's networks."
Internet Storm Center"Internet Storm Center gathers more than 3,000,000 intrusion detection log entries every day... in a quest to do a better job of finding new storms faster, isolating the sites that are used for attacks, and providing authoritative data on the types of attacks that are being mounted against computers in various industries and regions around the globe."
Internet/Network Security"Resources on Internet and Network security, hacking, hackers, privacy, encryption, cracking and crackers."
CERT"At the CERT Coordination Center, we study Internet security vulnerabilities, provide incident response services to sites that have been the victims of attack, publish a variety of security alerts, research security and survivability in wide-area-networked computing, and develop information to help you improve security at your site."
Computer Incident Advisory CapabilityCIAC, a creature of the US Department of Energy, provides computer security alerts and has a comprehensive virus database
AntiOnline"The Internet's Information Security Super Center"
antiphishing.org"The Anti-Phishing Working Group (APWG) is focused on eliminating the problem of phishing and email spoofing attacks by developing and sharing information about the problem, and promoting the visibility and adoption of industry solutions."
Snort"Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more." Available for Windows and Linux - GNU license (free)
The HoneyNet ProjectWhitepapers dedicated to "learn the tools, tactics, and motives of the blackhat community, and share those lessons learned"
searchSecurity.comArticles and news on computer and network security
An Overview of Cryptography"Defines some of the terms and concepts behind basic cryptographic methods, and offers a way to compare the myriad cryptographic schemes in use today. Also provides some real examples of cryptography in use today."
Digital IDsVeriSign's implementation of digital certificates
MIT Distribution Center for PGP"PGP® or Pretty Good Privacy® is a powerful cryptographic product family that enables people to securely exchange messages, and to secure files, disk volumes and network connections with both privacy and strong authentication."
Computer Security Resource Clearinghouse"Designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems."
The Center For Democracy & Technology"CDT seeks practical solutions to enhance free expression and privacy in global communications technologies." Here you will find an online snooper, which let you know how much information you are sharing about yourself when you surf the Internet.
ISS' X-Force Threat and Vulnerability DatabaseDocuments network attacks and security risks associated with particular computer operating systems
NetBus"NetBus, as are any of the other remote-admin trojans, is dangerous to you in direct proportion to the value and sensitivity of the information on your computer, and the importance of your system's integrity to your life and livelihood." Netbus is a Windows NT/95/98 Trojan horse.
InfoWorld Security WatchSecurity articles from Infoworld
InfoWorld Security Sweet 16"This is the list of known attacks and vulnerabilities freely available on the Internet"
CNN In-Depth Specials - Hackers"Some non-technical articles on hacking and hackers"
COAST Archive"The largest single archive on the Internet of papers, tools, standards, reports, mailing lists, and other information related to computer security, law, incident response, and information protection."
Guide to Securing Intranet and Extranet ServersInformation on developing and implementing a security strategy
Offline NT Password & Registry Editor, Bootdisk / CD"This is a utility to (re)set the password of any user that has a valid (local) account on your Windows NT/2000/XP/2003 system, by modifying the encrypted password in the registry's SAM file."
Schneier.com"Bruce Schneier is an internationally renowned security technologist and author. Described by The Economist as a "security guru," Schneier is best known as a refreshingly candid and lucid security critic and commentator. When people want to know how security really works, they turn to Schneier."
upComputer/Internet Forensics
Web Browser Forensics, Part 1Part 1 of a two part study that presents the techniques and tools commonly used by computer forensics experts to uncover such evidence, through a fictitious investigation that closely mimics real-world scenarios.
Web Browser Forensics, Part 2Part 2 of a two part study that presents the techniques and tools commonly used by computer forensics experts to uncover such evidence, through a fictitious investigation that closely mimics real-world scenarios.
Autopsy Forensic Browser"A graphical interface to the command line digital investigation tools in The Sleuth Kit. Together, they allow you to investigate the file system and volumes of a computer."
Search Amazon