Warning
Warning
Network Security Links
Important Legal NOTICE!
Click Here To Read Important Legal NOTICE!
Auditing
Certificates
Conferences
Ecryption
Firewall
IDS
KeyLogging
Passwords
Privacy
Reading
Tracking
Wireless
Web
Erase / Wipe
Other
Tools you pay for
Free info and tools
SANS Top 20 Internet Security Vulnerabilities
Auditing and Monitoring
www.absolute-protect.com/
A software solution for tracing computers world-wide
www.aelita.com/products/InTrust.htm
Consolidated security auditing and monitoring for Windows-centric and heterogeneous networks
www.anti-keyloggers.com/
Scan your system now with our flagship software application Anti-keylogger
www.camsurveillance.com/
software for network LAN Cameras
www.cisco.com/warp/public/cc/pd/sqsw/nesn
Cisco Secure Scanner
www.computrace.com/
Secure and reliable computer tracking and inventory management service
www.datascp.com/
Security Auditing and vulnerablity testing
www.eeye.com/html/products/retina
Network Security Scanner
www.ethereal.com
www.gfi.com/
GFI LANguard Network Security Scanner (N.S.S.) checks your network for possible security vulnerabilities
www.hp.com/security/products/webenforcer
HP Webenforcer
www.insecure.org/nmap/
Nmap is an excellent open source utility that provides incredible detail on the devices on your intranet and the ports those devices are using to communicate
www.ipchicken.com/
Free port scan and Ip identification
www.iss.net/products_services/managed_services/vulnerability_management.php
Internet Security Systems (ISS) scanning products
www.lavasoftusa.com
ad-aware spyware detection & removale utility
www.lavasoft.de/
same as above
www.mcafeeb2b.com/services/cybercop
McAfee CyberCop
www.netiq.com
NetIQ's Security Analyzer
www.nessus.org
A free powerful remote security scanner
www.network-tools.com
Network information service- find out about your or other peoples networks
www.networksecuritytoolkit.org
The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms
http://www.nmapwin.org/
Nmap is an excellent open source utility that provides incredible detail on the devices on your intranet and the ports those devices are using to communicate
www.orbs.com
-open relays - scan ports
www.redsiren.com
www.sassafras.com
A free software inventory and auditing utility
http://security.kolla.de/
Spy Bot
www.sentryinc.com/
The CyberAngel Security Software protecting laptops and desktops alike from physical theft, software and data theft
www.spychecker.com
spyware software checking software, use this free utility
www.sysinternals.com
ShareEnum uses NetBIOS enumeration to scan all the computers on your network
www.tenablesecurity.com/
Nessus vulnerability scanner
www.tntsoftware.com/products/elm3/elm30/
ELM Log Manager
www.tripwire.com/downloads/index.cfm
Security monitoring Get them Tripwire’s evaluation kit for Windows
winfingerprint.sourceforge.net
Winfingerprint is a Win32 Host/Network Enumeration Scanner
Security Certification
Reason to get Certified -
The certification(s) indicates that the employee has the dedication to pursue professional development outside of the arena of his or her full-time career. It shows a passion about his/her field of interest and for his/her personal development plan.
www.securitycertified.net
This program offers two certifications. The Security Certified Network Professional (SCNP) & The Security Certified Network Architect (SCNA)
www.checkpoint.com/
Certified Security Engineer
www.comptia.org
CompTIA Security+
www.csds.uidaho.edu
University of Idaho
ecommerce.ncsu.edu
North Carolina State University
www.infosec.jmu.edu/
James Madison University
www.giac.org
Global Information Assurance Certification (GIAC): Founded by the SANS Institute
isc2.org
Certified Information Systems Security Professional (CISSP) certification
www.isse.gmu.edu/
George Mason University
www.rsasecurity.com/
Certified Administrator Certified Engineer
www.sniffer.com/
Certified Expert Certified Professional Certified Master
www.symantec.com/
Certified Security Engineer Certified Security Practitioner
TruSecure ICSA Certified Security Associate (TICSA): This certification is a vendor-neutral measurement
Security Conferences
www.blackhat.com/main.html
www.defcon.org
www.first.org/conference
www.gocsi.com/annual/index.html
www.issa.org
www.misti.com
www.rsasecurity.com
www.snas.org
www.secureworldexpo.com
www.trainingcamp.co.uk/uk
Encryption
www.utimaco.com/privatecrypto/
SafeGuard PrivateCrypto (Encryption Software) is a free download for private users and, a fee of € 29,-, for business users.
www.authenex.com
Authenex HDLock, a security system that secures PCs and notebooks from unauthorized access. Authenex HDLock uses 128-bit Advanced Encryption Standard (AES) hard-disk encryption and a strong (two-factor) authentication logon process to confirm the identity of the person requesting access to the computer
www.cyber-ark.com
CyberArk provides a vault for your valuables
www.cypherix.com
a 128 bit disk encryption software. It creates encrypted containers (vaults) of upto 25 MB
www.dathq.com
Digital Authentication Technologies, Inc
www.CNET.com Downloads PC Utilities Security Encryption
www.loginrecovery.com
This site will let you download a boot disk that will read the existing encrypted password, but not alter it. Once the encrypted password is saved to the boot disk, you can then go to another system and upload the encrypted password to the loginrecovery.com site. If you can wait up to two days, the loginrecovery.com servers will unencrypt your password and e-mail it to you.
www.pgp.com
or
web.mit.edu/network/pgp.html
(Public Encryption Key) Pretty Good Privacy
www.topsecretcrypto.com/
Top Secret Crypto Gold v2.00, a powerful e-mail and file encryption program for Windows
http://trinityhome.org/trk
Trinity Rescue Kit is a Linux distribution on a bootable CD-ROM that contains everything that you need to rescue or repair dead or damaged Linux or Windows systems.
www.tumbleweed.com
Tumbleweed Communications is now the recognized leader in providing secure Internet communication solutions for enterprises and government customers of all sizes
www.webroot.com
Security products by WebRoot. Washers, Spyware, Privacy & filtering software.
Firewall
www.bryansk.ru/moshkow/alt/SECURITY/firewall
Internet Firewalls Frequently Asked Questions
www.checkpoint.com
Very Good Firewalls
www.crossteccorp.com
The NetOp Desktop Firewall combining dynamic packet filtering and process control
www.freebsd.org
Free software Firewall
www.freedom.net
The Freedom Security & Privacy Suite is a bundle of our Anti-Virus, Personal Firewall and Parental Control services into one easy-to-use application
www.firewall.com
Firewall comparison
www.grc.com
(ShieldsUp to test your firewall)
www.gilian.com
G-Server, inspects outgoing traffic looking for Web pages and data that doesn't match protected versions
www.locked.com/prod_firewall
Mission Critical Systems fireWall-1/VPN-1
http://www.omniquad.com/tshnew.htm
featuring MyPrivacy, AntiSpy, Personal Firewall, Anonymous Surfing and much more
www.openbsd.org
Free software Firewall
www.protect-me.com
Software firewall
www.spirit.com/cgi-new/report.pl
Firewall comparison chart
www.sygate.com
Software Firewall
scan.sygate.com
Systems scanners Get a free security scanner for services; protocols like UDP, TCP, ICMP; Trojans; and other potential trouble spots from Sygate Technologies
www.timhiggins.com
Hardware Router Comparison
http://www.tinysoftware.com/
Tiny Personal Firewall (TPF5)
www.us.zyxel.com/products
A USB powered Ethernet network interface internet security appliance with firewall safety and secure communication link - Establishes an IPSec VPN tunnel to your corporate network
www.wingate.com
A Firewall proxy
www.zonelabs.com
(Free Software Firewall for home)
www.webroot.com
Security products by WebRoot. Washers, Spyware, Privacy & filtering software.
www.webwasher.com/
leading provider of Internet URL filtering database
IDS
www.demarc.com/
PureSecureTM Total Intrusion Detection System (TIDS), which provides an unsurpassed level of comprehensive security
www.ethereal.com
A packet sniffer but Ethereal requires a packet driver called WinPCap, which can be downloaded from
winpcap.polito.it
Federal Computer Incident Responce Capability
Packed with security info and free security tools. Software for scanning hosts , patches, and detecting intrusions.
www.gfisoftware.com
Security and Messaging software (Intrusion detection)
http://www.gfi.com/emailsecuritytest/
Test the security of your email system! Is your email system secure against email viruses and attacks?
www.intrusion.com
Intrusion Detection
www.lancope.com
It focuses on network misuse and penetration
www.okena.com
StormWatch, its intrusion prevention solution for consolidating security products
www.pedestalsoftware.com/
Intact (IDS Software) & Security Expressions security compliance & View ACL's
www.pestpatrol.com
Programs to stop hackers, spyware, keyloggers and trojans
www.snort.org
One of the most well-documented and tested IDS implementations is free? Snort runs on almost any platform (including Windows).
Keyboard Logger Links
www.keyghost.ca
Hardware keylogger you simply unplug the keyboard cable from the back of the PC
www.keyloggers.com
Ultimately invisible and undetectable easy-to-use surveillance software
www.softpedia.com
Keylogger Douglas is a totally freeware application
Other Links
www.alw.nih.gov/Security/
Computer Security Information Links (well organized)
www.aks.com
Aladdin another security company
www.antiphishing.org
Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers
www.auscert.org.au
Another security Company
http://www.bennetyee.org/ucsd-pages/
Bennet Yee's research focuses on issues in computer security
http://www.cia.gov/
CIA Centrial Intelligence Agency
www.cisecurity.org/
The Center for Internet Security. The Benchmark Security Scoring Tool scans both Windows NT 4.0 and 2000 operating systems.
www.computer-security.com/
http://www.cse-cst.gc.ca/en/about_cse/about_cse.html
Canadian Security Establishment
www.cybertipline.com
handles leads reporting the sexual exploitation of children
www.cybercrime.gov
Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the U.S. Department of Justice Web site presents detailed information about policy regarding computer crime, procedures for reporting computer crime
www.dri.ca
Disaster Recovery Institute CANADA
www.ectaskforce.org
Electronic Crimes Task Forces, area of concentration and expertise to include banking and finance, academia, financial markets, casino-based operations, and the hi-tech industry
http://www.faso-afrs.ca/intro-e.html
Can. Fed. Ass. of Security Officials
FBI
www.hackerwacker.com
Helps you to see what your users doing to your cororate computers?
www.incidents.org
SANS' incident handler website
www.icsa.net
Certification Lab to test Security
www.insecure.org
Free Security software and Reading
www.invisiblenet.com
A research & development driven organization that provide the highest standards in security and privacy
www.iss.net
Internet Security Systems Company
www.mcwhortle.com
McWhortle Enterprises is an established and well-known manufacturer of biological defense mechanisms.
www.microsoft.com/security/kitinfo.asp
FREE Microsoft Security Toolkit
www.microsoft.com/technet/security/prodtech/windows/windows2000/staysecure
Security Operations Guide for Windows 2000 Server
www.microsoft.com/security/Baseline Security Analyzer
MDSA Whitepaper or
Q320454
www.microsoft.com/technet/security/tools/tools/mbsahome.asp
Free Microsoft Baseline Security Analyzer
www.microsoft.com/technet/security/tools/tools/locktool.asp
IIS Lockdown Wizard
www.microsoft.com/technet/security/tools.asp
Tools from Microsoft to protect your systems and networks
www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bestprac/Default.asp
Best Practices
www.microsoft.com/technet/treeview/default.asp
The New Common Criteria Security Evaluation Scheme and the Windows 2000 Evaluation
www.microsoft.com/technet/technet/security/prodtech/windows/windows2000/staysecure/
A free 192-page document Microsoft Windows 2000 Security Operations Guide
www.mycard.ca
MyCard™ MasterCard® Card is a prepaid, stored value and reloadable payment card
www.mybalance.ca/index.cfm
Citizens Bank/Vancity Visa Gift Card is prepaid
www.nationalrcfl.org
National Regional Computer Forensics Laboratory
www.networkdecisions.com
Many free network and security tools
www.ncpc.org
US National Crime Prevention Council
www.nsa.gov/snac/downloads_all.cfm
Current Security Configuration Guides
http://www.ocipep.gc.ca/home/index_e.asp
Critical Infrastructure Protection Canada
www.phantomts.co
Gianus Technologies introduced Phantom Total Security (PTS), security software that can protect any type of computer data by making it invisible to attackers, unauthorized users, and even viruses
www.protect-me.com
prevent access to CD-ROMs, firewire and bluetooth devices as well as IRDA, serial and LPT ports
www.ready.gov/business
A new initiative for small and medium-sized business owners to be ready for any kind of emergency, be it hurricane, utility disruption or manmade disaster.
http://www.rcmp-grc.gc.ca/tsb/home_e.htm
Canadian RCMP Technical Security
www.securehq.com/
Network Security Superstore
www.securenetlabs.com/
They offer a full range of services for the Internet and Intranet
www.socialengineering101.com
Social Engineering forum for Social Engineers SE
www.somarsoft.com
Changing permissions
www.spectracomcorp.com/netclockntp.html
A safe way to update time. The NetClock/NTP derives time from GPS satellites and automatically tracks satellites
www.sqlsecurity.com/checklist.asp
The SQL Server Security Checklist
www.trusecure.com
Education and software
http://www.warchalking.us/
is a movement to mobilize the geek community to decide a standard iconography for public Wi-Fi.
www.zeroknowledge.com
Zero-Knowledge Systems is the world’s forerunner in providing proven, value-added service (VAS) solutions designed expressly for Internet Service Providers (ISPs).
Password Auditing
www.adkins-resource.com
Hyena has the ability to change local Administrator passwords on multiple machines across a network available from SystemTools Software.
www.altusnet.com/passfilt/
Passfilt Pro - Eliminate Weak Passwords
www.anixis.com
Password Policy Enforcer
www.accentsoft.com
Forgotten or lost a password to your Microsoft® Office document
www.atstake.com
Sells Lopht Crack and other software
http://www.backupwhiz.com/software/fileutilities/password/index.html
A list of passwrod recovery tools
home.eunet.no/~pnordahl/ntpasswd
a single floppy or CD which contains things needed to edit the passwords on most systems
www.foghomesecurity.com
Free Foghorn Security's Local Account Password Manager (LAPM) Lets you change local admin accounts in the workstations in the domain and other tools
www.lanicu.com
Change the admin password on all workstaions
www.lostpassword.com
Windows Key is a program to reset Windows XP / 2000 / NT security if Administrator password, secure boot password or key disk is lost. Passware Kit Enterprise lets you access the employee's password-protected documents and files.
www.oxid.it/cain.html
Cain & Abel is a password recovery tool
www.realuser.com
Passfaces uses facial recognition to verify a user's authenticity for Active Directory and one for Web servers at $2 per user.
www.passwordrecoverytools.com
To recover any Office Password
www.rixler.com
Rixler Software, a password-recovery solution for network and dial-up connections.
support.microsoft.com/?kbid=272530
the Cusrmgr.exe Tool to Change Administrator Account Password on Multiple Computers
Privacy
www.ftc.gov/privacy
Federal Trade Commission Privacy Initiatives
www.webroot.com
Security products by WebRoot. Washers, Spyware, Privacy & filtering software.
Reading
www.airdefense.net/webinars
Wireless LAN Security a free online webinars
www.antionline.com
a worldwide community of security, network and computer professionals, students and keen amateurs who come here to learn the principles and details of computer/network security
www.astalavista.com
Lots of good tools and reading
www.boran.com
Sean Boran, computer security and network expert Info, A Swiss company with an IT security Cookbook for managers and administrators
cassandra.cerias.purdue.edu
to stay informed about any security vulnerabilities. Cassandra lets you establish profiles that contain lists of products you use.
www.cerias.purdue.edu/
Purdue University the world's foremost university center for information security
www.cert.org
(Computer Emergency Response Team) Part of Carnegie Mellon Software Engineering Institute. One of the oldest organizations to study Internet security. They publish Internet vulnerablities and and security alerts
www.ciac.org/ciac/
Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents
csrc.nist.gov
www .csialliance.org
Cyber Security Industry Alliance (CSIA)
http://nsa2.www.conxion.com/index.html
National Security Agency Security Recommendation Guide for Windows OS
csrc.nist.gov
Computer Security Resoource Center
www.cve.mitre.org
CVE is a dictionary of information security vulnerability and exposure terms
www.danish-company.com/dcpc
DCPC is freeware that changes all the local Administrator passwords across a network
www.e-secure-db.us/
Global IT Security Information DATABASE
www.experts-exchange.com/Networking
Federal Computer Incident Responce Capability
Packed with security info and free security tools. Software for scanning hosts , patches, and detecting intrusions.
www.first.org/
Forum of Incident Response and Security Teams
www.gocsi.com/
Computer Security Institute (CSI) is the world's leading membership organization specifically dedicated to serving and training the information, computer and network security professional.
www.htcia.org
The HTCIA is an international organization established to set standards for investigating technology crimes
www.infowar.com
World Security News letter, not just computers
www.infoworld.com/security
Many security articals
www.it.kth.se/~rom/ntsec.html
NT Security FAQ
www.LinuxSecurity.com
Linux security
www.microsoft.com/security
How to secure Microsft products
www.microsoft.com/security/guidance
Microsofts Security Guidence Center
www.microsoft.com/technet/
Help: I Got Hacked. Now What Do I Do?
www.microsoftelearning.com/security
www.ncsa.uiuc.edu/
National Security Agency
www.ntsecurity.net
IT Network Magazie dedicated to Security, Microsoft Operaing Systems and Security
www.odci.gov
US Intelligence Community
http://packetstormsecurify.com
News and free security service
http://project.honeynet.org
They set traps for hackers and document how they got in
www.sans.org
(System Administration,Networking & Security)
www.secadministrator.com
Magazine on IT security
www.secadministrator.com/articles/index.cfm?articleid=26315
Best Security Products Oct 2002
www.securityportal.com
A Top News bulletin on security
www.securityfocus.com
News, BugTraq, vulnerabilities, email list
www.secunia.com
vulnerability database and vulnerability information
www.staysafeonline.info/
end-user awareness and best practices
www.us-cert.gov
The National Cyber Alert System provides timely information about current and emerging threats and vulnerabilities
www.whitehouse.gov/pcipb/
President's Critical Infrastructure. Protection Board, September 18, 2002, Subject: A National Strategy to Secure Cyberspace
http://xforce.iss.net/library/faqs/
Security questions
http://web.zdnet.com/windows/nt/security/
Many Operating Systems Technical Information
Tracking Inventory
http://camtech2000.net/Pages/SpyChaser.html
Free software utilites stop unwanted stuff spy chaser
www.absolute.com
Services and Software for Computer Security and Tracking
www.symbol.com
a suite of mobile network protection products under the MobiusGuard
www.webdetect.com/
software system for tracing stolen computers / laptops via the internet. Reflex Data Shredder when files are dropped on it they are erased very thoroughly
www.ztrace.com/
an invisible software security application that traces the location of missing laptops
Web
www.butterflysecurity.com/
Butterfly Security's unique approach to web application security software
www.c2c.com/
C2C provides a framework to control the impact of e-mail within the Exchange/Outlook environment
www.cirt.net/code/nikto.shtml
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items
www.fakemailz.com
Anonymous Email after 7 days
www.gfi.com/emailsecuritytest
Test the security of your email system! Is your email system secure against email viruses and attacks?
www.intersectalliance.com/projects/index.html
Security Configuration Document for NT 4, 2000, IIS, Apache , and Linux
www.instantssl.com
offer FREE FULLY FUNCTIONAL trial SSL Certificates
www.mall-net.com/spamfaq.html
Spam FAQ
www.microsoft.com/technet/security/tools/chklist/iis5cl.asp
A useful checklist for Internet Information Services (IIS) 5.0
www.microsoft.com/technet/security/tools/chklist/iis4cl.asp
How to removing unused script mappings, and disabling Remote Data Services(RDS) support in IIS
www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/chklist/iischk.asp
A Web-based checklist form, which contains hotlinks that describe each item listed
www.owasp.org/
Open Web Application Security Project (OWASP) is an Open Source community project staffed entirely by volunteers from across the world. The project is developing software tools and knowledge based documentation that helps people secure web applications and web services.
www.pkiforum.org
Advocates for the adoption of Public Key Infrastructure as a foundation to enable secure e-business transactions
www.rsasecurity.com
Good source for Internet security Information
www.sanctuminc.com
Application Sewcurity, Web/e-mail servers
www.securenetlabs.com
They offer a full range of services for the Internet and Intranet
www.securitymetrics.com/
Internet vulnerablity test
spam.abuse.net/spam
Spam Abuse
www.staysafeonline.info
Government securing the internet and end-user awareness
www.stratum8.com
Stratum8's mission is to lockdown your web-based applications, with solutions that are easy to install, quick to deploy, and customizable to your specific
www.verisign.com
Securing Corporate Internets - Secure Server IDs to authenticate your sites and enable SSL encryption technology
www.washington.edu/people/dad
Wall Street Journal described Dave Dittrich as a teacher and software expert at the University of Washington and an expert on Denial of Service attacks
www.webwasher.com/
filters out unwanted advertising and protects the surfer's privacy by filtering cookies, referer strings and Web bugs
Internet Assigned Port Numbers Authority (IANA)
www.iana.org
It divides all public IP addresses among the Regional Internet Registries (RIRs) to distribute blocks of IP addresses.
There are four RIRs:
* Asia Pacific Network Information Centre (APNIC) for Asia and the Pacific region
www.apnic.net
* American Registry for Internet Numbers (ARIN) for North America, parts of the Caribbean, and sub-equatorial Africa
www.arin.net
* Latin American and Caribbean Internet Addresses Registry (LACNIC) for Latin America and parts of the Caribbean
lacnic.net
* RIPE Network Coordination Centre (RIPE NCC) for Europe, the Middle East, Central Asia, and African countries above the equator
www.ripe.net
Wipe and Erase
www.cezeo.com/products/disk-redactor
Disk Redactor is a WIPE utility that lets you securely erase any old ( deleted ) files and prevent them from being recovered.
dban.sourceforge.net
Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers
www.milincorporated.com/fie_download.html
Mil Free Internet Eraser
www.softpedia.com/get/System/File-Management/JB-File-Shredder.shtml
JB File Shredder is a free utility that will completely and permanently delete files of your hard drive
www.whitecanyon.com/wipedrive-erase-hard-drive.php
WipeDrive, you can completely erase your computer's hard drive
Wireless
www.80211-planet.com/tutorials
802.11 Security Beyond WEP
www.airdefense.net
AirDefense, the innovator and market leader in anywhere, anytime wireless security, provides acomplete suite of solutions that secure wireless networks
www.funk.com
Wireless networking security vendor
www.kismetwireless.net
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
www.netstumbler.com/
lets users investigate a given WirelessLAN's security
www.warchalking.us
is a movement to mobilize the geek community to decide a standard iconography for public Wi-Fi.
www.wlanparts.com/
Pasadena Networks, LLC has been in the wireless network business for over three years.
Back To Main Page
Important Legal NOTICE!
Click Here To Read Important Legal NOTICE!
Updated October 10, 2007
Copyright© 2007 by Dana Shea
Copyright© All rights Reserved. No part of the contents of this site may be reproduced
or transmitted in any form or by any means without written permission.
Any questions or problem links please email