Warning

Warning

Network Security Links

Important Legal NOTICE!

Click Here To Read Important Legal NOTICE!


Auditing
Certificates
Conferences
Ecryption
Firewall
IDS
KeyLogging
Passwords
Privacy
Reading
Tracking
Wireless
Web
Erase / Wipe
Other

Tools you pay for
Free info and tools
SANS Top 20 Internet Security Vulnerabilities
Auditing and Monitoring
www.absolute-protect.com/ A software solution for tracing computers world-wide
www.aelita.com/products/InTrust.htm Consolidated security auditing and monitoring for Windows-centric and heterogeneous networks
www.anti-keyloggers.com/ Scan your system now with our flagship software application Anti-keylogger
www.camsurveillance.com/ software for network LAN Cameras
www.cisco.com/warp/public/cc/pd/sqsw/nesn Cisco Secure Scanner
www.computrace.com/ Secure and reliable computer tracking and inventory management service
www.datascp.com/ Security Auditing and vulnerablity testing
www.eeye.com/html/products/retina Network Security Scanner
www.ethereal.com
www.gfi.com/ GFI LANguard Network Security Scanner (N.S.S.) checks your network for possible security vulnerabilities
www.hp.com/security/products/webenforcer HP Webenforcer
www.insecure.org/nmap/ Nmap is an excellent open source utility that provides incredible detail on the devices on your intranet and the ports those devices are using to communicate
www.ipchicken.com/ Free port scan and Ip identification
www.iss.net/products_services/managed_services/vulnerability_management.php Internet Security Systems (ISS) scanning products
www.lavasoftusa.com ad-aware spyware detection & removale utility
www.lavasoft.de/ same as above
www.mcafeeb2b.com/services/cybercop McAfee CyberCop
www.netiq.com NetIQ's Security Analyzer
www.nessus.org A free powerful remote security scanner
www.network-tools.com Network information service- find out about your or other peoples networks
www.networksecuritytoolkit.org The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms
http://www.nmapwin.org/ Nmap is an excellent open source utility that provides incredible detail on the devices on your intranet and the ports those devices are using to communicate
www.orbs.com -open relays - scan ports
www.redsiren.com
www.sassafras.com A free software inventory and auditing utility
http://security.kolla.de/ Spy Bot
www.sentryinc.com/ The CyberAngel Security Software protecting laptops and desktops alike from physical theft, software and data theft
www.spychecker.com spyware software checking software, use this free utility
www.sysinternals.com ShareEnum uses NetBIOS enumeration to scan all the computers on your network
www.tenablesecurity.com/ Nessus vulnerability scanner
www.tntsoftware.com/products/elm3/elm30/ ELM Log Manager
www.tripwire.com/downloads/index.cfmSecurity monitoring Get them Tripwire’s evaluation kit for Windows
winfingerprint.sourceforge.netWinfingerprint is a Win32 Host/Network Enumeration Scanner

Security Certification
Reason to get Certified - The certification(s) indicates that the employee has the dedication to pursue professional development outside of the arena of his or her full-time career. It shows a passion about his/her field of interest and for his/her personal development plan.

www.securitycertified.net This program offers two certifications. The Security Certified Network Professional (SCNP) & The Security Certified Network Architect (SCNA)
www.checkpoint.com/ Certified Security Engineer
www.comptia.org CompTIA Security+
www.csds.uidaho.edu University of Idaho
ecommerce.ncsu.edu North Carolina State University
www.infosec.jmu.edu/ James Madison University
www.giac.org Global Information Assurance Certification (GIAC): Founded by the SANS Institute
isc2.org Certified Information Systems Security Professional (CISSP) certification
www.isse.gmu.edu/ George Mason University
www.rsasecurity.com/ Certified Administrator Certified Engineer
www.sniffer.com/ Certified Expert Certified Professional Certified Master
www.symantec.com/ Certified Security Engineer Certified Security Practitioner
TruSecure ICSA Certified Security Associate (TICSA): This certification is a vendor-neutral measurement

Security Conferences
www.blackhat.com/main.html
www.defcon.org
www.first.org/conference
www.gocsi.com/annual/index.html
www.issa.org
www.misti.com
www.rsasecurity.com
www.snas.org
www.secureworldexpo.com
www.trainingcamp.co.uk/uk
Encryption
www.utimaco.com/privatecrypto/ SafeGuard PrivateCrypto (Encryption Software) is a free download for private users and, a fee of € 29,-, for business users.
www.authenex.com Authenex HDLock, a security system that secures PCs and notebooks from unauthorized access. Authenex HDLock uses 128-bit Advanced Encryption Standard (AES) hard-disk encryption and a strong (two-factor) authentication logon process to confirm the identity of the person requesting access to the computer
www.cyber-ark.com CyberArk provides a vault for your valuables
www.cypherix.com a 128 bit disk encryption software. It creates encrypted containers (vaults) of upto 25 MB
www.dathq.com Digital Authentication Technologies, Inc
www.CNET.com Downloads PC Utilities Security Encryption
www.loginrecovery.com This site will let you download a boot disk that will read the existing encrypted password, but not alter it. Once the encrypted password is saved to the boot disk, you can then go to another system and upload the encrypted password to the loginrecovery.com site. If you can wait up to two days, the loginrecovery.com servers will unencrypt your password and e-mail it to you.
www.pgp.com or web.mit.edu/network/pgp.html (Public Encryption Key) Pretty Good Privacy
www.topsecretcrypto.com/ Top Secret Crypto Gold v2.00, a powerful e-mail and file encryption program for Windows
http://trinityhome.org/trk Trinity Rescue Kit is a Linux distribution on a bootable CD-ROM that contains everything that you need to rescue or repair dead or damaged Linux or Windows systems.
www.tumbleweed.com Tumbleweed Communications is now the recognized leader in providing secure Internet communication solutions for enterprises and government customers of all sizes
www.webroot.com Security products by WebRoot. Washers, Spyware, Privacy & filtering software.

Firewall
www.bryansk.ru/moshkow/alt/SECURITY/firewall Internet Firewalls Frequently Asked Questions
www.checkpoint.com Very Good Firewalls
www.crossteccorp.com The NetOp Desktop Firewall combining dynamic packet filtering and process control
www.freebsd.org Free software Firewall
www.freedom.net The Freedom Security & Privacy Suite is a bundle of our Anti-Virus, Personal Firewall and Parental Control services into one easy-to-use application
www.firewall.com Firewall comparison
www.grc.com (ShieldsUp to test your firewall)
www.gilian.com G-Server, inspects outgoing traffic looking for Web pages and data that doesn't match protected versions
www.locked.com/prod_firewallMission Critical Systems fireWall-1/VPN-1
http://www.omniquad.com/tshnew.htm featuring MyPrivacy, AntiSpy, Personal Firewall, Anonymous Surfing and much more
www.openbsd.org Free software Firewall
www.protect-me.com Software firewall
www.spirit.com/cgi-new/report.plFirewall comparison chart
www.sygate.com Software Firewall
scan.sygate.com Systems scanners Get a free security scanner for services; protocols like UDP, TCP, ICMP; Trojans; and other potential trouble spots from Sygate Technologies
www.timhiggins.com Hardware Router Comparison
http://www.tinysoftware.com/ Tiny Personal Firewall (TPF5)
www.us.zyxel.com/products A USB powered Ethernet network interface internet security appliance with firewall safety and secure communication link - Establishes an IPSec VPN tunnel to your corporate network
www.wingate.com A Firewall proxy
www.zonelabs.com (Free Software Firewall for home)
www.webroot.com Security products by WebRoot. Washers, Spyware, Privacy & filtering software.
www.webwasher.com/ leading provider of Internet URL filtering database

IDS
www.demarc.com/ PureSecureTM Total Intrusion Detection System (TIDS), which provides an unsurpassed level of comprehensive security
www.ethereal.com A packet sniffer but Ethereal requires a packet driver called WinPCap, which can be downloaded from winpcap.polito.it
Federal Computer Incident Responce Capability Packed with security info and free security tools. Software for scanning hosts , patches, and detecting intrusions.
www.gfisoftware.com Security and Messaging software (Intrusion detection)
http://www.gfi.com/emailsecuritytest/ Test the security of your email system! Is your email system secure against email viruses and attacks?
www.intrusion.com Intrusion Detection
www.lancope.com It focuses on network misuse and penetration
www.okena.com StormWatch, its intrusion prevention solution for consolidating security products
www.pedestalsoftware.com/ Intact (IDS Software) & Security Expressions security compliance & View ACL's
www.pestpatrol.com Programs to stop hackers, spyware, keyloggers and trojans
www.snort.org One of the most well-documented and tested IDS implementations is free? Snort runs on almost any platform (including Windows).

Keyboard Logger Links
www.keyghost.ca Hardware keylogger you simply unplug the keyboard cable from the back of the PC
www.keyloggers.com Ultimately invisible and undetectable easy-to-use surveillance software
www.softpedia.com Keylogger Douglas is a totally freeware application

Other Links
www.alw.nih.gov/Security/ Computer Security Information Links (well organized)
www.aks.com Aladdin another security company
www.antiphishing.org Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers
www.auscert.org.au Another security Company
http://www.bennetyee.org/ucsd-pages/ Bennet Yee's research focuses on issues in computer security
http://www.cia.gov/ CIA Centrial Intelligence Agency
www.cisecurity.org/ The Center for Internet Security. The Benchmark Security Scoring Tool scans both Windows NT 4.0 and 2000 operating systems.
www.computer-security.com/
http://www.cse-cst.gc.ca/en/about_cse/about_cse.html Canadian Security Establishment
www.cybertipline.com handles leads reporting the sexual exploitation of children
www.cybercrime.gov Computer Crime and Intellectual Property Section (CCIPS) of the Criminal Division of the U.S. Department of Justice Web site presents detailed information about policy regarding computer crime, procedures for reporting computer crime
www.dri.ca Disaster Recovery Institute CANADA
www.ectaskforce.org Electronic Crimes Task Forces, area of concentration and expertise to include banking and finance, academia, financial markets, casino-based operations, and the hi-tech industry
http://www.faso-afrs.ca/intro-e.html Can. Fed. Ass. of Security Officials
FBI
www.hackerwacker.com Helps you to see what your users doing to your cororate computers?
www.incidents.org SANS' incident handler website
www.icsa.net Certification Lab to test Security
www.insecure.org Free Security software and Reading
www.invisiblenet.com A research & development driven organization that provide the highest standards in security and privacy
www.iss.net Internet Security Systems Company
www.mcwhortle.com McWhortle Enterprises is an established and well-known manufacturer of biological defense mechanisms.
www.microsoft.com/security/kitinfo.asp FREE Microsoft Security Toolkit
www.microsoft.com/technet/security/prodtech/windows/windows2000/staysecure Security Operations Guide for Windows 2000 Server
www.microsoft.com/security/Baseline Security Analyzer MDSA Whitepaper or Q320454
www.microsoft.com/technet/security/tools/tools/mbsahome.asp Free Microsoft Baseline Security Analyzer
www.microsoft.com/technet/security/tools/tools/locktool.aspIIS Lockdown Wizard
www.microsoft.com/technet/security/tools.asp Tools from Microsoft to protect your systems and networks
www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bestprac/Default.asp Best Practices
www.microsoft.com/technet/treeview/default.asp The New Common Criteria Security Evaluation Scheme and the Windows 2000 Evaluation
www.microsoft.com/technet/technet/security/prodtech/windows/windows2000/staysecure/A free 192-page document Microsoft Windows 2000 Security Operations Guide
www.mycard.ca MyCard™ MasterCard® Card is a prepaid, stored value and reloadable payment card
www.mybalance.ca/index.cfm Citizens Bank/Vancity Visa Gift Card is prepaid
www.nationalrcfl.org National Regional Computer Forensics Laboratory
www.networkdecisions.com Many free network and security tools
www.ncpc.org US National Crime Prevention Council
www.nsa.gov/snac/downloads_all.cfm Current Security Configuration Guides
http://www.ocipep.gc.ca/home/index_e.asp Critical Infrastructure Protection Canada
www.phantomts.co Gianus Technologies introduced Phantom Total Security (PTS), security software that can protect any type of computer data by making it invisible to attackers, unauthorized users, and even viruses
www.protect-me.com prevent access to CD-ROMs, firewire and bluetooth devices as well as IRDA, serial and LPT ports
www.ready.gov/business A new initiative for small and medium-sized business owners to be ready for any kind of emergency, be it hurricane, utility disruption or manmade disaster. http://www.rcmp-grc.gc.ca/tsb/home_e.htm Canadian RCMP Technical Security
www.securehq.com/ Network Security Superstore
www.securenetlabs.com/ They offer a full range of services for the Internet and Intranet
www.socialengineering101.com Social Engineering forum for Social Engineers SE
www.somarsoft.com Changing permissions
www.spectracomcorp.com/netclockntp.html A safe way to update time. The NetClock/NTP derives time from GPS satellites and automatically tracks satellites
www.sqlsecurity.com/checklist.asp The SQL Server Security Checklist
www.trusecure.com Education and software
http://www.warchalking.us/is a movement to mobilize the geek community to decide a standard iconography for public Wi-Fi.
www.zeroknowledge.com Zero-Knowledge Systems is the world’s forerunner in providing proven, value-added service (VAS) solutions designed expressly for Internet Service Providers (ISPs).

Password Auditing
www.adkins-resource.com Hyena has the ability to change local Administrator passwords on multiple machines across a network available from SystemTools Software.
www.altusnet.com/passfilt/ Passfilt Pro - Eliminate Weak Passwords
www.anixis.com Password Policy Enforcer
www.accentsoft.com Forgotten or lost a password to your Microsoft® Office document
www.atstake.com Sells Lopht Crack and other software
http://www.backupwhiz.com/software/fileutilities/password/index.html A list of passwrod recovery tools
home.eunet.no/~pnordahl/ntpasswd a single floppy or CD which contains things needed to edit the passwords on most systems
www.foghomesecurity.com Free Foghorn Security's Local Account Password Manager (LAPM) Lets you change local admin accounts in the workstations in the domain and other tools
www.lanicu.com Change the admin password on all workstaions
www.lostpassword.com Windows Key is a program to reset Windows XP / 2000 / NT security if Administrator password, secure boot password or key disk is lost. Passware Kit Enterprise lets you access the employee's password-protected documents and files.
www.oxid.it/cain.html Cain & Abel is a password recovery tool
www.realuser.com Passfaces uses facial recognition to verify a user's authenticity for Active Directory and one for Web servers at $2 per user.
www.passwordrecoverytools.com To recover any Office Password
www.rixler.com Rixler Software, a password-recovery solution for network and dial-up connections.
support.microsoft.com/?kbid=272530 the Cusrmgr.exe Tool to Change Administrator Account Password on Multiple Computers

Privacy
www.ftc.gov/privacy Federal Trade Commission Privacy Initiatives
www.webroot.com Security products by WebRoot. Washers, Spyware, Privacy & filtering software.

Reading
www.airdefense.net/webinars Wireless LAN Security a free online webinars
www.antionline.com a worldwide community of security, network and computer professionals, students and keen amateurs who come here to learn the principles and details of computer/network security
www.astalavista.com Lots of good tools and reading
www.boran.com Sean Boran, computer security and network expert Info, A Swiss company with an IT security Cookbook for managers and administrators
cassandra.cerias.purdue.edu to stay informed about any security vulnerabilities. Cassandra lets you establish profiles that contain lists of products you use.
www.cerias.purdue.edu/ Purdue University the world's foremost university center for information security
www.cert.org (Computer Emergency Response Team) Part of Carnegie Mellon Software Engineering Institute. One of the oldest organizations to study Internet security. They publish Internet vulnerablities and and security alerts
www.ciac.org/ciac/ Cyber Security Alerts and Advisories and Reporting Cyber Security Incidents
csrc.nist.gov
www .csialliance.org Cyber Security Industry Alliance (CSIA)
http://nsa2.www.conxion.com/index.html National Security Agency Security Recommendation Guide for Windows OS
csrc.nist.gov Computer Security Resoource Center
www.cve.mitre.org CVE is a dictionary of information security vulnerability and exposure terms
www.danish-company.com/dcpc DCPC is freeware that changes all the local Administrator passwords across a network
www.e-secure-db.us/ Global IT Security Information DATABASE
www.experts-exchange.com/Networking
Federal Computer Incident Responce Capability Packed with security info and free security tools. Software for scanning hosts , patches, and detecting intrusions.
www.first.org/ Forum of Incident Response and Security Teams
www.gocsi.com/ Computer Security Institute (CSI) is the world's leading membership organization specifically dedicated to serving and training the information, computer and network security professional.
www.htcia.org The HTCIA is an international organization established to set standards for investigating technology crimes
www.infowar.com World Security News letter, not just computers
www.infoworld.com/security Many security articals
www.it.kth.se/~rom/ntsec.html NT Security FAQ
www.LinuxSecurity.com Linux security
www.microsoft.com/security How to secure Microsft products
www.microsoft.com/security/guidance Microsofts Security Guidence Center
www.microsoft.com/technet/Help: I Got Hacked. Now What Do I Do?
www.microsoftelearning.com/security
www.ncsa.uiuc.edu/ National Security Agency
www.ntsecurity.net IT Network Magazie dedicated to Security, Microsoft Operaing Systems and Security
www.odci.gov US Intelligence Community
http://packetstormsecurify.com News and free security service
http://project.honeynet.org They set traps for hackers and document how they got in
www.sans.org (System Administration,Networking & Security)
www.secadministrator.com Magazine on IT security
www.secadministrator.com/articles/index.cfm?articleid=26315 Best Security Products Oct 2002
www.securityportal.com A Top News bulletin on security
www.securityfocus.com News, BugTraq, vulnerabilities, email list
www.secunia.com vulnerability database and vulnerability information
www.staysafeonline.info/ end-user awareness and best practices
www.us-cert.gov The National Cyber Alert System provides timely information about current and emerging threats and vulnerabilities
www.whitehouse.gov/pcipb/ President's Critical Infrastructure. Protection Board, September 18, 2002, Subject: A National Strategy to Secure Cyberspace
http://xforce.iss.net/library/faqs/Security questions
http://web.zdnet.com/windows/nt/security/ Many Operating Systems Technical Information

Tracking Inventory
http://camtech2000.net/Pages/SpyChaser.html Free software utilites stop unwanted stuff spy chaser
www.absolute.com Services and Software for Computer Security and Tracking
www.symbol.com a suite of mobile network protection products under the MobiusGuard
www.webdetect.com/ software system for tracing stolen computers / laptops via the internet. Reflex Data Shredder when files are dropped on it they are erased very thoroughly
www.ztrace.com/ an invisible software security application that traces the location of missing laptops

Web
www.butterflysecurity.com/ Butterfly Security's unique approach to web application security software
www.c2c.com/ C2C provides a framework to control the impact of e-mail within the Exchange/Outlook environment
www.cirt.net/code/nikto.shtml Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items
www.fakemailz.com Anonymous Email after 7 days
www.gfi.com/emailsecuritytest Test the security of your email system! Is your email system secure against email viruses and attacks?
www.intersectalliance.com/projects/index.html Security Configuration Document for NT 4, 2000, IIS, Apache , and Linux
www.instantssl.com offer FREE FULLY FUNCTIONAL trial SSL Certificates
www.mall-net.com/spamfaq.htmlSpam FAQ
www.microsoft.com/technet/security/tools/chklist/iis5cl.asp A useful checklist for Internet Information Services (IIS) 5.0
www.microsoft.com/technet/security/tools/chklist/iis4cl.asp How to removing unused script mappings, and disabling Remote Data Services(RDS) support in IIS
www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/chklist/iischk.asp A Web-based checklist form, which contains hotlinks that describe each item listed
www.owasp.org/ Open Web Application Security Project (OWASP) is an Open Source community project staffed entirely by volunteers from across the world. The project is developing software tools and knowledge based documentation that helps people secure web applications and web services.
www.pkiforum.org Advocates for the adoption of Public Key Infrastructure as a foundation to enable secure e-business transactions
www.rsasecurity.com Good source for Internet security Information
www.sanctuminc.com Application Sewcurity, Web/e-mail servers
www.securenetlabs.com They offer a full range of services for the Internet and Intranet
www.securitymetrics.com/ Internet vulnerablity test
spam.abuse.net/spamSpam Abuse
www.staysafeonline.infoGovernment securing the internet and end-user awareness
www.stratum8.comStratum8's mission is to lockdown your web-based applications, with solutions that are easy to install, quick to deploy, and customizable to your specific
www.verisign.com Securing Corporate Internets - Secure Server IDs to authenticate your sites and enable SSL encryption technology
www.washington.edu/people/dad Wall Street Journal described Dave Dittrich as a teacher and software expert at the University of Washington and an expert on Denial of Service attacks
www.webwasher.com/ filters out unwanted advertising and protects the surfer's privacy by filtering cookies, referer strings and Web bugs
Internet Assigned Port Numbers Authority (IANA) www.iana.org
It divides all public IP addresses among the Regional Internet Registries (RIRs) to distribute blocks of IP addresses.
There are four RIRs:
* Asia Pacific Network Information Centre (APNIC) for Asia and the Pacific region www.apnic.net
* American Registry for Internet Numbers (ARIN) for North America, parts of the Caribbean, and sub-equatorial Africa www.arin.net
* Latin American and Caribbean Internet Addresses Registry (LACNIC) for Latin America and parts of the Caribbean lacnic.net
* RIPE Network Coordination Centre (RIPE NCC) for Europe, the Middle East, Central Asia, and African countries above the equator www.ripe.net

Wipe and Erase
www.cezeo.com/products/disk-redactor Disk Redactor is a WIPE utility that lets you securely erase any old ( deleted ) files and prevent them from being recovered.
dban.sourceforge.net Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers
www.milincorporated.com/fie_download.html Mil Free Internet Eraser
www.softpedia.com/get/System/File-Management/JB-File-Shredder.shtml JB File Shredder is a free utility that will completely and permanently delete files of your hard drive
www.whitecanyon.com/wipedrive-erase-hard-drive.php WipeDrive, you can completely erase your computer's hard drive

Wireless
www.80211-planet.com/tutorials 802.11 Security Beyond WEP
www.airdefense.net AirDefense, the innovator and market leader in anywhere, anytime wireless security, provides acomplete suite of solutions that secure wireless networks
www.funk.com Wireless networking security vendor
www.kismetwireless.net Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
www.netstumbler.com/ lets users investigate a given WirelessLAN's security
www.warchalking.us is a movement to mobilize the geek community to decide a standard iconography for public Wi-Fi.
www.wlanparts.com/ Pasadena Networks, LLC has been in the wireless network business for over three years.


Back To Main Page Important Legal NOTICE!

Click Here To Read Important Legal NOTICE!


Updated October 10, 2007
Copyright© 2007 by Dana Shea

Copyright© All rights Reserved. No part of the contents of this site may be reproduced
or transmitted in any form or by any means without written permission.
Any questions or problem links please email