Links

• 23rd National Information Systems Security Conference
  Home page for the conference with links to old presentations, calls for papers, programs, etc.
  http://csrc.nist.gov/nissc/ - Added Nov 03, 2000

• ;login
  http://www.usenix.org/publications/login/index.html - Added Jun 17, 2003

• A Security Audit Toolbox
  A selection of tools, tips and information for security audit
  http://www.auditbox.net - Added Mar 31, 2003

• Abstract of Security Survey of Key Internet Hosts & Various Semi-Relevant Reflections
  This is a writeup on a security survey of approximately 2200 computing systems on the Internet that I did in November-December of 1996.
  http://www.fish.com/survey/ - Added Dec 10, 1999

• ACSA Information Security Bookshelf
  A collection of links to various sorts of info. sec. resources.
  http://www.acsac.org/secshelf/secshelf.html - Added Nov 17, 2004

• Anti-Virus Information Exchange Network (AVIEN)
  AVIEN and AVI-EWS are international on-line communities dedicated to a cooperative, grassroots information sharing effort to reduce the impact of malicious code (viruses, worms, Trojan Horses, Spyware) and other related vulnerabilities.
  http://www.avien.org - Added Apr 01, 2005

• Antivirus-Guide.com
  A news/portal site that posts links to security alerts hosted at various other websites.
  http://www.antivirus-guide.com - Added Apr 01, 2005

• Audit and e-Security Checklists for LAN/Network, Firewalls, etc
  Audit and security review checklists for: firewalls, LAN/networks, internet... essentially for the e-commerce security infrastructure.
  http://www.e-security-e-commerce-security.com - Added Nov 21, 2001

• Broad Coalition Challenges CDA
  A coalition representing a broad spectrum of Internet users, publishers, content providers and access providers filed a lawsuit today (2/26/96) in a Federal Court in Philadelphia seeking to overturn the recently enacted Communications Decency Act.
  http://www.cdt.org/publications/pp_2.7.html - Added Dec 10, 1999

• BS25999 BCM
  Website dedicated to BS25999, the emerging standard for business continuity (formerly known as PAS56).
  http://www.pas56.com - Added Jul 04, 2006

• BS7799 and ISO 17799 Open Guide
  A public collaberation to document and support the BS7799 and ISO 17799 information security standards.
  http://iso-17799.safemode.org - Added Feb 19, 2005

• Center for High Assurance Computer Systems Publications
  Pulications about High Assurance Computer Systems sorted by the year.
  http://chacs.nrl.navy.mil/publications/CHACS/index.html - Added Dec 10, 1999

• COBIT User Group
  User group and information portal dedicated to the CobIT security standard.
  http://www.controlit.org - Added Nov 05, 2004

• Cold War Spies and Espionage
  U.S. Army's Signal Intelligence Service, a forerunner of NSA, began a secret program, later codenamed VENONA, to exploit, encrypted Soviet diplomatic communications collected since 1939
  http://history.acusd.edu/gen/20th/coldwarspies.html - Added Jun 25, 2001

• Compliance with BS 7799
  How to check and manage compliance against the BS 7799 Security Standard.
  http://www.ca-systems.zetnet.co.uk/bs7799/ - Added Jun 15, 2000

• Computer Virus Myths
  A nice page that contains a lot of information over different types of viruses and the myths about them.
  http://www.Vmyths.com/ - Added Jun 18, 2003

• Correlation Possibilities of the Bluetooth Combiner
  In its intended usage the lengths of the key stream sequences produced by the Bluetooth stream cipher are strictly limited...
  http://www.hut.fi/~mhermeli/julkaisut/icisc99s.ps.gz - Added Sep 28, 2000

• Crime Resources
  crime related news, books and web resources
  http://www.qozi.com/crime/ - Added May 30, 2003

• Data Fellows Virus Information Center
  A large database which allows you to do a database search, choose your virus by the first letter of the name, or other miscellaneous tasks to obtain information about a virus.
  http://www.datafellows.com/virus-info/ - Added Jun 18, 2003

• Data Recovery
  Complete tips and tricks and wealth of information to know how to recover and restore data from data disater situation. FREE tools available.
  http://www.datarecoveryi.com - Added Sep 30, 2006

• Department of Defense's Defence Security Service 1975-1999
  Since its first publication in 1985, Recent Espionage Cases has offered the security educator easy-to-find factual information about cases for use in briefings, newsletters, and other
  http://www.dss.mil/training/espionage/ - Added Jun 25, 2001

• Disaster Recovery Community Forum
  An interactive forum of information and background to assist those with responsibility for disaster recovery planning.
  http://www.disasterrecoveryforum.com/ - Added Aug 19, 2003

• Disaster Recovery Shop - Disaster Recovery Plan and Audit Resources
  Disaster Recovery Plan and Audit Resources - how to build and maintain a living disaster recovery plan with minimum fuss.
  http://www.disaster-recovery-plan.com - Added Oct 05, 2001

• Final Report NSF-LAMP Project
  A report on identifying where technology logging and monitoring for increased security end and violations of personal privacy and student records begin.
  http://www.aacrao.org/publications/catalog/NSF-LAMP.pdf - Added Jan 14, 2002

• Firewalls: Friend or Foe?
  Network firewalls are important security tools, but they have significant disadvantages, and their effectiveness is often overstated. This is especially true of enterprise border firewalls, which attempt to create a moat around an entire organization. Border firewall capability is essential for dealing with cyberattack emergencies, but used routinely, it tends to be autocratic and inflexible, thereby encouraging various kinds of subversion, and it can encourage sloppy security practices within the border.
  http://staff.washington.edu/gray/papers/fff-final.htm - Added Jan 10, 2003

• FIRST Archive of Security Papers
  This is a large collection of papers about various different computer security issues. Many of the files in this archive are in postscript form. This document How's does one view files with the extension ps? explains how to located a postscript vie
  http://www.alw.nih.gov/Security/first-papers.html - Added Dec 10, 1999

• HoaxBusters
  A report on Internet Hoaxes such as PKZ300, Irina, and others.
  http://HoaxBusters.ciac.org/ - Added Jun 18, 2003

• Information Security Information and News
  News and information for protecting from trojans, viruses and other malicious software.
  http://anti-trojan.compiac.net/ - Added Dec 18, 2005

• Information Security Policies & Computer Security Policy Directory
  The directory of information security policies and computer security policy resources
  http://www.information-security-policies-and-standards.com - Added May 14, 2001

• Interactive Security Manual
  A PC based interactive manual for the security professional. Contains details of recommended processes across the full array of security issues.
  http://www.security-manual.com - Added May 29, 2003

• Interview with Phil Zimmermann
  The following is a full transcript of a radio show broadcast on radio station WALE. The views expressed are solely those of Russell D. Hoffman and Phil Zimmermann (creator of PGP) and do not necessarily reflect anyone else's point of view.
  http://www.animatedsoftware.com/hightech/philspgp.htm - Added Dec 10, 1999

• IPng Specifications
  Current Specifications for using IP
  http://playground.sun.com/pub/ipng/html/specs/specifications... - Added Dec 10, 1999

• ISO 17799 & ISO 27001 Security News
  Established portal and resource directory dedicated to the ISO 17799 and ISO 27001 security standards.
  http://www.computersecuritynow.com - Added Jun 24, 2006

• ISO 17799 Central
  Information, background and resources for the ISO 17799 computer security policies.
  http://www.17799central.com - Added Aug 10, 2004

• ISO IEC 17799 Information Security in Plain English
  ISO IEC 17799 2005 is an information security management standard. Use our resource to understand ISO IEC 17799 2005, to establish an information security management system (ISMS) for your organization, and to audit its performance.
  http://www.praxiom.com/iso-home.htm - Added Mar 04, 2007

• ISO IEC 27001 Information Security in Plain English
  ISO IEC 27001 is an information security management standard. Use our plain English resource to help you establish and certify your information security management system (ISMS).
  http://www.praxiom.com/27001.htm - Added Apr 04, 2007

• Navy Handbook for the Computer Security Certification of Trusted Systems
  This page is part of the web for the Center for High Assurance Computing Systems.
  http://chacs.nrl.navy.mil/publications/handbook/index.html - Added Dec 10, 1999

• Navy Publicatioins
  Links to various publications by the Navy
  http://chacs.nrl.navy.mil/publications/ - Added Dec 10, 1999

• NIST Computer Security Publications
  These publications present the results of NIST studies, investigations, and research on information technology security issues.
  http://csrc.ncsl.nist.gov/publications/ - Added Mar 28, 2001

• NIST Computer Security Special Publications
  A list of NIST publications in downloadable format.
  http://csrc.nist.gov/publications/nistpubs/index.html - Added Feb 18, 2002

• NoticeBored - information security awareness service
  NoticeBored delivers creative multi-media materials for use in information security awareness campaigns. New materials are provided every month for end users, general managers and information security managers. NoticeBored campaigns are guaranteed effective.
  http://www.noticebored.com/ - Added Jun 02, 2003

• Open Source Security Standards
  A suite of free to use open information security standards published by Little cat Z Ltd under a liberal open source license. Participation is invited from all interested parties and it is our aim to deliver all the professional security standards anyone could want, free of charge with open document source.
  http://www.littlecatZ.com/standards/ - Added May 02, 2003

• PCASSO: Applying and Extending State-of-the-Art Security in
  This award is based on both the written paper and an oral presentation by an author attending the Thirteenth Annual Computer Security Applications Conference
  http://www.acsac.org/1997/bestpaper.html - Added Dec 10, 1999

• Presidential Briefing, February 15
  Notes from the White House Meeting on Internet Security with Members of the Internet Community, President Clinton and Members of the Cabinet
  http://www.sans.org/pres.htm - Added Sep 28, 2000

• RFC 1948: Defending Against Sequence Number Attacks
  While ubiquitous crypgraphic authentication is the right answer, we propose a simple modification to TCP implementations that should be a very substantial block to the current wave of attacks.
  http://rfc.sunsite.dk/rfc/rfc1948.html - Added Dec 10, 1999

• Ronald L. Rivest's Cryptography and Security
  This page contains pointers to other web pages dealing with cryptography and security.
  http://theory.lcs.mit.edu/~rivest/crypto-security.html - Added Dec 10, 1999

• RootPrompt.org -- Nothing but Unix
  News and Information for Unix Sysadmins
  http://rootprompt.org/ - Added Feb 09, 2001

• RUsecure Information Security Policies
  How to obtain and deploy the RUsecure information security policies. Downloadable trial version available.
  http://www.information-security-policies.com - Added Aug 05, 2001

• Search for Security Sites
  The only search engine dedicated to security sites.
  http://Astalavista.box.sk/ - Added Oct 24, 2000

• Secure Internet Programming
  A web page put together by Edward Felton and Andrew Appel at Princeton University about problems they are or have been studying in computer security.
  http://www.cs.princeton.edu/sip/ - Added Dec 10, 1999

• Securely Speaking
  Communication and information sharing are our best defense against the onslaught of people attempting to breach our networks. The information found here is for raising awareness and sharing information about network security and related issues. Secu
  http://www.SecurelySpeaking.com - Added Dec 01, 2002

• Security Engine
  A place for people to read and submit articles, white papers, and book reviews relating to the topic of Security.
  http://www.security.the-engine.org - Added Jul 20, 2005

• Security Problems in the TCP/IP Protocol Suite
  A PostScript file containing info about some Security problems in the TCP/IP Protocol Suite.
  http://www.research.att.com/~smb/papers/ipext.pdf - Added Dec 10, 1999

• Security Risks in key recovery
  Written testimony for the Senate Judiciary Committee hearing originally scheduled for 25 June 1997, but postponed until 9 July 1997. Oral testimony will also be available in the final printed Senate hearing proceedings.
  http://www.csl.sri.com/users/neumann/judiciary.html - Added Dec 10, 1999

• SecurityStats.Com
  Computer Security Statistics, News, Stories, and Related Links
  http://www.securitystats.com/ - Added Jun 25, 2000

• Spectre Press
  Welcome to our 2000 Catalog! We specialize in the fields of Electronic Warfare, Hacking, Nuclear Devices, Phreaking, Energy, Spy Weaponry , Virii, Banking and Personal Defense.
  http://www.spectre-press.com/ - Added Dec 10, 1999

• Sys Admin
  http://www.samag.com/ - Added Jun 17, 2003

• Technical Analysis by the UC Berkeley Firewall Task Force
  A comprehensive security solution includes policy, authentication, access control, end-to-end encryption and intrusion detection among others. Good host security or system hardening (removing unneeded services, applying patches) is always required. Following the strategy of defense-in-depth, whereby multiple barriers are placed between attackers and system, firewalls can be a valuable tool. Further, their use is sometimes mandated by law or policy protecting student or medical records for example.
  http://fwtf.berkeley.edu/fwtf_report/Technical.htm - Added Jan 10, 2003

• The FBI's FOI listing of declassified espionage cases
  http://foia.fbi.gov/spies.htm - Added Jun 25, 2001

• The Information Security Glossary
  This free online resource explains all the jargon and terminology associated with information security in the form of a glossary.
  http://www.yourwindow.to/information-security/ - Added Jun 16, 2001

• The Information Security Search Directory and Engine
  The information security search directory and engine is a generic search resource... primarily focused upon information security services and needs.
  http://www.the-search-directory.com - Added Jul 26, 2001

• The Internet Developer / Technology Group
  The Internet Developer / Technology Group promotes discussion of relevant technologies and issues affecting the usefulness of the internet such as: appropriate personal privacy enhancements, information location technologies, developing devices
  http://www.inetdevgrp.org/ - Added Nov 02, 2000

• The ISO 17799 Directory
  For ISO 17799 related information, background, resources and software
  http://www.iso-17799.com - Added Sep 02, 2001

• The ISO 17799 Toolkit
  A source of the ISO 17799 security standard itself, in addition to a collection of core items designed specifically to help address its requirements.
  http://www.iso17799-made-easy.com - Added Mar 31, 2003

• The Java Security Hotlist
  A hotlist containing links to books, researchers, FAQs, papers, etc. pertaining to Java Security.
  http://www.cigital.com/javasecurity/links.html - Added Dec 10, 1999

• The Last Stage of Delirium - Research Group
  The official website of the Last Stage of Delirium Research Group
  http://lsd-pl.net/ - Added Apr 22, 2003

• The PKI page
  Comprehensive list of PKI links, esp. links to certification authorities
  http://www.pki-page.org/ - Added Jul 25, 2000

• The Revolutionaries
  Articles about "High-Tech Overachievers"
  http://www.thetech.org/revolutionaries/ - Added Dec 10, 1999

• TNO Information Security URLography
  Links to many different pages containing information on a variety of Security and Privacy related issues.
  http://www.tno.nl/instit/fel/intern/wkinfsec.html - Added Jul 09, 2000

• UC Berkeley Firewall Task Force report
  The Firewall Task Force has generated a number of specific recommendations that should lead to the successful incorporation of firewalls into UC Berkeley's overall computer security plan. The designs recommended in this report not only increase security for the protected systems but also retain effective campus-wide network management and support.
  http://fwtf.berkeley.edu/fwtf_report/ - Added Jan 10, 2003

• Venona - Soviet Espionage and The American Response 1939-1957
  http://www.odci.gov/csi/books/venona/venona.htm - Added Jun 25, 2001

• Vice Presidential Statement on export controls for commercial encryption products
  President Clinton and I are committed to promoting the growth of electronic commerce and robust, secure communications worldwide while protecting the public safety and national security.
  http://www.epic.org/crypto/key_escrow/clipper4_statement.htm... - Added Dec 10, 1999

• Viruslist.com
  Information about viruses, hackers and spam.
  http://www.viruslist.com/ - Added Apr 01, 2005

• Windows 2000 magazine
  Provides articles on help issues and a variety of other issues dealing with Windows 2000.
  http://www.winntmag.com/ - Added Dec 10, 1999