Links

• A Distributed Authorization Model for WWW
  The capability-based authorization model simplifies the security administration of clients as only the authorization server needs to know its clients.
  http://www.isoc.org/HMP/PAPER/107/abst.html - Added Dec 10, 1999

• ActiveX Security Settings
  Information on changing your browser security level to allow ActiveX Scripts and also gives and example "scary ActiveX Demo"
  http://www.ppdonline.com/demos/changesecurity.htm - Added Apr 05, 2001

• An Analysis Of Security Incidents On The Internet
  This research analyzed trends in Internet security through an investigation of 4,299 security-related incidents on the Internet reported to the CERT
  http://www.cert.org/research/JHThesis/Start.html - Added Dec 10, 1999

• AntiCode: AntiOnline's Software Archive
  AntiCode is part of the AntiOnline Network of Security Related Sites. It contains an archive of code.
  http://anticode.antionline.com/download.php - Added Feb 19, 2001

• Bangkok Robot Security Guard
  An armed robot as a security guard. The robot is armed with a pistol that \\"can be programmed to shoot automatically or wait for a fire order delivered witha password from anywhere through the internet.\\" I hope the password is very secret.
  http://catless.ncl.ac.uk/Risks/21.02.html#subj8 - Added Sep 26, 2000

• Blue Kestrel Internet Security
  The site was initially pitched at newcomers to internet security - people who were new to the internet and were scared of the hype surrounding hackers. There is a tutorial section covering most topics of security and privacy. These tutorials were
  http://www.bluekestrel.com/ - Added Feb 19, 2001

• Breaking SSL
  A site about breaking SSL
  http://pauillac.inria.fr/~doligez/ssl/ - Added Dec 10, 1999

• Browser Crasher
  A site that crashes your browser?
  http://www.waste.org/~oxymoron/crash/ - Added Dec 10, 1999

• CommerceNet
  CommerceNet brings together leading business, government, technology, and academic minds into one community to focus on the advancement of eCommerce worldwide.
  http://www.commerce.net/ - Added Apr 02, 2001

• Computer Security Resource Center
  CSRC is a repository of information on Computer Security and is maintained by NIST
  http://csrc.nist.gov/ - Added Aug 16, 2000

• computer-monitoring.com
  Internet & computer monitoring spy software that secretly records all activities on any computer including emails, websites, IMs, chats, logins, passwords, keystrokes, and more... Find out what your children, spouse, employees, etc. are doing while
  http://www.computer-monitoring.com/ - Added Jan 08, 2001

• Content Security
  http://www.content-security.com/ - Added Dec 10, 1999

• Cyber-Extortion: When Data is Held Hostage
  Here is an issue facing more and more e-businesses--malicious hackers who demand a payoff to keep their security breaches secret.
  http://www.businessweek.com/bwdaily/dnflash/aug2000/nf200008... - Added Sep 26, 2000

• Cyber-Security Called Dismal
  Vital national interests are increasingly vulnerable to computer attack by hackers and cyber-terrorists, a House panel warned yesterday as it gave federal departments and agencies a dismal average D-minus grade for poor computer security.
  http://www.washingtonpost.com/ac2/wp-dyn?pagename=article&am... - Added Sep 26, 2000

• Cyberguard
  Cyberguard
  http://www.cyberguard.com - Added Feb 05, 2003

• Cypherpunks "brute" key cracking ring
  A page with some links to some online "challenges" for key cracking.
  http://www.brute.cl.cam.ac.uk/brute/ - Added Dec 10, 1999

• DCE Homepage
  http://www.opengroup.org/tech/dce/ - Added Dec 10, 1999

• Digital Watermarks: New Tools for Copyright Owners and Webmasters
  New technology providing authors with valuable weapons in their battle to enforce the law in the on-line world and protect their copy-rights.
  http://www.webreference.com/content/watermarks/ - Added Dec 10, 1999

• Directory of Information Security White Papers
  Organized and Categorized directory of InfoSec White Papers, no registration or account creation needed.
  http://www.securestandard.com/ - Added Dec 31, 2003

• DNSSEC Resources
  Diane Davidowicz\'s Computer Security 101
  http://www.geocities.com/compsec101/index.html - Added Apr 03, 2000

• Exploiting sendmail!
  A link to a URL that attempts to gain root access at your sendmail SMTP using an old, well-known security hole.
  http://www.cs.berkeley.edu/~daw/security/js1.html - Added Dec 10, 1999

• FalseSecurity.net - Information and discussion of Network Security issues.
  Articles and discussion forum to provide information and practical strategies on network or PC firewall security; virus prevention, detection and removal; OS and product vulnerability alerts and tactics; and convenient links to other sites that offer related and useful information.
  http://www.falsesecurity.net - Added Sep 08, 2003

• Fortify for Netscape (128 bit encryption)
  A program that provides world-wide, unconditional, full-strength 128-bit cryptography to users of Netscape Navigator (v3 and v4) and Communicator (v4).
  http://www.fortify.net/ - Added Dec 10, 1999

• GenuineDoc
  GenuineDoc enables you to digitally sign and timestamp your online documents, such as press releases, reports, terms, etc, and assure your customers that these documents are genuine, i.e. that they were indeed authored by you, existed on a specified date, and were not altered since.
  http://www.genuinedoc.com - Added Mar 22, 2003

• Glitch at Amazon.com exposes Associates e-mail addresses
  An apparent glitch in Amazon.com Inc. computer system has released the e-mail addresses of some Amazon customers to another customer who participates in the company As
  http://computerworld.com/cwi/story/0,1199,NAV47_STO49648,00.... - Added Sep 26, 2000

• Hideaway.Net
  A comprehensive Internet security portal featuring the latest news, alerts, software, tutorials, and original content for computer security, virus protection, and privacy online. Also offers free encrypted e-mail and a commercial security analysis
  http://www.hideaway.net/index.html - Added Jun 20, 2000

• How to Spot a Fake Press Release
  An article that points out red flags to fake press releases.
  http://www.satirewire.com/features/fake_press_release.shtml - Added Nov 07, 2000

• ICAT Vulnerability Metabase
  ICAT is a searchable index of computer vulnerabilities. ICAT links users into a variety of publicly available vulnerability databases and patch sites, thus enabling one to find and fix the vulnerabilities existing on their systems. ICAT is not itself
  http://icat.nist.gov/icat.cfm - Added Aug 16, 2000

• IE feature can track Web surfers without warning
  People surfing the Web incognito may want to think twice before using Internet Explorer.
  http://news.com.com/2100-1023-245556.html?legacy=cnet - Added Sep 26, 2000

• Intellitactics
  Intellitactics
  http://www.intellitactics.com - Added Feb 05, 2003

• Internet Appliance Solutions
  A presentation about Open Platforms available from NEC in Web Tablet to pocket calculator sizes by Johnny Wang of NEC Corporation.
  http://www.inetdevgrp.org/20000815/index.html - Added Nov 02, 2000

• Internet Explorer Security Flaw
  A security flaw discovered in Microsoft's Internet Explorer 3.0 (August 1996).
  http://www.cs.princeton.edu/sip/news/Aug96-2.html - Added Dec 10, 1999

• Internet Explorer Security Hole Launches E-mail Attachments
  A security hole in Microsoft's Internet Explorer Web browser can cause the browser to automatically open e-mail attachments that could be used by an attacker to execute malicious code, the company has warned.
  http://techupdate.zdnet.com/techupdate/stories/main/0,14179,... - Added Apr 03, 2001

• Internet Security Association and Key Management Protocol
  Internet Security Association and Key Management Protocol distributed by MIT.
  http://web.mit.edu/network/isakmp/ - Added Dec 10, 1999

• Internet Security Systems
  ISS has focused on sophisticated Internet security solutions and has developed an entire portfolio of software and services.
  http://www.iss.net/ - Added Mar 29, 2000

• Internet Software Consortium
  The Internet Software Consortium (ISC) is a nonprofit corporation dedicated to developing and maintaining production quality Open Source reference implementations of core Internet protocols.
  http://www.isc.org/ - Added Nov 02, 2000

• ITtoolbox Security
  ITtoolbox Security offers forums for technical discussion, an integrated directory, white papers and daily news geared towards Security professionals and users of Security products. The portal also provides content, community, job postings and much
  http://security.ittoolbox.com/ - Added Jun 13, 2001

• JavaScript Problems I've Reported
  John LoVerso\'s web page about his discoveries of Javascript Problems.
  http://www.schooner.com/~loverso/javascript/ - Added Dec 10, 1999

• Key-Experiments: How PGP Deals with Manipulated Keys
  Different versions of PGP show considerably different reactions when being confronted with public keys which have been subsequently manipulated. This study helps to understand this threat, to find out experimentally how a specific version
  http://senderek.de/security/key-experiments.html - Added Sep 28, 2000

• MSN Cookie Data Crosses Domains
  When visiting this link today: http://www.linkexchange.com ... I found that the connection results in a fascinating series of events.
  http://www.pc-help.org/privacy/ms_guid.htm - Added Sep 26, 2000

• NCSA httpd/Mosaic: Using PGP/PEM auth
  An informative site of PGP/PEM encryption.
  http://hoohoo.ncsa.uiuc.edu/docs/PEMPGP.html - Added Dec 10, 1999

• NetIQ
  NetIQ
  http://www.netiq.com - Added Feb 05, 2003

• Netscape - Verisign Integration white paper
  PDF file on Verisign Integration
  http://www.verisign.com/library/nswhitepaper.pdf - Added Dec 10, 1999

• Netscape Security
  Netscapes Security page with links to current articles pertaining to security
  http://wp.netscape.com/security/index.html - Added Dec 10, 1999

• Network Gateway Security, Visibility and Control
  Network Composer for SMB allows you to easily detect spyware, filter internet content, implement bandwidth limit controls, monitor bandwidth, implement virus protection, block p2p, block im and log im, deliver true application shaping and more.
  http://www.cymphonix.com/ - Added Aug 03, 2006

• New IE 4.0 Security Hole Discovered
  An article describing an IE 4.0 security hole found in Nov. 1997.
  http://www.wired.com/news/news/technology/story/8429.html - Added Dec 10, 1999

• People for Internet Responsibility
  A global, grassroots, ad hoc network of individuals who are concerned about the current and future operations, development, management, and regulation of the Internet in responsible manners. The goal of PFIR is to help provide a resource for individu
  http://www.pfir.org/ - Added Nov 07, 2000

• Persistent Client State HTTP Cookies
  A web page with information on HTTP Cookies
  http://wp.netscape.com/newsref/std/cookie_spec.html - Added Dec 10, 1999

• PortSwigger.net - web application hack tools
  Free tools for hacking web applications.
  http://portswigger.net - Added Sep 06, 2003

• Privacy and Anonymity on the Internet
  The Onion Routing research project is building an Internet-based system that strongly resists traffic analysis, eavesdropping, and other attacks both by outsiders (e.g. Internet routers) and insiders (Onion Routers themselves).
  http://www.onion-router.net/ - Added Dec 10, 1999

• Remote conrtol of Unix netscape
  Unix Netscape using the -remote argument.
  http://wp.netscape.com/newsref/std/x-remote.html - Added Dec 10, 1999

• Safer Computing dot com
  Simple ways to keep your computer safe and secure. From viruses, to spyware to system parasites, learn the easy way on keeping your system safe.
  http://www.safercomputing.com - Added Jun 17, 2004

• Secure CGI Scripts
  Tips of writing secure CGI scripts.
  http://hoohoo.ncsa.uiuc.edu/cgi/security.html - Added Dec 10, 1999

• Secure Internet Programming
  A web page put together by Edward Felton and Andrew Appel at Princeton University about problems they are or have been studying in computer security.
  http://www.cs.princeton.edu/sip/ - Added Dec 10, 1999

• Secure Sockets Layer
  Good techical and practical information on Secure Sockets Layer (SSL)
  http://wp.netscape.com/security/techbriefs/ssl.html - Added Apr 10, 2001

• Securing Internet information servers
  An article sponsered by the government concerning Securing Internet Information Servers.
  http://ciac.llnl.gov//ciac/documents/ciac2308.html - Added Dec 10, 1999

• Security Hole in Macromedia's Shockwave
  Don't trust your Shockwave, it reports the urls that you visit directly to Macromedia by default.
  http://www.webcomics.com/shockwave/ - Added Dec 10, 1999

• Securityinfos - Italian Security Portal
  http://www.securityinfos.com - Added Jun 02, 2002

• Server Side Includes (SSI) Tutorial
  Having the server parse documents is a double edged sword. It can be costly for heavily loaded servers to perform parsing of files while sending them. Further, it can be considered a security risk to have average users executing commands
  http://hoohoo.ncsa.uiuc.edu/docs/tutorials/includes.html - Added Apr 05, 2001

• SiegeSoft
  Protect your online privacy with Siegesoft's suite of products. Great way to keep your personal business personal.
  http://www.siegesoft.com/ - Added Aug 11, 2000

• SunWorld: Forensics - Getting to the Bottom of a Security Breach
  An article in Linux Today which talks about tracking down breaches and the use of BNC and other IP-masking devices.
  http://linuxtoday.com/news_story.php3?ltsn=2000-08-06-001-04... - Added Sep 14, 2000

• Tapping, Tapping On My Network Door
  Readers of this column are familiar with the risks of illegal monitoring of Internet traffic. Less familiar, but perhaps just as serious, are the risks introduced when law enforcement taps that same traffic legally. A site about the risks of CARNIVO
  http://www.crypto.com/papers/carnivore-risks.html - Added Sep 26, 2000

• Targeted Cyber Attacks - The Dangers Faced by your Corporate Network
  This security e-book explains the real dangers posed by targeted cyber attacks and the measures organizations can adopt to secure against such threats.
  http://www.gfi.com/whitepapers/cyber-attacks.pdf - Added Jan 23, 2007

• The Crack SSL Challenge
  A site with some challenges to crack 40-Bit RC4 in Netscape's secure transactions.
  http://www.netsurf.com/nsf/v01/03/local/nscpchal.html - Added Dec 10, 1999

• The Information Security Domain of Phil Cracknell
  A great site with a lot of security information, links, libraries, help, etc.
  http://www.cracknell.co.uk/ - Added Mar 20, 2001

• The Internet Engineering Task Force
  The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet.
  http://www.ietf.cnri.reston.va.us/home.html - Added Apr 02, 2001

• The NESSUS Project
  The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner.
  http://www.nessus.org/ - Added Dec 10, 1999

• The Privacy Foundation
  Lists bugs, advisories, top privacy stories, etc.
  http://www.privacyfoundation.org/ - Added Sep 26, 2000

• The World Wide Web Consortium
  The World Wide Web Consortium (W3C) develops interoperable technologies (specifications, guidelines, software, and tools) to lead the Web to its full potential as a forum for information, commerce, communication, and collective understanding.
  http://www.w3.org/ - Added Apr 02, 2001

• The WWW Security FAQ
  An FAQ about security on the World Wide Web.
  http://www.w3.org/Security/Faq/www-security-faq.html - Added Dec 10, 1999

• TRUSTe Accused of violating its own Privacy Policy
  Security consulting firm Interhack Corp. has accused Truste of violating its own privacy policy by tracking the personal information of visitors to its Web site and shar
  http://www.computerworld.com/cwi/story/0,1199,NAV47_STO49059... - Added Sep 26, 2000

• W3C Security Resources
  This page contains links to various aspects of Web and internet security.
  http://www.w3.org/Security/Overview.html - Added Dec 10, 1999

• Web Information Guide
  List of links and resources for net surfers, authors, webmasters, and developers.
  http://www.earth.com/server/doc/web-info.html - Added Apr 05, 2001

• Web Robots
  Web Robots are programs that traverse the Web automatically. Some people call them Web Wanderers, Crawlers, or Spiders.
  http://www.robotstxt.org/wc/robots.html - Added Dec 10, 1999

• Web Robots
  This document represents a consensus on 30 June 1994 on the robots mailing list
  http://www.robotstxt.org/wc/norobots.html - Added Dec 10, 1999

• WebSense
  WebSense
  http://www.websense.com - Added Feb 05, 2003

• Williams Associates Protective Services, LLC.
  We are a full service Security Consulting and Training firm. Which offer network security and other computer related services to small and medium sized companies.
  http://www.wa-protective.com - Added Aug 10, 2001

• Windows NetBIOS Unsolicited Cache Corruption
  Remote attackers either on the local subnet or across the Internet may subvert the NetBIOS Name to IP address resolution process by redirecting any NetBIOS Name to any arbitrary IP
  http://www.pgp.com/research/covert/advisories/045.asp - Added Sep 26, 2000

• Word documents susceptible to Word Bug
  Microsoft is weathering complaints that documents created with Microsoft Word and some of its other popular desktop applications can be embedded with electronic surveillance tags allowing document authors to track their use.
  http://news.com.com/2100-1023-245160.html?legacy=cnet - Added Sep 26, 2000

• World Wide Web (in)Security
  An article talking security issues for the world wide web.
  http://www.swcp.com/~mccurley/danger/danger.html - Added Dec 10, 1999

• XP Vulnerable to DoS Attack
  Windows XP's new feature could spell doom for Internet businesses. But Wayne Rash tells you how to work around the security holes.
  http://techupdate.zdnet.com/techupdate/stories/main/0,14179,... - Added Oct 23, 2001