system security and computer security
CompInfo - The Computer Information Center
The top one-stop reference resource for corporate IT, computers and communications
Millions of IT users world-wide rely on our Web-based support resources
Tell your colleagues and friends, and bookmark us at http://www.compinfo-center.com/
Computer
Magazines
Computer
Books
Computer
Events
CompInfo I.T.
Directories
Site
Search
Highlight
Your Company
Downloads, Drivers
and Reviews
Computer
News
Keep Informed -
Add Your Interests
MCSE Certification
Resources
IT Study
Resources

System Security and Computer Security - Outline
Topic Outline - KnowledgeBases - Newsgroups and FAQs - Magazines and Ezines - White Papers - Organizations and User Groups - News - Events - Related Topics - Books - Key Manufacturers - Where to Buy - Key Solutions Providers - Where to get Help - Key Service Providers - Key Training Providers
 
System Security and Computer Security - Knowledge Bases
  • Ajax
    • US & International Government Military, Intelligence & Law Enforcement Agency Access
  • bsy's Security Related Net-pointers (Bennet Yee)
  • BugNet
    • Since 1994, BugNet has delivered leading-edge information on PC software bugs, alerting readers to glitches, analyzing software trends, and compiling the industry's most comprehensive database of computer bug fixes.
  • CIAC Security Web Site
    • The CIAC Website provides an extensive, comprehensive resource for diverse computer security issues. These resources are presented in various forms and topics and are available to the public as well as the DOE (Department of Energy) community.
  • COAST Hotlist: Computer Security, Law and provacy (Purdue University)
    • COAST-- Computer Operations, Audit, and Security Technology -- is a multiple project, multiple investigator laboratory in computer security research in the Computer Sciences Department at Purdue University. It functions with close ties to researchers and engineers in major companies and government agencies.
  • Computer Crime Problems Research Center.
    • A Ukraine based resource
  • Computer Crimes, Laws and Related Information (City University of Hong Kong)
    • An extensive collection of references
  • Computer Emergency Response Team
    • "The CERT Coordination Center is part of the Survivable Systems Initiative at the Software Engineering Institute, a federally funded research and development center at Carnegie Mellon University. We were started by DARPA (the Defense Applied Research Projects Agency, part of the U.S. Department of Defense) in December 1988 after the Morris Worm incident crippled approximately 10% of all computers connected to the Internet. Originally, our work was almost exclusively incident response. Since then, we have worked to help start other incident response teams, coordinate the efforts of teams when responding to large-scale incidents, provide training to incident response professionals, and research the causes of security vulnerabilities, prevention of vulnerabilities, system security improvement, and survivability of large-scale networks"
  • Computer Security (Wayne Summers)
    • Computer Security should be a major concern of all those using computers today. This list includes many of the best sites on the Internet concerning computer security, computer crime and computer viruses.
  • Computer Security FAQs
  • The Computer Security Institute
  • Computer Security News Daily - Latest Stories
  • Computer Security Resource Clearinghouse (NIST)
    • The Computer Security Resource Clearinghouse (CSRC) is designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems. A primary goal of the CSRC is to raise awareness of all computer systems users -- from novice to expert -- about computer security. This is perhaps the most important way of improving information systems security.
  • Distributed Attack Tools - understanding them and defending against them (Packet Storm)
    • "Packet Storm is the largest Internet security tools database in the world. We provide intelligence ranging from security tools to system defense and assessment information. Understanding that there is no way we can begin to design and develop stronger systems and defenses unless we know what vulnerabilities exist, Packet Storm follows a strict policy of full-disclosure, publishing all pertinent information that we receive on security related materials."
  • Electronic Commerce, Smart Cards and Security Resources (S. Prasad)
  • Encryption and Security-related Resources (Peter Gutmann)
    • A very extensive collection of resources
  • Firewall Industry Guide (ICSA)
    • Originally, the term firewall referred to a construction technique designed to prevent the spread of fire from one room to another, which is obviously not what the Firewall Industry Guide is about! We are talking about Internetwork firewalls, also called Internet firewalls. The term network firewall is typically defined as a system or group of systems that enforces an access-control policy between two networks. It may also be defined as a mechanism used to protect a trusted network from an untrusted network [Kurtz]. Firewalls have become a security "must have" now that so many organizations are connecting their internal networks to external networks such as the Internet
  • Firewalls FAQ
  • Forum On Risks To The Public In Computers And Related Systems
  • HACKER WHACKER Security Sites (Wallyware, Inc.)
    • List of sites that contain the most up-to-date, and useful news and information
  • ICSA Certified Firewall Products
    • Established in 1989 as an independent corporation, ICSA has successfully led the security industry in the development of high quality security products through product certification programs and in establishing better security practices through management of multiple security-focused consortia
  • ICSA Information Library - White Papers
  • Information Security Policies & Computer Security Policies Directory (The Information Security Policies & Standards Group)
    • "Information security policies underpin the security and well being of information resources.. they are the foundation, the bottom line, of information security within an organization. "
  • Information Security Resources/Links (ISSA)
    • An extensive range of links, covering security tools, virus information, security alerts, security resources and security list servers, as well as links to disaster information
  • Information Security Search Engine
  • Information Technology Security - links to resources
    • The Communications Security Establishment (CSE) is a federal government lead agency that delivers Information Technology Security (ITS) solutions to the government of Canada.
  • Intelligent Agents, Information System Security, Information Warfare, and Other Related Sources (Michael Bowman)
  • International Computer Security Association (ICSA)
    • ICSA is known worldwide as the objective source for security assurance services. Established in 1989 as an independent corporation, ICSA has successfully led the security industry in the development of high quality security products through product certification programs and in establishing better security practices through management of multiple security-focused consortia.
  • Internet and System Security (Dave Dittrich)
    • An extensive collection of resources
  • Internet Explorer Security Center (Scott Schnoll)
    • The purpose of this web site is to disseminate information regarding the security issues pertaining to Microsoft® Internet Explorer. This web site is UNOFFICIAL and in NO WAY sanctioned or authorized by Microsoft Corp.
  • ISS' X-Force Threat and Vulnerability Database
    • ISS' X-Force Team continually updates this security repository with the latest network attack and vulnerability information.
  • IT Security Cookbook (Sean Boran)
    • This book is intended as a 'self help' guide to computer & network security, primarily for security managers, programmers and system administrators.
  • ITtoolbox Security
  • Java Security: Frequently Asked Questions (Princeton Secure Internet Programming Team)
    • Nothing in life is completely secure; Java is no exception. Several specific security problems have been discovered and fixed since Java was first released. If you're using an up-to-date Web browser, you are usually safe against the known attacks. However, nobody is safe against attacks that haven't been discovered yet. There are two classes of security problems: nuisances and security breaches. A nuisance attack merely prevents you from getting your work done - for example it may cause your computer to crash. Security breaches are more serious: your files could be deleted, your private data could be read, or a virus could infect your machine.
  • Microsoft ISA Server Firewall and Cache resource site
  • Microsoft Security Advisor Program
  • NIST Computer Security Resource Clearinghouse
    • The Computer Security Resource Clearinghouse (CSRC) is designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems.
  • NTBugtraq! (Russ Cooper )
    • NTBugtraq is a mailing list for the discussion of security exploits and security bugs in Windows NT and its related applications.
  • Other Sources of Security Information (CERT)
    • Sources of security information, tools, discussion groups, incident response help, and more
  • searchSecurity.com (TechTarget.com)
    • Security Specific Search Engine
  • Secure Internet Programming (Princeton University, Department of Computer Science)
    • "We study problems in computer security, especially mobile code systems such as Java, ActiveX, and JavaScript. We try to understand how security breaks down, and to develop technology to address the underlying causes of security problems."
  • SecureZone (En Garde Systems)
    • "Here you will find over a thousand links, which, along with our custom preferences function, will help you locate the security information you need."
  • Security (ZDNet's Devhead)
  • Security and Encryption-related Resources and Links (Peter Gutmann)
    • Covers Crypto Link Farms, Crypto Archives, Crypto Social Issues, Crypto Software, Anonymity and Privacy, Random Numbers, Public Key Infrastructure (PKI), Security Agencies and Organizations, Security Books and Publications, Security People, Security Problems, Access Control, ata Encryption, Interception and Monitoring, Investigative Tools, Smart Cards, Security Standards, Laws, and Guidelines
  • Security FAQs (Internet Security Systems, Inc.)
    • Includes FAQs on Securing a Network, Compromise, File Sharing, Windows NT, Security Patches and Network Packet Capture
  • Security Glossary (Charlie Kaufman, Radia Perlman, and Mike Speciner)
  • Security in agent-based systems (Massively Distributed Systems Group, IBM)
    • Agent-based systems require new thinking, to avoid both security holes and unexpected global effects. When agent-based systems are combined with electronic commerce, the need for all aspects of security is particularly strong.
  • Security in Computer Networks (Michael Waidner )
    • SIRENE (from the German, SIcherheit in REchnerNEtzen) is a loosely collaborating group of researchers from different organizations. We share an interest in security and privacy. In particular, we work on multi-party security (also called multi-lateral), i.e., security without global trust, and where everybody can be held responsible for their actions. This even works in combination with privacy.
  • Security Information Management Online Network - SIMON
  • Security Issues in Embedded Networking (Mark Eichin)
    • As embedded systems have become more advanced, the tools for working with them have also improved. Often the easiest way to debug an embedded device is to hook it up to a local network, and then interrogate the device using remote debugging tools, often on a workstation of some kind. Many devices continue to use a network in production, for reporting data or further diagnostics. These so-called "local" networks are often far more widespread -- that is, after all, part of their convenience. This convenience can introduce a number of risks, due to unauthorized access to networked equipment.
  • Security Mailing Lists FAQ (Internet Security Systems, Inc.)
    • mailing lists include Alert, Intrusion Detection System, Network Security Assessment, and NT Security
  • Security News links (SSE)
    • Here are links to over 60 of the best Security News sites, many of which are updated daily
  • Security Portal - Computer Network Telecommunications Physical Security Information Systems @ Algonquin College (InfoSysSec, Inc.)
    • "This Web Site contains over 10,000 Security Articles, Information and Downloads for Information System Security Professionals"
  • Security Professionals' sites Links to physical security information
  • Security Related Links (Secure Electronic Marketplace for Europe) (Michael Waidner)
    • SEMPER is a European R&D project in the area of secure electronic commerce over open networks, especially the Internet. It is executed by an interdisciplinary consortium, combining experts from social sciences, finance, retail, publishing, IT and telecommunications, and has established liaisons with several related efforts. SEMPER is part of the European Commission's ACTS Programme (Advanced Communications Technologies and Services), executing Task 503. Funding is provided by the partner organisations, the European Union and the Swiss Federal Department for Education and Science.
  • Security Research Center (SecurityPortal.com)
  • Security Resource Center (ZDNet)
    • Articles, tips, white papers, etc.
  • Security Risk Analysis Directory
  • Security Space (E-Soft Inc)
    • SecuritySpace.com is a web security portal, providing internet security related news, resources, tools and services
  • Security World Wide Web (WWW) Sites (Center for Information Technology, National Institutes of Health, Bethesda, MD)
  • Security: Frequently Asked Questions (FAQ) (Center for Information Technology, National Institutes of Health, Bethesda, MD)
  • SecurityFocus.com
    • Home of BugTraq
  • SESAME (A Secure European System for Applications in a Multi-vendor Environment ) (Joris Claessens, Mark Vandenwauver and Paul Ashley)
    • SESAME (a Secure European System for Applications in a Multi-vendor Environment) is a European research and development project, part funded by the European Commission under its RACE programme. It is also the name of the technology that came out of that project. The SESAME technology offers sophisticated single sign-on with added distributed access control features and cryptographic protection of interchanged data. SESAME is a construction kit. It is a set of security infrastructure components for product developers. It provides the underlying bedrock upon which full managed single sign-on products can be built. Examples of such products are ICL's Access Manager and Bull SA's Integrated System Management AccessMaster (ISM AccessMaster). Siemens (Software & Systems Engineering Ltd) is also using SESAME technology to improve its secure X.400 mail product set.
  • Six Steps Towards Better Security (AppGate)
  • TECS: The Encyclopaedia of Computer Security (Townsend & Taphouse)
    • "TECS is a free security resource for anybody interested in IT security. It is all things security to all security people."
  • Terms and definitions - Security (PC Webopedia)
    • See this page for definition of these terms: access, access code, access control, audit trail, authentication, authorization, bastion host, biometrics, Certificate Authority, challenge-response, CHAP, Clipper chip, COLD, crack, data integrity, data vaulting, digital certificate, digital envelope, digital signature, DMZ, dongle, DoS attack, firewall, hack, hacker, IMEI, IP spoofing, IPsec, Kerberos, MD5, message digest, NAT, OPS, P3P, packet filtering, PAP, password, phreaking, PKI, Pretty Good Privacy, RBL, S-HTTP, S/MIME, secure server, security, SET, smart card, smurf, sniffer, SOCKS, spoof, SSH, SSL, steganography, token, Trojan horse, username, virus, X.509
  • Tom Dunigan's Security page (Tom Dunigan)
    • This page points to resources covering PGP, one-time passwords, kerberos, Crypto API's, random numbers, secure applications, intrusion detection, vulnerabilities, Java and WWW, UNIX security, and NT security
  • Trusted Computing Platform Alliance (TCPA)
    • The Trusted Computing Platform Alliance, or TCPA, was formed by Compaq, HP, IBM, Intel and Microsoft. All five companies have been individually working on improving the trust available within the PC for years. These companies came to an important conclusion: the level, or "amount", of trust they were able to deliver to their customers, and upon which a great deal of the information revolution depended, needed to be increased and security solutions for PC's needed to be easy to deploy, use and manage. An open alliance was formed to work on creating a new computing platform for the next century that will provide for improved trust in the PC platform.
  • Understanding Malicious Content Mitigation For Web Developers (CERT® Coordination Center)
    • "CERT Advisory CA-2000-02 describes a problem with malicious tags embedded in client HTTP requests, discusses the impact of malicious scripts, and offers ways to prevent the insertion of malicious tags."
  • Unix Computer Security (UnixTools.com)
  • Unix Security Page (Matthew Deter)
  • Viruses, Worms and Security Holes (Computerworld)
  • W3C Security Resources (w3.org)
    • Web security is a complex topic, encompassing computer system security, network security, authentication services, message validation, personal privacy issues, and cryptography. This page contains links to various aspects of Web and Internet security.
  • Web Security Center (Symantec)
    • Internet Security is an important topic these days. The Symantec Security Center staff believes that it is important for all Internet users to understand a little bit about the risks of using the Internet, and to learn some basic steps they can take to protect themselves online. Security threats come and go every day, some stay longer than others. Most people don't worry about security because they think that the makers of Internet browser software will take care of everything. However, browsers cannot do everything to keep you and your data safe.
  • Web Security Links (Web Developer)
  • Web site for the Security Community (I.T. Works bvba)
  • Windows 2000 Security
    • News, information and products for Network Security and Windows 2000.
  • Windows Security News (Duke Communications International Inc.)
  • The World Wide Web Virtual Library: Safety-Critical Systems (Oxford University)
    • This document contains pointers to information on Safety-Critical Systems, where human lives may be at risk, especially involving software and computers, available around the world on the World Wide Web
  • The WWW Security FAQ
    • It's a maxim in system security circles that buggy software opens up security holes. It's a maxim in software development circles that large, complex programs contain bugs. Unfortunately, Web servers are large, complex programs that can (and in some cases have been proven to) contain security holes. Furthermore, the open architecture of Web servers allows arbitrary CGI scripts to be executed on the server's side of the connection in response to remote requests. Any CGI script installed at your site may contain bugs, and every such bug is a potential security hole.
  • www.incidents.org (SANS Institute)
    • Incidents.org is about community and industry collaboration on security related matters. The results of this collaboration take the form of practical technologies, tools, and processes that can be used by the entire Internet community to 1) detect the threat 2) protect their resources, and 3) react to security incidents and new threats.
  • SEE also Related Topics
..........Back to Top
 
System Security and Computer Security - Newsgroups and FAQs
..........Back to Top
 
System Security and Computer Security - Magazines and Ezines
..........Back to Top
 
System Security and Computer Security - White Papers
..........Back to Top
 
System Security and Computer Security - Organizations and User Groups
..........Back to Top
 
System Security and Computer Security - News
..........Back to Top
 
System Security and Computer Security - Events
..........Back to Top
 
System Security and Computer Security - Related Topics
Anti-Virus Software - Asset Tracking & Recovery - Back-up - Biometrics - Cryptography - Data Recovery - Data Protection - E-mail content security software - Encryption - Firewalls - Hackers and Anti-Hacking - Identity Verification - Information Warfare - Internet Security - Intrusion Detection - Network Security - PGP - Public Key Infrastructure (PKI) - Systems and Computer Security - Technical Surveillance Countermeasures - Virtual Private Network (VPN) - WebSite Security
..........Back to Top
 
System Security and Computer Security - Books
..........Back to Top
 
System Security and Computer Security - Key Manufacturers
If your company offers Products applicable to this Topic, and you wish to reach the hundreds of thousands of IT users who benefit from these pages each month, please contact us
..........Back to Top
 
System Security and Computer Security - Key Solutions Providers
If your company offers Products and/or Services applicable to this Topic, and you wish to reach the hundreds of thousands of IT users who benefit from these pages each month, please contact us
..........Back to Top
 
System Security and Computer Security - Key Service Providers
If your company offers Services applicable to this Topic, and you wish to reach the hundreds of thousands of IT users who benefit from these pages each month, please contact us
..........Back to Top
 
System Security and Computer Security - Key Training Providers
If your company offers Training Services applicable to this Topic, and you wish to reach the hundreds of thousands of IT users who benefit from these pages each month, please contact us
..........Back to Top
 

©Copyright The Computer Information Center 1995 - 2002
Disclaimer

The Computer Information Center provides information in good faith, but does not provide any warranties whatsoever, nor assume any legal liability or responsibility whatsoever, for the accuracy, completeness or usefulness of any of the information supplied. It is not in any way responsible, and has no legal liability, in respect of the contents of any other site referenced from this site, nor for information provided through that site. The ownership of all trademarks, etc. referred to on this site is acknowledged