Computers and computer software  support - find it on CompInfo
The Computer Information Center (CompInfo)
"The definitive directory of the Business side of Computing. It's among the top ten computing-specific sites we've ever seen" - Yahoo Computing
Millions of IT users world-wide rely on our Web-based support resources
Tell your colleagues and friends, and bookmark us at http://www.compinfo-center.com/
Manufacturers Technical
Knowledge Bases
News Events Books Magazines Jobs Search Free Newsletter Add URL Add News/Events

 
Search
SEARCH CompInfo
 
Free Newsletters
Keep up-to-date with news, events, resources, and special offers. Subscribe here
 
IT Support Centers
Technical Knowledge bases
Support Desk - Drivers, Documentation, etc.
Introduction Pages to Technologies
Looking for a Job?
Download Software
Computer History, Dictionaries & Encyclopaedias
 
Information Centers
The latest News!
What's On - Computer Events
Find a Book
Technology Futures
Reviews, Evaluations and Reports
Computer Magazines
IT Publishers
 
Business Centers
Business Applications
VAR Business
IT Investors' Center
 
Computer Directories
Manufacturers
Distributors
Resellers
Solution Providers
Consultants
Trainers
Maintenance Companies
Internet Service Providers
Organizations
User Groups
 
And For Leisure ...
Non IT Sites
 
Add Your Information
Add Your Company's URL
Add News
Add Events
Promote Your Products and Services
 
Sundry
Contact Us
Privacy Policy
Feedback on site changes


System Security

Beginners, Glossary and Background | Technical Knowledge Bases | News | Events | Books | Magazines | Manufacturers | Products and Reviews | White Papers, Reports and Articles | Training Tools | Where to buy | Where to get help | Trainers | News Groups, Mail Lists and FAQs | User Groups | Trade Associations
 

Technical Knowledge Bases


| Cryptography | Encryption | Hacking | PGP | Systems Security |
Cryptography
 Crypto Link Farm (David Harris)
  Packed with links to cryptography and security sites
 Cryptography A-2-Z (SSH Communications Security)
  This page lists international sources of cryptographic software, information on cryptographic methods, algorithms, and protocols. The scope includes encryption, decryption, cryptanalysis, steganography (hiding information), cryptographic softare, tools, information, and assessments about cryptographic methods.
 Crytography Links (Bruce Schneier)
  An extensive collection of links, created and maintained by Counterpane Systems
 Digital Cryptography and Encryption Resources (CyPost Corp)
  This site includes links to digital cryptography, privacy and encryption related websites on the Internet
 International Association for Cryptologic Research
  The International Association for Cryptologic Research (IACR) is a non-profit scientific organization whose primary purpose is to further research in cryptology and related fields.
 Theory of Cryptography Library (UCSD)
  The library is intended to store works of interest to researchers interested in the theoretical aspects of Cryptography
 The World-Wide Web Virtual Library: Cryptography, PGP, and Your Privacy (Francis Litterio)
  There are two kinds of cryptosystems: symmetric and asymmetric. Symmetric cryptosystems use the same key (the secret key) to encrypt and decrypt a message, while asymmetric cryptosystems use one key (the public key) to encrypt a message and a different key (the private key) to decrypt it. Assymetric cryptosystems are also called public key cryptosystems.
Encryption
 Encryption Glossary (CyPost Corp)
 Terms and definitions - Encryption (PC Webopedia)
  See this page for definition of these terms: cipher text, Clipper chip, cryptography, decryption, DES, digital certificate, digital wallet, encryption, key, MD5, message digest, Netcheque, plain text, Pretty Good Privacy, public-key encryption, RSA, symmetric encryption, symmetric-key cryptography
Hacking
 AntiOnline - Computer Security - Hacking & Hackers
 interhack
  "Hackers build things, crackers break them"
PGP
 Introduction to PGP (Nat Queen)
  PGP (short for Pretty Good Privacy), created by Philip Zimmermann, is the de facto standard program for secure e-mail and file encryption on the Internet. Its public-key cryptography system enables people who have never met to secure transmitted messages against unauthorized reading and to add digital signatures to messages to guarantee their authenticity. Why do we need PGP? E-mail sent over the Internet is more like paper mail on a postcard than mail in a sealed envelope. It can easily be read, or even altered, by anyone with privileged access to any of the computers along the route followed by the mail. Hackers can read and/or forge e-mail. Government agencies eavesdrop on private communications.
 Seattle WebWorks PGP Links Page
Systems Security
 Ajax
  US & International Government Military, Intelligence & Law Enforcement Agency Access
 bsy's Security Related Net-pointers (Bennet Yee)
 BugNet
  Since 1994, BugNet has delivered leading-edge information on PC software bugs, alerting readers to glitches, analyzing software trends, and compiling the industry's most comprehensive database of computer bug fixes.
 CIAC Security Web Site
  The CIAC Website provides an extensive, comprehensive resource for diverse computer security issues. These resources are presented in various forms and topics and are available to the public as well as the DOE (Department of Energy) community.
 COAST Hotlist: Computer Security, Law and provacy (Purdue University)
  COAST-- Computer Operations, Audit, and Security Technology -- is a multiple project, multiple investigator laboratory in computer security research in the Computer Sciences Department at Purdue University. It functions with close ties to researchers and engineers in major companies and government agencies.
 Compinfo Directory: Anti-Virus Software
 Compinfo Directory: Systems Management
 Computer Emergency Response Team
  "The CERT Coordination Center is part of the Survivable Systems Initiative at the Software Engineering Institute, a federally funded research and development center at Carnegie Mellon University. We were started by DARPA (the Defense Applied Research Projects Agency, part of the U.S. Department of Defense) in December 1988 after the Morris Worm incident crippled approximately 10% of all computers connected to the Internet. Originally, our work was almost exclusively incident response. Since then, we have worked to help start other incident response teams, coordinate the efforts of teams when responding to large-scale incidents, provide training to incident response professionals, and research the causes of security vulnerabilities, prevention of vulnerabilities, system security improvement, and survivability of large-scale networks"
 Computer Security (Wayne Summers)
  Computer Security should be a major concern of all those using computers today. This list includes many of the best sites on the Internet concerning computer security, computer crime and computer viruses.
 Computer Security FAQs
 The Computer Security Institute
 Computer Security News Daily - Latest Stories
 Computer Security Resource Clearinghouse (NIST)
  The Computer Security Resource Clearinghouse (CSRC) is designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems. A primary goal of the CSRC is to raise awareness of all computer systems users -- from novice to expert -- about computer security. This is perhaps the most important way of improving information systems security.
 Computer Security Resources (Kroll O'Gara ISG)
  Includes access to dtabases of security threats and fixes
 Distributed Attack Tools - understanding them and defending against them (Packet Storm)
  "Packet Storm is the largest Internet security tools database in the world. We provide intelligence ranging from security tools to system defense and assessment information. Understanding that there is no way we can begin to design and develop stronger systems and defenses unless we know what vulnerabilities exist, Packet Storm follows a strict policy of full-disclosure, publishing all pertinent information that we receive on security related materials."
 Encryption and Security-related Resources (Peter Gutmann)
  A very extensive collection of resources
 Firewall Industry Guide (ICSA)
  Originally, the term firewall referred to a construction technique designed to prevent the spread of fire from one room to another, which is obviously not what the Firewall Industry Guide is about! We are talking about Internetwork firewalls, also called Internet firewalls. The term network firewall is typically defined as a system or group of systems that enforces an access-control policy between two networks. It may also be defined as a mechanism used to protect a trusted network from an untrusted network [Kurtz]. Firewalls have become a security "must have" now that so many organizations are connecting their internal networks to external networks such as the Internet
 Firewalls FAQ
 Forum of Incident Response and Security Teams
  Since November of 1988 an almost continuous stream of security-related incidents has affected thousands of computer systems and networks throughout the world. To address this threat, a growing number of government and private sector organizations around the globe have established a coalition to exchange information and coordinate response activities. This coalition, the Forum of Incident Response and Security Teams (FIRST), brings together a variety of computer security incident response teams from government, commercial, and academic organizations. FIRST aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large.
 Forum On Risks To The Public In Computers And Related Systems
 ICSA Certified Firewall Products
  Established in 1989 as an independent corporation, ICSA has successfully led the security industry in the development of high quality security products through product certification programs and in establishing better security practices through management of multiple security-focused consortia
 ICSA Information Library - White Papers
 Information Security Resources/Links (ISSA) (ISSA)
  An extensive range of links, covering security tools, virus information, security alerts, security resources and security list servers, as well as links to disaster information
 Information Technology Security - links to resources
  The Communications Security Establishment (CSE) is a federal government lead agency that delivers Information Technology Security (ITS) solutions to the government of Canada.
 Information Warfare (Infowar.Com, Ltd.)
  InfoWar.Com, Info-Sec and Infowar Portal, The Internet Global Clearinghouse for Information Warfare, Cybercrime Reporting
 Intelligent Agents, Information System Security, Information Warfare, and Other Related Sources (Michael Bowman)
 International Computer Security Association (ICSA)
  ICSA is known worldwide as the objective source for security assurance services. Established in 1989 as an independent corporation, ICSA has successfully led the security industry in the development of high quality security products through product certification programs and in establishing better security practices through management of multiple security-focused consortia.
 Internet Explorer Security Center (Scott Schnoll)
  The purpose of this web site is to disseminate information regarding the security issues pertaining to Microsoft® Internet Explorer. This web site is UNOFFICIAL and in NO WAY sanctioned or authorized by Microsoft Corp.
 Intrusion Detection System Resource (Computer Security Institute)
  The market for intrusion detection systems (IDS) is growing. Just as in the early stages of the firewall market, there is a lot of hype, a lot of hot air, a lot of misconceptions, a lot of unrealistic expectations, and a lot of money being thrown around.
 ISS' X-Force Threat and Vulnerability Database
  ISS' X-Force Team continually updates this security repository with the latest network attack and vulnerability information.
 Java Security: Frequently Asked Questions (Princeton Secure Internet Programming Team)
  Nothing in life is completely secure; Java is no exception. Several specific security problems have been discovered and fixed since Java was first released. If you're using an up-to-date Web browser, you are usually safe against the known attacks. However, nobody is safe against attacks that haven't been discovered yet. There are two classes of security problems: nuisances and security breaches. A nuisance attack merely prevents you from getting your work done - for example it may cause your computer to crash. Security breaches are more serious: your files could be deleted, your private data could be read, or a virus could infect your machine.
 Microsoft Security Advisor Program
 Microsoft Security Advisor Program
 NIST Computer Security Resource Clearinghouse
  The Computer Security Resource Clearinghouse (CSRC) is designed to collect and disseminate computer security information and resources to help users, systems administrators, managers, and security professionals better protect their data and systems.
 NTBugtraq! (Russ Cooper )
  NTBugtraq is a mailing list for the discussion of security exploits and security bugs in Windows NT and its related applications.
 Other Sources of Security Information (CERT)
  Sources of security information, tools, discussion groups, incident response help, and more
 Secure Internet Programming (Princeton University, Department of Computer Science)
  "We study problems in computer security, especially mobile code systems such as Java, ActiveX, and JavaScript. We try to understand how security breaks down, and to develop technology to address the underlying causes of security problems."
 SecureZone (En Garde Systems)
  "Here you will find over a thousand links, which, along with our custom preferences function, will help you locate the security information you need."
 Security (ZDNet's Devhead)
 Security FAQs (Internet Security Systems, Inc.)
  Includes FAQs on Securing a Network, Compromise, File Sharing, Windows NT, Security Patches and Network Packet Capture
 Security in agent-based systems (Massively Distributed Systems Group, IBM)
  Agent-based systems require new thinking, to avoid both security holes and unexpected global effects. When agent-based systems are combined with electronic commerce, the need for all aspects of security is particularly strong.
 Security in Computer Networks (Michael Waidner )
  SIRENE (from the German, SIcherheit in REchnerNEtzen) is a loosely collaborating group of researchers from different organizations. We share an interest in security and privacy. In particular, we work on multi-party security (also called multi-lateral), i.e., security without global trust, and where everybody can be held responsible for their actions. This even works in combination with privacy.
 Security Information Management Online Network - SIMON
 Security Issues in Embedded Networking (Mark Eichin)
  As embedded systems have become more advanced, the tools for working with them have also improved. Often the easiest way to debug an embedded device is to hook it up to a local network, and then interrogate the device using remote debugging tools, often on a workstation of some kind. Many devices continue to use a network in production, for reporting data or further diagnostics. These so-called "local" networks are often far more widespread -- that is, after all, part of their convenience. This convenience can introduce a number of risks, due to unauthorized access to networked equipment.
 Security Mailing Lists FAQ (Internet Security Systems, Inc.)
  mailing lists include Alert, Intrusion Detection System, Network Security Assessment, and NT Security
 Security News links (SSE)
  Here are links to over 60 of the best Security News sites, many of which are updated daily
 Security Portal - Computer Network Telecommunications Physical Security Information Systems @ Algonquin College (InfoSysSec, Inc.)
  "This Web Site contains over 10,000 Security Articles, Information and Downloads for Information System Security Professionals"
 Security Professionals' sites
  Links to physical security information
 Security Related Links (Secure Electronic Marketplace for Europe) (Michael Waidner)
  SEMPER is a European R&D; project in the area of secure electronic commerce over open networks, especially the Internet. It is executed by an interdisciplinary consortium, combining experts from social sciences, finance, retail, publishing, IT and telecommunications, and has established liaisons with several related efforts. SEMPER is part of the European Commission's ACTS Programme (Advanced Communications Technologies and Services), executing Task 503. Funding is provided by the partner organisations, the European Union and the Swiss Federal Department for Education and Science.
 Security resources on the Internet (SecurityPortal.com)
  This site provides technotes and opinion pieces from specialists in IT security, summarizes breaking security news and provides a jumping off point for Security Alerts, Products, Tools and other Resources.
 Security Space (E-Soft Inc)
  ecuritySpace.com is a web security portal, providing internet security related news, resources, tools and services
 Security World Wide Web (WWW) Sites (Center for Information Technology, National Institutes of Health, Bethesda, MD)
 Security: Frequently Asked Questions (FAQ) (Center for Information Technology, National Institutes of Health, Bethesda, MD)
 SESAME (A Secure European System for Applications in a Multi-vendor Environment ) (Joris Claessens, Mark Vandenwauver and Paul Ashley)
  SESAME (a Secure European System for Applications in a Multi-vendor Environment) is a European research and development project, part funded by the European Commission under its RACE programme. It is also the name of the technology that came out of that project. The SESAME technology offers sophisticated single sign-on with added distributed access control features and cryptographic protection of interchanged data. SESAME is a construction kit. It is a set of security infrastructure components for product developers. It provides the underlying bedrock upon which full managed single sign-on products can be built. Examples of such products are ICL's Access Manager and Bull SA's Integrated System Management AccessMaster (ISM AccessMaster). Siemens (Software & Systems Engineering Ltd) is also using SESAME technology to improve its secure X.400 mail product set.
 Six Steps Towards Better Security (AppGate)
 TECS: The Encyclopaedia of Computer Security (Townsend & Taphouse)
  "TECS is a free security resource for anybody interested in IT security. It is all things security to all security people."
 Terms and definitions - Security (PC Webopedia)
  See this page for definition of these terms: access, access code, access control, audit trail, authentication, authorization, bastion host, biometrics, Certificate Authority, challenge-response, CHAP, Clipper chip, COLD, crack, data integrity, data vaulting, digital certificate, digital envelope, digital signature, DMZ, dongle, DoS attack, firewall, hack, hacker, IMEI, IP spoofing, IPsec, Kerberos, MD5, message digest, NAT, OPS, P3P, packet filtering, PAP, password, phreaking, PKI, Pretty Good Privacy, RBL, S-HTTP, S/MIME, secure server, security, SET, smart card, smurf, sniffer, SOCKS, spoof, SSH, SSL, steganography, token, Trojan horse, username, virus, X.509
 Tom Dunigan's Security page (Tom Dunigan)
  This page points to resources covering PGP, one-time passwords, kerberos, Crypto API's, random numbers, secure applications, intrusion detection, vulnerabilities, Java and WWW, UNIX security, and NT security
 Trusted Computing Platform Alliance (TCPA)
  The Trusted Computing Platform Alliance, or TCPA, was formed by Compaq, HP, IBM, Intel and Microsoft. All five companies have been individually working on improving the trust available within the PC for years. These companies came to an important conclusion: the level, or "amount", of trust they were able to deliver to their customers, and upon which a great deal of the information revolution depended, needed to be increased and security solutions for PC's needed to be easy to deploy, use and manage. An open alliance was formed to work on creating a new computing platform for the next century that will provide for improved trust in the PC platform.
 twURLed World of "Information Warfare, U.S. Critical Infrastructure, Nuclear Espionage"
  "Networked computing systems issue new means of attack for national enemies, economic competitors, hobbyists, as well as the disgruntled and paranoid. With 100's of websites, 1000's of news articles, ranges of opinions, what is the big picture? How do government and military, companies and non-profits, citizens and quacks, educators and researchers mobilize web resources to address infowar technologies and policies?"
 Understanding Malicious Content Mitigation For Web Developers (CERT® Coordination Center)
  "CERT Advisory CA-2000-02 describes a problem with malicious tags embedded in client HTTP requests, discusses the impact of malicious scripts, and offers ways to prevent the insertion of malicious tags."
 W3C Security Resources (w3.org)
  Web security is a complex topic, encompassing computer system security, network security, authentication services, message validation, personal privacy issues, and cryptography. This page contains links to various aspects of Web and Internet security.
 Web Security Center (Symantec)
  Internet Security is an important topic these days. The Symantec Security Center staff believes that it is important for all Internet users to understand a little bit about the risks of using the Internet, and to learn some basic steps they can take to protect themselves online. Security threats come and go every day, some stay longer than others. Most people don't worry about security because they think that the makers of Internet browser software will take care of everything. However, browsers cannot do everything to keep you and your data safe.
 Web Security Links (Web Developer)
 Web site for the Security Community (I.T. Works bvba)
 Windows 2000 Security
  News, information and products for Network Security and Windows 2000.
 Windows Security News (Duke Communications International Inc.)
 The World Wide Web Virtual Library: Safety-Critical Systems (Oxford University)
  This document contains pointers to information on Safety-Critical Systems, where human lives may be at risk, especially involving software and computers, available around the world on the World Wide Web
 The WWW Security FAQ
  It's a maxim in system security circles that buggy software opens up security holes. It's a maxim in software development circles that large, complex programs contain bugs. Unfortunately, Web servers are large, complex programs that can (and in some cases have been proven to) contain security holes. Furthermore, the open architecture of Web servers allows arbitrary CGI scripts to be executed on the server's side of the connection in response to remote requests. Any CGI script installed at your site may contain bugs, and every such bug is a potential security hole.

 

Keep me informed






©Copyright The Computer Information Center 1995 - 2000

Disclaimer

The Computer Information Center provides information in good faith, but does not provide any warranties whatsoever, nor assume any legal liability or responsibility whatsoever, for the accuracy, completeness or usefulness of any of the information supplied. It is not in any way responsible, and has no legal liability, in respect of the contents of any other site referenced from this site. The ownership of all trademarks, etc. referred to on this site is acknowledged


Webmaster

15 August, 2000
Find
Reseller Opportunities
Job Opportunities
Competitive prices for products and services
News
RSA unveils Web user authentication bundle
Hackers For Hire
Tool traces denial of service sources
Uncle Sam Recruits Hackers
Guidelines to minimise data errors
.......... More News
Products
SFProtect 2.0
.......... More Products
Books
Computer Crime - Book titles
Cryptography - Book titles
Data Security - Book titles
Hacking - Book titles
Security - Book titles
.......... More Books
WhitePapers
IT Security and Systems Management
.......... More White Papers
Events
Network Security Conference 2000 (Las Vegas, NV, United States; 21 Aug 2000 to 23 Aug 2000
SANS Parliament Hill 2000 (Ottawa, Canada; 21 Aug 2000 to 24 Aug 2000
World Computer Congress (Beijing, China; 21 Aug 2000 to 25 Aug 2000
WebSec 2000: The E-Security Conference and Expo (San Francisco, CA, United States; 22 Aug 2000 to 24 Aug 2000
CardTech/SecurTech Canada 2000 (Toronto, ON, Canada; 29 Aug 2000 to 31 Aug 2000
.......... More Events