TCSEC Orange Book Summary

 

 

 

 

IT Security Sites

 

 

Security Organizations

http://www.isc2.org

http://www.nsa.gov/snac

http://www.sans.org

 

Chronology of Data Breaches

http://www.asisonline.org

http://isc.incidents.org

http://www.infragard.net

http://www.issa.org

http://www.cisecurity.org

http://www.cert.org

https://www.vte.cert.org

http://www.us-cert.gov

http://cve.mitre.org/cve

http://www.radium.ncsc.mil/tpep

http://www.radium.ncsc.mil

http://www.cesg.gov.uk/assurance

http://www.cordia.lu/infosec

http://www.commoncriteria.org

http://www.opengroup.org/security

http://www.gocsi.com

http://project.honeynet.org

http://www.ossim.net

http://secinf.net

http://www.attrition.org

 

http://www.freeradius.org

http://www.openldap.org

http://web.mit.edu/kerberos/www

 

http://www.IPVideoMarket.info

http://www.biometrics.org

http://www.voipsa.org

 

Security Tools

http://johnny.ihackstuff.com

http://www.antionline.com

http://www.counterpane.com

http://www.intersectalliance.com

http://tomahawktesttool.org

 

http://stake.com

http://www.mavensecurity.com/Achilles.php

http://www.elcomsoft.com

http://www.packetfactory.net

http://www.coresecurity.com

http://www.immunitysec.com

http://www.insecure.org

http://www.tlsecurity.net/main.htm

http://www.wiretapped.net

LiveAmmo Security Tools Directory

http://www.remote-exploit.org

http://eeye.com

http://www.nessus.org

http://www.astalavista.net

http://www.tucofs.com

http://nipper.titania.co.uk

http://www.theta44.org/karma

 

SSH Links

http://www.ssh.com/tech

http://www.openssh.com

http://www.freessh.org

http://www.bastille-linux.org

 

Certificate CA

http://www.pki-page.org

http://www.thawte.com

 

Security Information

http://web.mit.edu/network/pgp.html

Security Files/Programs

http://nces.ed.gov/pubs98/safetech

http://netsecurity.about.com

http://security.org

 

http://www.all.net

http://www.iwar.org.uk/comsec

http://crypto/jscrypt.htm

http://www.steganos.com

http://security.isu.edu

http://www.infosyssec.com

http://www.cryptography.com

http://csrc.nist.gov/encryption/aes

http://skip-vpn.org

http://www.securityfocus.com

http://www.securityauditor.net

http://nsi.org/library.htm

http://www.bis.doc.gov

http://www.interpol.int

http://www.dss.mil

 

http://ha.ckers.org/xss.htm

 

NIST Links

http://csrc.nist.gov

http://www.cftt.nist.gov

http://icat.nist.gov

https://cip.nist.gov/sat/home.nist

http://csrc.nist.gov/publications/nistpubs

 

DR / Business Continuity

http://www.disasterrecoveryworld.com

http://www.drii.org

http://www.drj.com

http://recovery.sungard.com

http://www-1.ibm.com/services/continuity

http://www.fema.gov/ofm/bc.shtm

 

Anti Virus / Malware

http://www.mcafee.com/us/

http://www.sophos.com

http://us.trendmicro.com

http://www.symantec.com

http://www.f-secure.com

http://www.ca.com

http://free.avg.com

Ad-aware Plus

Spybot

http://www.malwarebytes.org

 

http://www.av-test.org

http://www.clamwin.com

 

Forensic

http://www.accessdata.com

http://www.asrdata.com/SMART

http://basistech.com/digital-forensics

http://porcupine.org/forensics/tct.html

http://www.guidancesoftware.com

http://www.openwall.com/john

http://www.logicubeforensics.com

http://cyberstc.com

http://paraben-forensics.com/p2.html

http://digitalforensicssolutions.com

http://www.sleuthkit.org

http://www.x-ways.net/forensics

 

http://www.e-fense.com/helix

 

Legal

http://www.copyright.gov

http://www.uspto.gov

http://www.eff.org

 

Database Monitoring

http://www.lumigent.com

http://www.guardium.com

http://www.imperva.com

http://datacompliance.netezza.com

http://www.softtreetech.com

http://www.idera.com

http://www.nitrosecurity.com

http://www.iplocks.com

http://www.sentrigo.com

 

Firewall Sites

http://www.checkpoint.com

http://www.phoneboy.com

 

http://www.microsoft.com/isaserver

http://www.cisco.com/go/pix

http://www.cisco.com/en/US/...

http://www.locked.com

 

Security Vendors

http://solarwinds.net

http://foundstone.com

http://www.fortify.com

http://www.abagnale.com/index2.asp

http://www.saiglobal.com/compliance

http://www.airmagnet.com

 

http://www.RSA.com

RSA Bedford,MA office entrance

 

 

home mail contact us site map
 

(ISC)2 CISSP Security certification

Security Configuration Guides - hardware, OS, applications

SANS Institute - security policies * TOP SITE *

 

Privacy Rights ClearingHouse

ASIS International - CPP certification

Internet Storm Center - intrusion detection log reports

InfraGard - information sharing (government & business)

Information Systems Security Association (ISSA)

Center for Internet Security - methods, tools, and measures

Alerts, Advisories, and summaries - corrective measures

CERT Virtual Training Environment Public Access (Training)

US Computer Emergency Readiness Team (est. 2003)

List of Common Vulnerabilities and Exposures (CVE)

Trusted Assessment/Evaluation Program (TTAP/TPEP)

Rainbow Series Library (DoD Guides/Criteria)

UK ITSEC / Common Criteria Assurance

European Union (EU) ITSEC / Common Criteria and Methods

Common Criteria (CC) Support Environment

Security Forum - Open Group

Computer Security Institute

Honeynet Project - OpenSource research (Linux CD)

Security infrastructure monitor - Framework

Network Security Library (Policies / Rainbow)

Security Web Site

 

Radius protocol server, Demon for UNIX OS

OpenLDAP software, Java LDAP class libraries

Kerberos Network Authentication Protocol

 

IP Video Surveillance News and Reviews

Biometric Consortium

VOIP Security Alliance - VoIP Tools

 

.

Google Hacking Database (GHDB)

Geographic IP address locator

Network security - Log Analysis, Net Monitoring

Audit log & Syslog receiver - Windows (OpenSource)

IPS Testing - Bidirectional replay saved tcpdump dumpfiles

 

Windows password cracking software

Web application security assessment tool

Password security explorer (Audit tool)

Network security related tools / projects

Open source security - MSyslog (Python)

Immunity security - (GNU) Public Software

Security tool - NMAP distribution

TL Security - List of backdoors and Trojans

Security / Cryptography / Reference software

Live Ammo Security - Tools / Services

WLAN, Bluetooth and bootable Auditor ISO CD

eEye SecureIIS Firewall / Security Scanners

UNIX remote security scanner, (Client/Server) - Free (*)

Security & Hacking Community resources

Extensive data recovery / forensic tools

Network Infrastructure Parser (NIPPER) - open source

Wireless Client Security Tools - KARMA

 

.

SSH Protocol creator - tech information

OpenSSH encryption terminal session tools - secure telnet, ftp

SSH clients/Servers - Windows, UNIX, Java, Others

Building Linux SSH jump points - Instructions

 

.

PKI and trusted Certificate Authorities (CA) Listing

Certificate Authority (CA) - Thawte (SSL)

 

.

MIT Freeware distribution center PGP site - Encryption

Library of SECURITY information

National Center for Education Statistics - Safeguarding IT

About.com - Network Security

Security information relating to locks and safes

 

Fred Cohen & Associates - Strategic Security & Intelligence

IWS - Information Warfare Site - Security Issues

A Cryptographic Compendium

AES encryption, encodes into the background of other files

Information Security Resources - Idaho State University

Security Portal for Information System Security

Provides cryptography technology & services to companies

AES algorithm (Rijndael) information - NIST

SKIP - Simple Key Management for Internet Protocols

Security news, vulnerabilities and many tools

Security Risk Analysis information / software

National Security Institute - Reference Library

Bureau of Industry and Security - US Dept of Commerce

Interpol - Information Security crime section

DSS - Defense Security Service (DoD agency)

 

XSS (Cross Site Scripting) Cheat Sheet (filter evasion)

 

.

NIST - Computer Security Resource Center (CSRC)

NIST - Computer Forensic Tool Testing Program (CFTT)

NIST - ICAT Vulnerability Searchable Metabase

NIST - online NIST Security Assessment Tool

NIST - Security PDF Publications

 

.

Disaster Recovery World - Impact / Planning

DRI (Disaster Recovery) International

Disaster Recovery Journal

SUNGARD Availability Services

IBM Business Continuity and Recovery Services

FEMA Business Recovery Checklist

 

.

McAfee Antivirus Software & IPS

Sophos Antivirus, Anti-spam

Trend Micro - Antivirus, Anti-Spam

Symantec "Norton" Antivirus, anti-spyware, endpoint

F-Secure Antivirus and security tools

CA Antivirus Enterprise "eTrust"

AVG Free Antivirus & Antispyware

Anti-spyware product, scans in real time

Another Anti-spyware product

Anti-Malware - freeware

 

AV-Test testing lab - independent

Free Antivirus and Anti-Malware resources

 

raw (i.e. dd, 512-bytes), Expert Witness EWF (i.e. EnCase)

AccessData Forensic Toolkit (FTK)

ASR Data SMART - Storage Media Analysis Recovery Toolkit

Basis Technology - Odyssey Digital Forensics

The Coroner's Toolkit (TCT) - UNIX system tools

Guidance Software - EnCase

John the Ripper - password cracker (open source)

Logic Cube - Forensic Dossier (Drive Duplication)

Online Digital Forensic Suite (live computers)

Paraben P2 - Handheld devices

Scalpel - file carver

Sleuth Toolkit (command lines) - open source

X-Ways Forensics

 

Helix - Detect, Identify, Analyze, Preserve and Report

 

.

US Copyright Office - Library of Congress

US Patent and Trademark Office - Dept Commerce

Electronic Frontier Foundation (EFF)

 

.

Database auditing / assessment - AuditDB

Database security / monitoring - appliance based

Database Activity Monitoring - SecureSphere

Database Activity Monitoring - Mantra

Database auditing - DB Audit

Database auditing/alerting - SQL Compliance Manager

Database Activity Monitoring - NitroView DBM

Database Audit Controls - IPLocks Audit Control

Hedgehog Real-Time Database Monitoring

 

.

CheckPoint Firewall-1/VPN software vendor

Independent CheckPoint Firewall/VPN FAQs, Links, downloads

 

Microsoft Internet Security & Acceleration Server (ISA)

Cisco PIX 500 Series Firewalls

Cisco PIX software LOG messages (Ver 6) PDF

Mission Critical Systems - Security Vendor

 

.

Network Management/Security software tools

Security software and services

Application Security - Fortify

Abagnate - Anti-Check Forgery

Security training/compliance - "For Your Eyes Only"

AirMagnet's wireless LAN planning / management tools

 

Security products - enVision, SecureID, ...

 

 

 

 

 
Patents protect inventions and improvements to existing inventions.
Copyrights cover literary, artistic, and musical works.
Trademarks are brand names and/or designs which are applied to products or used in connection with services.
 
 
 
 
Two key pairs per user (called dual-key support).
One pair for encryption and one for digital signatures (non-repudiation)
 
 
 
Any material furnished by Nickerson Consulting Group, N-cg.net, is furnished on an "as is" basis. Nickerson Consulting Group makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Nickerson Consulting Group does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.

 

copyright 2009 created by www.ITCharts.com