"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts." - Gene Spafford, Ph.D., Purdue CERIAS
Links
Security Related Sites:
CIRT.net - Suspicion Breeds ConfidenceInsecure.org - The home of nmap
SANS Top 20
CGISecurity.com
NSA Security Configuration Guides
Computer Security Resource Center - NIST
TaoSecurity - The Way of Digital Security - Richard Bejtlich's site, approach and publications
OWASP - The Open Web Application Security Project
CERIAS - Center for Education and Research in Information Assurance and Security
ISSA.org - Information Systems Security Association
stopBADware.org - Regaining Control of Our Computers
Noticebored - Security awareness for governance, risk, compliance and business
Ross Anderson's Economics and Security Resource Page
Advisories:
US-CERTSecunia
FrSIRT
The Breach Blog
Northwest Security Sites & Organzations
Washington State High Technology Crimes Investigation AssociationISSA Puget Sound
ISSA Portland
Puget Sound Alliance for Cyber Security
Scanning and Vulnerability Assessment Tools:
nmapNikto - Web scanner
Nessus - Vulnerability scanner
Metasploit - Framework for people who perform penetration testing, IDS signature development, and exploit research.
Search Engine Security Auditing
The "Google Hack" HoneypotGHDB
Ming Chow's Google for Investigators
Roll Your Own Search Engine
Standards and Compliance
ISO 27001 Security - dedicated to promoting the latest international standards for Information Security Management Systems, the ISO/IEC 27000 ("ISO27k") series.International ISO 27001 and ISO 27002 (ISO 17799) Community Forum - an interactive resource, designed to enable the free exchange of related ISO information.
The ISO 27000 Directory - An Introduction to ISO 27001, ISO 27002....ISO 27008
CIS Benchmarks - security benchmarks based on recognized best practices for deployment, configuration, and operation of networked systems.
IDS, Firewalls, and VPN Solutions:
IPCop - Smoothwall on steroidsSguil - A true analyst's IDS console
Aanval - Browser based IDS console with numerous features
SSL-Explorer - Browser-based open source SSL VPN
Snort - The de facto standard for intrusion detection/prevention
Bleeding Edge Snort - The Aggregation Point for Snort Signatures and Related Security Research
Open Source Protective Measures:
Clam Win - Free antivirus for WindowsOSSEC HIDS - Open source Host-based intrusion detection system
CORE IMPACT - CORE IMPACT
Recommended Reading:
The Tao of Network Security Monitoring - Richard Bejtlich The holy grail for NSM practitioners.Hackers Beware: The Ultimate Guide to Network Security - Eric Cole Another "bible" for information security professionals.
Gray Hat Hacking : The Ethical Hacker's Handbook
Google Hacking for Penetration Testers - Johnny Long
Sys Admin - the journal for UNIX and Linux systems adminstrators
Distributions:
CentOS The Community ENTerprise Operating SystemDebian Debian official releases are geared more toward stability than cutting-edge features.
The Fedora Project The Fedora Project is a Red-Hat-sponsored and community-supported open source project.
The goal of The Fedora Project is to work with the Linux community to build a complete, general purpose operating system exclusively from free software.
Gentoo Gentoo Linux uses an enhanced BSD ports-style package system.
Knoppix Very cool. Great way to check out Linux before going for a full install.This Linux distribution runs entirely from a bootable CD. Data on the CD is uncompressed on the fly, allowing them to fit 2 GB worth of system and programs on one CD, including a complete X server, KDE and Gnome, and large packages like OpenOffice and The Gimp. Since it runs solely off the CD, Knoppix makes an excellent portable Linux demo or system rescue disk, but its completeness makes it a good general purpose distribution as well.
openMosixopenMosix is a Linux kernel extension for single-system image clustering. This kernel extension turns a network of ordinary computers into a supercomputer for Linux applications. Once you have installed openMosix, the nodes in the cluster start talking to one another and the cluster adapts itself to the workload. Processes originating from any one node, if that node is too busy compared to others, can migrate to any other node.
Slackware MCS utilizes Slackware 9.0 and ZipSlack on a regular basis. Since its first release in April of 1993, the Slackware Linux Project has aimed at producing the most "UNIX-like" Linux distribution out there.
Suse SuSE is a popular distribution based out of Germany.