Audit / Risk Analysis/ Security Checks

• Online Security Checks
  • SSL-Check Test your online banking server cert!
  • Domain-Check Test the security of your ADMIN-C entry
  • Check out the security of your Lotus Domino-Server
  • Internet client selfcheck nice (geman)
  • Netcraft Network Examination What's that site running and how long?
  • Shields UP! -- Internet Connection Security Analysis
  • Privacy Analysis of your Internet Connection thinking about Java and JavaScript in your Browser ;-)
  • Symantec Security Check online portscan and trojan testing
  • BrowserSpy BrowserSpy will tell you detailed information, like version and support, of your Browser, JavaScript, JVM, Java, Plugins, Components, Language, Screen, Hardware, IP, Cookies, Web Server, FTP Password etc....
  • Proxy Check Is your proxy noisy?
  • Lookup Tools ripe, arin, apic etc.
  • Whois lookup from Geektools.com
  • SamSpade Tracing & LookupTools
  • Are you cracked? Is your IP in Dshield's Attacker DB?
  • network-tools Tracing & Lookup Tools
  • HackerWhacker See your computer the way hackers do.
  • HackYourself.com formerly HackerWhacker junior
  • Secure-me xDSL testing
  • QuickInspector web based security diagnostic
  • Online NETBIOS vulnerability check
  • webbased Traceroute
• AuditNet Home Page
• IT-Audit.de
• Vulnerabilty Scanners
• Default Password List (Search)
• Another Default Password Lists
• Advanced Host Detection - techniques to validate host-connectivity
• Examining port scan methods - analysing audible techniques
• Online Network Calculator - problems calculating netmasks?
• Security-Audit.de
• Open Source Security Testing Methodology taken from ideahamster.org
• it-auditing.de
• Vulnerability Assessment: Minimizing Configuration Error Related Risk
• Online Vulnerabilty Databases
  • XForce
  • CVE Vulnerability Search Engine The ICAT Metabase is a product of the Computer Security Division at the National Institute of Standards and Technology.
  • Security-Focus
  • Security-Tracker
  • NetworkICE Vulnerabiliy Database
  • CVE Common Vulnerabilities and Exposures
  • CERT/CC Vulnerability Notes Database
  • Cisco Password Recovery Procedures
• some usefull Tools
  • CyberCop Scanner (NAI Vulnerability Scanner)
  • Somar Software (DumpSec, DumpACL, DumpEvt) As last released by SomarSoft, these utilities are now offered as FREE utilities for reporting of security, directory, registry, and event information under Windows NT
  • ISS Internet Scanner provides automated security vulnerability detection and analysis for devices on a network.
  • Nessus Security Scanner for Linux, *BSD*, Solaris and NT with different Frontends like Java and GTK
    • Nessus Plugins
  • Nmap Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.
  • hping TCP pinger, can analyse networks and hosts on the TCP Flag level.
  • queso Queso identifies operating systems via the TCP packet signature
  • firewalk Firewalking is a technique that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks.
  • dnswalk dnswalk is a DNS database debugger. It works by initiating a zone transfer of a current zone, inspecting individual records for inconsistencies with other data, and generating warnings and errors.
  • CIS Cerberus' Internet Scanner is a free security scanner.
  • netcat Swiss Army Knife for TCP and UDP (like socket). Simple Port Scanner, simple Port redirector and simple access to sockets from Scripts.
  • Whisker A sophisticated CGI security scanner
  • COPS (Computer Oracle and Password System) a Unix host security tool from Dan Farmer
  • tiger is a set of scripts that scan a Un*x system looking for security problems, in the same fashion as Dan Farmer's COPS.
  • SARA Security Auditors Research Assistent, based on the SATAN model
  • SAINT (Security Administrator's Integrated Network Tool) is a security assesment tool based on SATAN.
  • nemesis is a command-line UNIX network packet injection suite.
  • Pandora is a set of tools for testing the security of Novell Netware
  • MacAnalysis is a security auditing suite for your Macintosh to perform and help implement a security standard for your computer/network by performing a full security check of network protocols, open services, port scans, vulnerable CGI scripts and much more.
  • ngrep network grep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP, FDDI and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.
  • Sabernet: Security Tools
  • arirang - powerful webserver security scanner
  • DominoScan fully automated Domino application security scanner
  • Babelweb is a program which allows to automate tests on a HTTP server
    
• Lotus Notes Audit
• Wardriving Tools
  • wtf is wardriving?
  • Wirelass Security Auditor (WSA) written for Linux on the iPAQ.
  • Wireless networks a 'hacker's playground'
  • wlandump (linux-wlan™ Project) Wardriving tool
  • AIRsnort is a wireless LAN (WLAN) tool which cracks encryption keys on 802.11b WEP networks. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.
    
  • WEPcrack is a tool that cracks 802.11 WEP encryption keys using the latest discovered weakness of RC4 key scheduling.
  • Wireless Access Points and ARP Poisoning (Article on BugTrag) (Pdf)
  • Wardriving.com (Informations and Links)
  • APTools is a utility that queries ARP Tables and Content-Addressable Memory (CAM) for MAC Address ranges associated with 802.11b Access Points.
  • Papers about 802.11 Security Vulnerabilities
  • dstumbler from Dachb0den Labs is a wardriving/netstumbling/lanjacking utility for bsd
  • bsd-airtools is a package that provides a complete toolset for wireless 802.11b auditing.
  • NetStumbler is a Windows utility for 802.11b based wireless network auditing written by Marius Milner.
  • WaveStumbler WaveStumbler is console based 802.11 network mapper for Linux. It reports the basic AP stuff like channel, WEP, ESSID, MAC etc. It has support for Hermes based cards (Compaq, Lucent/Agere, ... )
  • Kismet a curses based Linux auditor and stumbler
  • ApSniff is a wireless (802.11) access point sniffer
  • wardriving tools
    
    
    
    

Crypto / PKI

• standards and specs
  • The Ten Minute CEO Briefing On PKI, Digital Certificates, and Trust in Electronic Transactions
  • Public Key Cryptography Standards
  • Netscape Certificate Specifications
  • Netscape Step-Up Encryption
  • Certificate Resources for NS Certification Server
  • Public Key Cryptography Standards
  • SSL 3.0
  • S/MIME
  • Public-Key Infrastructure (X.509) (pkix)
  • RFC 2459 Certificate and CRL Profile
  • RFC 2510 Certificate Management Protocols
  • RFC 2511 Certificate Request Message Format
  • RFC 2527 Certificate Policy and Certification Practices Framework
  • RFC 2528 Key Exchange Algorithm (KEA)
  • RFC 2560 Online Certificate Status Protocol - OCSP
  • S/MIME Mail Security
  • RFC 1847 Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted
  • RFC2311 S/MIME Version 2 Message Specification
  • RFC2312 S/MIME Version 2 Certificate Handling
  • S/MIME Working Group
  • S/MIME Interoperability Center (RSA)
  • S/MIME Interoperability Matrix
  • S/MIME and PGP/MIME
  • SET specs
  • Transport Layer Security TLS
    • RFC 2246 The TLS Protocol
    • RFC 2818 HTTP over TLS
  • OpenPGP
    • RFC 2440 OpenPGP Message Format
  • PKI linklist at PKI-Page.org
  • SSL-Check!
  • Cryptography and Microsoft Public Key Infrastructure with Windows 2000
  • MS Windows 2000 Public Key Infrastructure Whitepaper
  • PKI Deployment Information page
  • PKI-COORD PKI Coordination for Europe
• CA-Cookbooks
  • OpenSSL
  • OpenSSL-cookbook
  • ApacheSSL
  • ApacheSSL-cookbook
  • OpenCA
  • Set up your own Certification Authority using free software
  • Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure (B. Schneier, C. Ellison)
  • OpenSource PKI-Book
  • Configuring IIS 4.0 Certificate Authentication
  • SPHINX-Projekt (Sichere Ende-zu-Ende-Kommunikation für die Bundesverwaltung)
    • Betriebshandbuch Lokale Registrierungsstelle (local RA Operating Guide - german)
    • Betriebshandbuch Zertifizierungsstelle (CA Operating Guide - german)
• X.509
  • Public-Key Infrastructure (X.509) (pkix) Drafts & RFCs
  • x509v3 - Final draft (1 December/June 30).
  • x509v4 - draft V7 (updated Editions)
  • OID description for 2.5.29 - certificateExtensions (id-ce)
  • register your own OID
  • PKI Survey - X.509
  • X.509 Style Guide (Peter Gutmann)
• smart cards
  • OpenCard Framework is a standard framework announced by an Industry consortium that provides for interoperable smart cards solutions across many hardware and software platforms.
  • What's so smart about smart cards? is an overview of smart card technology produced by the Smart Card Forum and Gemplus
  • The Terms you Need to Know
  • Smart Cards: Readings and Resources University of North Carolina
  • Smart Cards and Electronic Payment Systems CRYPTO GRUOP of University de Louvain (Belgium)
  • Global Payment Card Network
  • Smart Card Alliance
  • Smart Card Knowledge Base from SCIA Smart Card Industry Association
• infos about X.500, LDAP and directory servers
  • Netscape Directory SDK Information and Download
  • A System Administrator's View of LDAP
  • LDAP World
  • LDAP: Fulfilling the Promise for Directory-Enabled Networks
  • An LDAP Roadmap & FAQ
  • A Scalable, Deployable, Directory Service Framework for the Internet
  • LDAP (PKIX)
    • RFC 2559 Operational Protocols - LDAPv2
    • RFC 2587 LDAPv2 Schema
  • LDAP for Solaris 8
  • Projects related to LDAP/Directories deployment worldwide
• SSL/X.509 tools
  • pureTLS PureTLS is a free Java-only implementation of the SSLv3 and TLSv1 (RFC2246) protocols.
  • OpenSSL free SSL/TLS toolkit
  • S/MIME perl modul
  • ssldump is an SSLv3/TLS network protocol analyzer.
  • OpenCA the OpenCA project
  • cryptlib cryptlib is a powerful security toolkit from Peter Gutmann
  • SSLava™ and other encryption toolkits from Phaos Technology
  • Tools and Software for PKI based Internet applications List at PKI Coord
  • Download the S/MIME 40-bit RC2 Cracking Screen Saver
  • TrustedMIME from SSE Ltd.
• Crypto misc
  • Attack on Private Signature Keys of the OpenPGP format, PGP™ programs and other applications compatible with OpenPGP
• German Law
  • Zertifikate der Bundesbehörde
  • Regulierungsbehörde für Telekommunikation und Post  (Genehmigte Zertifizierungsstellen)
    • Anerkannte Bestätigungsstellen für technische Komponenten
    • Anerkannte Prüf- und Bestätigungsstellen für Sicherheitskonzepte
    • Geeignete Kryptoalgorithmen gemäß § 17 (2) SigV
    • Projektbüro "Digitale Signatur" des BSI
  • Zertifizierungsinstanz der Deutschen Telekom AG
  • Zertifizierungsinstanz der Deutschen Post AG
  • Zertifizierungsinstanz der Medizon AG
  • Zertifizierungsinstanz der Bundesnotarkammer
  • Zertifizerungsstellen der Steuerberatungskammern (Datev)
  • Liste weiterer Zertifizierungsinstanzen
• PKI misc
  • Crypto-Gram Newsletter from Counterpane
  • FTP-Sites and Links for Cryptographic Software and Information
  • more cryptography
  • UniCERT and EuroTrust
  • Identrus
    • Identrus Solutions Providers
    • Identrus: setting the direction for global electronic banking
  • Aufwand beim Betrieb einer Uni-CA
  • PGP Public Key Server
  • Humboldt-University Certification Authority (HU-CA) Yeah, still alive ;-)

   

papers

• own papers
  • DFN-Projekt (German Research Network - project)
  • RZ-Mitteilungen Nr.12/Juni 1996
    • Accounts und Paßwörter    (Postscript)
  • RZ-Mitteilungen Nr.13/Januar 1997
    • Universitätsverwaltung mit Internet-Zugriff - ein Widerspruch?    (Postscript)
  • FB Informatik Januar 1997
    • Was leisten Firewalls, was nicht?
  • RZ-Kolloquium 25. Februar 1997
    • Firewall - ein Kernstück des Sicherheitskonzeptes "Verwaltungsnetz"
  • HP-Kolloquium 4. Juni 1997
    • Sicherheitsanforderungen an offene Campus-Netze
  • Konrad-Zuse-Zentrum für Informationstechnik Berlin 27.Oktober 1997
    • SSH - Dem Lauscher keine Chance
  • RZ-Kolloquium 18.November 1997
    • WindowsNT -(UN)Sicherheit
  • RZ-Mitteilungen Nr.15/Dezember1997
    • SSH - dem Lauscher keine Chance
    • Das TIS Firewall Toolkit unter Linux
    • Internet-Sicherheit von Windows-Rechnern
    • Der Tag danach...
  • PIPELINE EDV-Zentrum, Technische Universität Wien Nr. 25/Juni 1998
    • http://info.tuwien.ac.at/pipeline/p25/p25.html
  • EDV-Zentrum, Technische Universität Wien 14./15. Mai 1998
    • Sicherheit in Rechnernetzen
    • Firewalls - Was leisten sie, was können sie nicht. Ein Überblick
    • Angriffsszenarien und Verteidigungsstrategien in öffentlichen Netzwerken
  • RZ-Mitteilungen Nr.16/Juni 1998
    • Vertrauen gegen Vertrauen - Die Zertifizierungsinstanz der Humboldt-Universität zu Berlin
• other papers & resources
  • Applied Cryptography
  • Unix Computer Security Checklist
    AUSCERT, Australian Computer Emergency Response Team; 1995; ASCII Text; 89k A comprehensive checklist for securing your Unix box.
  • Packets Found on an Internet
    Bellovin, Steven M.; 1993; GZip'd Postscript; 32k A very interesting paper describing the various attacks, probes, and miscellaneous packets floating past AT&T Bell Labs' net connection.
  • Security Problems in the TCP/IP Protocol Suite
    Bellovin, Steven M.; 1989; GZip'd Postscript; 10k A broad overview of problems within TCP/IP itself, as well as many common application layer protocols which rely on TCP/IP.
  • There Be Dragons
    Bellovin, Steven M.; 1992; GZip'd Postscript; 58k Another Bellovin paper discussing the various attacks made on att.research.com. This paper is also the source for this page's title.
  • An Advanced 4.3BSD IPC Tutorial
    Berkeley CSRG; date unknown; GZip'd Postscript; 60k This paper describes the IPC facilities new to 4.3BSD. It was written by the CSRG as a supplement to the manpages.
  • NFS Tracing by Passive Network Monitoring
    Blaze, Matt; 1992; ASCII Text Blaze, now famous for cracking the Clipper chip while at Bell Labs, wrote this paper while he was a PhD candidate at Princeton.
  • Network (In)Security Through IP Packet Filtering
    Chapman, D. Brent; 1992; GZip'd Postscript; 46k Why packet filtering is a difficult to use and not always secure method of securing a network.
  • An Evening with Berferd
    Cheswick, Bill; 1991; GZip'd Postscript; 32k A cracker from Norway is "lured, endured, and studied." (But not caught!)
  • Design of a Secure Internet Gateway
    Cheswick, Bill; 1990; GZip'd Postscript; 17k Details the history and design of AT&T's Internet gateway.
  • Improving the Security of your Unix System
    Curry, David, SRI International; 1990; GZip'd Postscript; 99k This is the somewhat well known SRI Report on Unix Security. It's a good solid starting place for securing a Unix box.
  • With Microscope & Tweezers
    Eichin & Rochlis; 1989; GZip'd Postscript.gz; 99k An analysis of the Morris Internet Worm of 1988 from MIT's perspective.
  • The COPS Security Checker System
    Farmer & Spafford; 1994; GZip'd Postscript; 45k The original Usenix paper from 1990 republished by CERT in 1994.
  • COPS and Robbers
    Farmer, Dan; 1991; ASCII Text This paper discusses a bit of general security and then goes into detail regarding Unix system misconfigurations, specifically ones that COPS checks for.
  • Improving The Security of Your System by Breaking Into It
    Farmer & Venema; date unknown; HTML An excellent text by Dan Farmer and Wietse Venema. If you haven't read this before, here's your opportunity.
  • A Unix Network Protocol Security Study: NIS
    Hess, Safford, & Pooch; date unknown; GZip'd Postscipt; 20k Outlines NIS and its design faults regarding security.
  • A Simple Active Attack Against TCP
    Joncheray, Laurent; 1995; GZip'd Postscript; 90k This paper describes an active attack against TCP which allows re-direction (hijacking) of the TCP stream.
  • Foiling the Cracker
    Klein, Daniel; GZip'd Postscript; 38k A Survey of, and Improvements to, Password Security. Basically a treatise on how to select proper passwords.
  • A Weakness in the 4.2BSD Unix TCP/IP Software
    Morris, Robert T; 1985; GZip'd Postscript; 10k This paper describes the much ballyhooed method by which one may forge packets with TCP/IP. Morris wrote this in 1985. It only took the media 10 years to make a stink about it!
  • Covering Your Tracks
    Phrack Vol. 4, Issue #43; GZip'd Postscript; 16k A Phrack article describing the unix system logs and how it is possible to reduce the footprint and visibility of unauthorized access.
  • Cracking Shadowed Password Files
    Phrack Vol. 5 Issue #46 GZip'd Postscript; 19k A Phrack article describing how to use the system call password function to bypass the shadow password file.
  • Thinking About Firewalls
    Ranum, Marcus; Gzip'd Postscript; 30k A general overview of firewalls, with tips on how to select one to meet your needs.
  • An Introduction to Internet Firewalls
    Wack & Carnahan for NIST; Gzip'd Postscript; 600k This is a special publication of the National Institute of Standards and Technology which provides a solid introduction to firewalls concepts and uses.
  • TCP Wrapper
    Venema, Wietse; Gzip'd Postscript; 13k Wietse's paper describing his TCP Wrapper concept, the basis for the TCP Wrappers security and logging suite.
  • Safe Internet Programming: Publications
  • Installation of the TIS Firewall Toolkit on Linux
  • Security-Papers FhG
  • The Hacker Crackdown by Bruce Sterling
    • US site
  • O'Reilly Security Book info
    • Computer Security Basics by Russell and Gangemi
    • Practical Unix Security by Garfinkel and Spafford
    • Web Security
    • PGP: Pretty Good Privacy by Garfinkel
    • Oracle Security
    • Stopping Spam by Alan Schwartz & Simson Garfinkel
    • Computer Crime: A Crimefighter's Handbook by Icove, Seger & VonStorch
    • Building Internet Firewalls by Chapman and Zwicky
    • Building Internet Firewalls, Second Edition by Chapman, Zwicky and Cooper
    • Securing Windows NT/2000 Servers for the Internet by Stefan Norberg
    • Java Cryptography by Jonathan Knudsen
  • Alldas.de Library Info
  • PGP: Source Code and Internals by Phil Zimmermann
  • The Official PGP User's Guide by Phil Zimmermann
  • Cryptography Theory and Practice
  • Wietse's tools and papers
  • 2600 Magazine

Windows

• NT SECURITY
• Navy Secure Windows NT Installation and Configuration Guide
• NT-Bugtraq
• Where to Find Microsoft Security Patches
• Microsoft TechNet Security
  • Microsoft Security Tools
  • Microsoft Service Packs and Hotfixes
  • Windows 2000 Security
  • IIS4 Security Checklist
  • IIS5 Security Checklist
  • Getting most from IIS Security ;-)
  • Implementing a secure site with ASP
  • Security in MS SQL Server 7.0
  • ODBC Security
  • Exchange Server 5.5. Security
  • Is Your Exchange Server Relay-Secure?
• NT Security
• Windows 95/98 Computer Security Information
• Windows NT Configuration Guidelines
• Windows NT Intruder Detection Checklist
• Want to set your Windows NT Administrator password? How to change the NT administrator password if you have forgotten it. ;-)
• Offline NT Password & Registry Editor, Bootdisk
• Securing Microsoft Exchange 5.5

Unix / Linux

• Beginner's guide to armoring Solaris 2.6
• Securing Linux. Elementary security for your Linux box
• Unix Host and Network Security Tools
• Solaris Security Guide
• Unix System Monitoring Tools
• TITAN an this special nddconfig.sh
• SunSolve Online(tm)
• YASSP: Yet Another Solaris Security Package
• Improving Security tech tips by CERT
• Installing a Firewall bastion host: Hardening Solaris
• Solaris - tuning your TCP/IP stack
• Solaris™ 2.x - Tuning Your TCP/IP Stack and More
  
• Unix System Administration
• Sun Microsystems, Inc. - BigAdmin
• X Security Here is a description of some of the security issues related to the use of the X window system.
• Unix System Administrator's Resources
• Root Prompt -- Nothing but Unix
• Linux Security Home Page
• eSecurityOnline
• Unix Guru Universe
• Tuning Solaris 7 for FireWall-1 4.0
• Hardening the BIND DNS Server
• Sun Solaris Security Blueprints
• Security infos and advisories from un*x vendors/distributors
  • RedHat
  • S.u.S.E.
  • Caldera
  • Debian
  • Open BSD
  • FreeBSD
  • Mandrake
  • IBM
  • HP
  • SUN
  • Digital
  • SGI

Lotus Notes / Domino

• DominoScan by NGSSoftware is a fully automated Domino application security scanner
• A guide to developing secure Domino applications
• The Domino Defense: Security in Lotus Notes and Internet
• Lotus IT Central Security Zone
• Lotus Notes and Domino Reduce the Risks of Virus Attacks
• How to secure a Lotus Domino-Server connected to the Internet
• Check out the security of your Lotus Domino-Server
• undermining Lotus Notes
• Lotus Notes Vulnerabilities
• Falling Dominos FAQ 1.0
• Locking Down a Lotus Domino Server
• Lotus Notes and Domino Security: An Overview of Authentication and Access Control
• Lotus Notes Audit
• The Domino Defense: Security in Lotus Notes 4.5 and the Internet

• Lotus Notes and Domino R5.0 Security Infrastructure Revealed

• ID Password Recovery (IPR) is a tool for recovering passwords on Lotus Notes ID files. It does this by guessing passwords you supply in a dictionary file.
• AppDetective™ for Lotus Domino is a network-based, penetration testing/vulnerability assessment scanner that locates and assesses the security strength of database and groupware applications within your network.
  
  
  
  
  

Security Portals / Info Services

• SecurityTracker.com - Keep Track of the Lastest Vulnerabilities!
• Garry Kessler's Security URLs
• Security-Finder Verlag Dashöfer
• SecurityPortal
• Infosyssecurity Portal The Security Portal for Information System Security Professionals
• onlinesicherheit.de free security source
• The Security Search Engine - Firewalls, Antivirus, Intrusion Detection, Vulnerabilities, Advisories and Auditing Software.
• Search Checkpoint FireWall-1 and Other Security Archives (Raptor, Nessus, IPFilter, Stonebeat etc.)
• Privacy Resources (Web Anonymizers, Remailers etc.)
• http://www.datenschutz.de/
• Computer Security Information
• PROTECTOR - Online
• Security Standards Websites
• Sys-Security.com - Because Security is not Trivial
• http://rootshell.connectnet.com/ used to be a good online resource
• Attrition.org
• Packetstorm Packetstorm is a non-profit organization kept alive for the sole purpose of helping secure the World's networks.
• SecurityFocus Bugtraq-Archives and lots of papers and infos
• Replay Domestic Encryption Server
• http://www.sicherheit-im-internet.de/
• ITtoolbox Security ITtoolbox Security offers forums for technical discussion, an integrated directory, white papers and daily news geared towards Security professionals and users of Security products.
• X-Force
• IT Security Cookbook
• Internet/Network Security
• dugsong@monkey.org
• security in cable networks (austrian)
• MCI security page
• Common Vulnerabilities and Exposures
• DII COE Security Checklist Version 2.0
• Mail Abuse Protection System
• Get the spammer!
• WWW SNMP MIB Browser
• Tips and tricks for ISPs
• DNS tools
• Internet Attacks with DDos and Dos Strategies
• Security und Hackerszene (austrian)
• TAKEDOWN
• Great Circle Associates Home Page
• Tech Tips for Improving Security
• The Freefire Project Support for Developers of Free Security Solutions
• Securemac.com Macintosh Security Site
• IWS The Information Warfare Site
• nur-sicherheit.de Aktions-Portal für IT-Security, Sicherheitstechnisk, Arbeitssicherheit (geman)
• Whitehats Whitehats, Inc. manages also arachNIDS
• Alldas.de IT-Security information network Attacker Statistics
• The hacker's choice
• eSecurityOnline
• Astalavista Group

Antivirus / Content Security

• Content Technologies
• Trendmicro (Viruswall)
• ThunderBYTE Anti-Virus Software
• Dr Solomon's Anti-Virus Software
• Sophos Sweep Anti-Virus Software
• Stiller Research, Integrity Master Anti-Virus Software
• McAfee
• Informationen zu Computerviren.
• Virus Map
• trojan info
• Tests of Anti-Virus Software

Firewalls

• The ULTIMATELY Secure Firewall ;-)
• 1997 CSI Firewall Product Analysis
• yet another Firewall list
• some firewalls
  • TIS/NAI Gauntlet
  • BorderWare software by Border Network Technologies
  • CheckPoint Software Technologies (Firewall-1)
  • Cisco Systems
  • KarlBridge/Karlrouter
  • Milkyway Networks Corporation
  • Raptor Systems (Eagle)
  • Secure Computing Corporation (Sidewinder)
  • SecureWare
  • Sonicwall
  • ANS HOME PAGE
  • Netscreen
  • GenuGate
  • DrawBridge Drawbridge is a firewall package that was developed at Texas A&M University and was designed with a large academic environment in mind.
• How to Build a Successful Security Infrastructure
• PhoneBoy's FireWall-1 FAQ
• Cisco - Improving Security on Cisco Routers
• Cisco - Increasing Security On IP Networks
• Building Your Firewall Rulebase
• Creating a VPN between a Cisco router and a Checkpoint Firewall using manual IPSEC
• Firewall Handbuch für LINUX 2.0 und 2.2 (german)
• Marcus Ranum's Internet Firewalls FAQ
• Firewall Admins Guide to P*rn Guide for firewall admins who have to deal with this issue.
• FireWall-1 FAQ Page
• Firewall Forensics (What am I seeing?)
• Placing Backdoors trough Firewalls
• Bastille Linux
• sf Firewall Software -- a TCP/IP packet filter for Linux
• Linux IP Firewalling Chains better then ifwadm ;-)
• Internet standards you should know, if you set up an external screening or border router:
  • RFC 1858 Security Considerations for IP Fragment Filtering
  • RFC 2267 Network Ingress Filtering: Defeating Denial of Service Attacks Which Employ IP Source Address Spoofing
  • RFC 2644 Changing the Default for Directed Broadcasts in Routers

Intrusion Detection Systems

• The Honeynet Project To learn the tools, tactics, and motives of the blackhat community, and share those lessons learned.
• www.incident-response.org infos and tools for the morning after
• Intrusion Detection Systems usefull lists of available programms in this sector with "practical" reviews
• Eight Steps to A Working Intrusion Detection System
• FAQ: Network Intrusion Detection Systems
• FAQ: Sniffing (network, wiretap, sniffer)
• http://www.incidents.org/
• CSI Intrusion Detection System Resource
• Internet Security Systems, Inc.
• some IDS tools
  • Snort The Lightweight Network Intrusion Detection System
  • Sourcefire black boxes and professional services for/with snort
  • arachNIDS advanced reference archive of current heuristics for network intrusion detection systems
  • chkrootkit Checker for known Rootkits
  • Tripwire File integrity checker
  • AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more.
  • RealSecure from ISS
  • The Coroner's Toolkit TCT is a collection of programs by Dan Farmer and Wietse Venema for a post-mortem analysis of a UNIX system after break-in
  • Computer Forensics Software TCTUTILs is a collection of utilities that adds functionality to The Coroners Toolkit and the Autopsy Forensic Browser
  • The Autopsy Forensic Browser is a graphical interface to utilities found in The Coroners Toolkit (TCT) and TCTUTILs. It allows drive images to be analyzed at a file, block, and inode level. It also allows easy searches for strings in images.
    
  • Cisco Secure Intrusion Detection System (formerly NetRanger)
  • Intruder Alert/ NetProwler from Symantec
  • ResponseKits First Aid Kits for Unix & Windows
  • Network Flight Recorder a comprehensive, integrated, intrusion detection system that protects networks and hosts from known attacks, misuse, abuse and anomalies
  • NetworkIce is now ISS ;-)
• Windows NT Intruder Detection Checklist from CERT/CC
• Computer Forensic Analysis Class (Dan & Wietse)
• Help! Someone has broken into my system! (Dan Farmer)
• Intrusion Detection Level Analysis of Nmap and Queso Article in LinuxSecurity/SecurityFocus
• Help! How do I recover that important file? (Dan Farmer)
• Dshield.org Distributed Intrusion Detection System
• doshelp.com Intrusion & attack reporting center
• Virtual Burglar Alarm - Intrusion Detection Systems
• 50 Ways to Defeat Your Intrusion Detection System
• IDSWakeup is a false positive alarm generator for network based IDS
  
  

SAP R/3

• Hacking a SAP Database (german)
• Hacking SAP R/3 (german)
• Betriebssystemkommandos unter SAP R/3
• Hacking with SAP R/3
• SAP Securitymanagement with mySAP.com
• SAP Security Administration
• Authorization Made Easy Guide
• SAP Securit Authorizations
• SAP ITS Security Architecture
• SAP Pre-Implementation Audit
• SAP Security Guide

• Marcus J. Ranum's Homepage (remember the teaser on my frontpage?)

  • security-related publications
  • photo gallery Net.People / Security Portraits
• How the FBI Investigates Computer Crime
• Bundesamt für die Sicherheit in der Informationstechnik - BSI (Federal Agency For Security In Information Technology)
  • IT Baseline Protection Manual October 2000 Recommended Measures to meet Medium-Level Protection Requirements (english version)
  • IT-Grundschutzhandbuch Standard-Sicherheitsmaßnahmen Oktober 2000 des Bundesamtes für Sicherheit in der Informationstechnik
  • IT-Grundschutzhandbuch Standard-Sicherheitsmaßnahmen 2000 des Bundesamtes für Sicherheit in der Informationstechnik
  • IT-Grundschutzhandbuch Standard-Sicherheitsmaßnahmen 1999 des Bundesamtes für Sicherheit in der Informationstechnik
  • IT Baseline Protection Manual 1998 Recommended Measures to meet Medium-Level Protection Requirements (english version)
  • IT Grundschutzhandbuch 1998 des Bundesamtes für Sicherheit in der Informationstechnik (IT Baseline Protection Manual 1998 - Federal Agency For Security In Information Technology)
  • IT-Grundschutzhandbuch 1997 des Bundesamtes für Sicherheit in der Informationstechnik
  • IT Baseline Protection Manual 1997 Bundesamt für Sicherheit in der Informationstechnik (Federal Agency For Security In Information Technology)
  • IT-Grundschutzhandbuch 1996 des Bundesamtes für Sicherheit in der Informationstechnik     
• WWW-Server
  • Internet Holes: 50 Ways to Attack Your Web Systems
  • Security WWW
  • World Wide Web (in)Security
  • HTTP Security group of W3C
  • IIS 4 Checklist
  • IIS 5 Checklist
• WWW-Clients
  • Java / Netscape / MSIE Cache Exploit - Jan '97  
  • Security in Mosaic
  • HotJava: The Security Story
  • The Java Security FAQ
  • HotJava Security
  • WWW browser stress testing
  • NCSA httpd/Mosaic: Using PGP/PEM auth
  • Security in Netscape/SSL
    • Breaking SSL with RC40
    • Applying brute force against SSL
  • Netscape Security (problems)
  • Browser Crasher
  • JAVASCRIPT SECURITY BUGS
  • Georgi Guninski Security Research (IE-Bug of the month)
  • c't - Browser-Check
  • The Nasty JavaScript Tricks: Warning!
  • The Cookie Eaters: Cookie Collection Project
    

• FAQs
  • UNIX Reference Desk
  • The Solaris Security FAQ
  • ssh (Secure Shell) FAQ
  • PGP 2.6.2 FAQ, Buglist, Fixes, and Improvements
  • WWW-Security-FAQ
  • RSA's Frequently Asked Questions on Cryptography
  • FAQ: Computer Security Frequently Asked Questions (Usenet)
  • ISS FAQ collection
  • Usenet security FAQs
  • Marcus Ranum's Internet Firewalls FAQ
  • FireWall-1 FAQ Page
  • Phoneboy FireWall-1 FAQ
  • The alt.2600/#hack FAQ Introduction
  • Datenschutz Informationen
  • The Internet Firewall FAQ
  • Web Hack FAQ
  • NT Hack FAQ
  • Netware Hack FAQ
    

This is the private security page of Alexander Geschonneck. Feel free to contact me for comments. Here is the old page. © 1995-2002
Disclaimer: This page and any associated content does not always reflect the views or policy of the site maintainer.
Cryptography and Computer Security are sometimes controversial topics. Anything presented here is for informational purpose only. All logos and trademarks in this site are property of their respective owner.
last update: 15-Mar-2002 16:32 GMT+2