Section A.4 URLs for Security Sites

   


A.4 URLs for Security Sites

The number of URLs offering technical help on maintaining security on Linux systems has greatly increased as Linux has become more popular. You must always be careful not to fall into a cracker site, though this usually is obvious. I do suggest surfing the cracker sites occasionally so that you better understand the enemy.

A.4.1 Kurt Seifried's Site

Kurt is one of the sharpest security consultants around. Do not skip his site (www.seifried.org). See, especially, his Linux Administrator's Security Guide.

www.seifried.org/lasg/

A.4.2 Security Focus

Security Focus is a source for security information.

www.securityfocus.com/

A.4.3 Forensics

The following sites provide tools and advice for forensic computer analysis. They will help you find clues to who broke into your system and how. They are managed by Dan Farmer and Wietse Venema. Their tools are excellent and they are two of the best.

www.fish.com/forensics/

www.porcupine.org/forensics/

A.4.4 The Hackerwhacker Site

This site offers one free security scan of your site. Mostly, this is seeing which ports have programs listening. Its HTML report explains how dangerous the various services are and has links to detailed explanations. Additional usage is reasonably priced. It also has links to a number of security sites.

www.hackerwhacker.com/

A.4.5 Cracker Port Numbers

This site lists the usage of various ports, including cracker ports. It is reasonably complete.

http://advice.networkice.com/advice/Exploits/Ports/

A.4.6 Understanding Linux Viruses

This site provides descriptions of several Linux and UNIX viruses and how they work. This is presented on the belief that "security by obscurity" is not good security and to aid in recognizing when it happens to you.

www.big.net.au/~silvio/

A.4.7 FBI's NIPC

This Web site is for the FBI's National Infrastructure Protection Center. The site still is evolving.

www.nipc.gov/

A.4.8 FIRST

The Forum of Incident and Security Response Teams is an association of people involved with ensuring the security of organizations, many being large organizations. Some organizations will find it worthwhile to join.

www.first.org/

A.4.9 Linux Weekly News Security Page

The Linux Weekly News Web site has a frequently updated security page that is accessible from the main page.

www.lwn.net/

A.4.10 Linux Today

The Linux Today Web site has security links that are useful.

www.linuxtoday.com/

A.4.11 The SANS Institute

The SANS Institute is mentioned here for completeness.

www.sans.org/

It lists what it considers to be the top 10 vulnerabilities in systems connected to the Internet and some defenses, though not all of these are applicable to Linux systems.

www.sans.org/topten.htm


       
    Top


    Real World Linux Security Prentice Hall Ptr Open Source Technology Series
    Real World Linux Security Prentice Hall Ptr Open Source Technology Series
    ISBN: N/A
    EAN: N/A
    Year: 2002
    Pages: 260

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net