Tuesday, January 23, 2007

Security Oriented Web Sites

During last Sunday's show, Earl asked in our chat if I would catalog the security web sites I routinely check when looking at security issues. It is not a tremendously long list, but here they are.

For specific information on virus, worm and other malware removal, either do a Google on the name of it or go to the AV maker of your choice's site and see about information on how to accomplish that or removal tools.

Internet Storm Center

I check this one almost daily, and anytime there is a problem. You can glean a tremendous amount of information in a very short read, with links to help getting more information about problems and/or workarounds and fixes.


F-Secure Company web log

Both F-Secure's front page and the blog are interesting and likely to have the most details posted first of all the security companies, even if another team made the actual discovery. I don't know how they do this, but I think they maintain dedicated posting personnel all the time. At any rate, you can often enough get a 45 minute jump on other sites at these two that it is worth checking them first when trouble is in the wind.

Security Focus

More than simple security information, which clutters up the site a bit. Still, a very, very good resource for all things related to the well-being of your computer. They also have a bugtraq archive that is very useful, here.

Websence Security Labs

Loads of different threat information here. Some of it I consider a bit on the alarmist side in terms of it's presentation, but opinions vary on this and you should decide for yourself. No matter how it strikes you, there is a lot of good information here.

EEye Digital Security

EEye Tracker page for Zero-Day exploits

I watch both these pages as frequently as I can spare the time. They contain a lot of information and I have often used them in warning clients who might otherwise dismiss warnings by me as the result of my well-known paranoia.

Institute for Security and Open Methodologies

This is a place to learn about security. It will take a bit of time to wade through some of it, but there is a load of information here that cannot be found in any other single place. There are also security testing tools, some with detailed information on how to use the and interpret the results.


While nothing more than a handly listing of vulnerabilities and the code that exploits them, links to more information are provided for each entry. This is a very good place to go to get to some information on a problem in a hurrry, with little searching.

Ben Edelman's Site

We interviewed Ben in the past. He is one of the few definitive sources on adware/spyware infections. Ben is doing other things a lot more now, so he updates the site much less often than in the past. There is a good archive, though, and new articles do appear every couple months.

No comments:

Post a Comment

All comments are moderated.

Note: Only a member of this blog may post a comment.