COAST Hotlist: Computer Security, Law & Privacy

Some Introductory Material

If you have any comments or suggestions on this page, please share them with us. That helps us keep this page current and comprehensive for people to use. We're especially happy when people find it worth pointing out to others:

WebCrawler Select Mining Co Best of the Net

Net-Happenings Digest, 1 Jan 1996, cited by Liz W. Tompkins

Comprehensive security hotlist...you have to see it to believe it! Comprehensive does not do this site justice.

Information Systems Security Update, # 95-10, Chris McDonald, editor

WOW! The site has in my opinion become the security WWW par excellence. The links are diverse and eclectic .... Put www.cs.purdue.edu/coast in your hotlist!

The Computer Underground Digest, #7.74, Jim Thomas and Gordon Meyer, editors

We've added a security section, including links to Gene Spafford's sites. His sites are exceptionally complete and well-organized. They're the cyber equivalent of the Smithsonian: You can browse them for weeks and still want more.

This page was originally constructed by Spaf, but with considerable assistance from the students in COAST. Major development and enhancements were made in 1996-1997 under the supervision of Tanya Mastin, with contributions by David Cole, Laura Feinstein, Brett Kopetsky, Marc Miller, Luke Nelson, Aurobindo Sundaram, and Amy Voss. A good deal of maintenance has also been performed by Tom Daniels and Todd O'Boyle. The calendar of security events is being maintained by Tanya and by Casey Gray. Steve Lodin built the specialized firewalls page, and Jason Reid built the system administration page.

For other references to law, you might see the government page, and for references to other magazines and such, you might see the news and media pages.

The following is a table of contents for this page. Select the heading you wish to examine as a short-cut to navigate through the page.

  • Organizations & Agencies
    • [New!]
  • FIRST Teams
  • Professional Organizations
  • U.S. Government
  • Others
  • Education in Computer Security
    • [New!]
  • Major Research Centers
    • [New!]
  • Cryptography and Computer Security Courses
  • Other Education/Research Projects
    • [New!]
  • Research Conferences
  • Publications
  • Journals, Newsletters and Mailing Lists
  • FAQs and Glossaries
  • Books & Book Info
  • Other Publications
  • Security Archives, Servers & Indicies
    • [New!]
  • Comprehensive Sites
  • Tools
  • "Underground" Sites
  • Cryptography
    • [New!]
  • PGP-related
  • Export Control & Politics
  • Other cryptography
  • Computer Viruses
  • Privacy Issues
  • Computing Ethics
  • Network Security
  • Firewalls
  • Security in WWW
  • Security in Java
  • Electronic Commerce
  • NT Security
  • Other
  • Intrusion Detection
  • Commercial Sites
  • Computer Vendors
  • Primarily Firewalls
  • Others
  • Law
  • Physical Security
  • Miscellaneous

    • Organizations & Agencies

    FIRST Teams (Forum of Incident Response and Security Teams)

  • FIRST Homepage
  • FIRST members' PGP keys (ASCII)
  • AUSCERT - Australian Computer Emergency Response Team
  • CERT Coordination Center (U.S.)
  • CIAC Web Site (U.S. Department of Energy)
  • CERT-NL - SURFnet Response Team, Netherlands
  • DFN-CERT
  • NASIRC - NASA Automated Systems Incident Response Capability, USA
  • PCERT - Purdue University Computer Emergency Response Team, USA
  • Air Force Computer Emergency Response Team (AFCERT) [New!]
  • National Technical Infor mation Service (NTIS)
  • Naval Postgraduate School (The): Joint C4I Systems
  • Office of the Director of C4I
  • LUX-CERT, Luxembourg
    •

    Professional Organizations

  • Computing Professionals for Social Responsibility (CPSR)
  • HTCIA (High-Tech Crime Investigators Association)
  • INTERNET PRIVACY COALITION
  • HTCIA, Northern CA Chapter
  • IEEE-CS TC on Security and Privacy
  • IEEE SSITSociety for Social Implications of Technology Home Page
  • International Federation for Information Processing
  • International Association for Cryptologic Research
  • The Internet Society
  • ISSA Home Page
  • USENIX & SAGE
  • Usenix Security-related Events
  • Electronic Privacy Information Center
  • National Computer Security Association (NCSA)
  • CEPIS: Council of European Professional Informatics Societies
  • International Association for Cryptologic Research
  • IEEE Computer Society
  • International Federation for Information Processing
  • Organization for Economic Cooperation and Development

    • U.S. Government

  • ARPA home page
  • Central Intelligence Agency Home Page
  • Computer Security Technology Center at Lawrence Livermore National Laboratory (DOE)
  • DoD Information Analysis Center (IAC) Hub Page
  • Defense Information Systems Agency (DISA)
  • The Department of the Treasury: Financial Crimes Enforcement Network
  • NIST Computer Systems Laboratory
  • NRL Center for High Assurance Computer Systems (Naval Research Lab)
  • National Security Agency
  • Office of the U.S. Secretary of Defense (OSD)
  • US Navy SPAWAR
  • Office of Naval Research - Europe
  • NASIRC - NASA Automated Systems Incident Response Capability, USA
  • Air Chronicles (US Air Force Web site
  • Airborne Electronic Warfare Systems Department
  • C4I HORIZON '95
  • DISA Center for INFOSEC (CISS)
  • GPO Pathway Services
  • Contains Congressional Testimony on Hackers and Network Intrusion
  • Historic File of Supreme Court Decisions Online
  • "National Security Science and Technology Strategy
  • GSA - Center for Security and Technology Training
  • Naval Intelligence Professionals
  • Computer Security Resource Clearinghouse [New!]
  • Federal Computer Incident Response Capability[New!]
  • The National Counterintelligence Center [New!]
  • Bureau Of Diplomatic Security, United States Department Of State
  • Defense Information Agency Center for Automated System Security Incident Support Team (ASSIST)
    •

    See also my hotlist for Government.

    Others

  • NCSA (National Computer Security Association)
  • Software Publishers' Association
  • Communications Security Establishment (Canada's version of the NSA)
  • ITAA Home Page
  • Voters Telecommunications Watch (vtw@vtw.org)
  • EWOS/EG SEC
  • Computer Security Institute
  • San Diego Regional Info Watch
  • Electronic Privacy Information Center
  • Association of Federal Defense Attorneys
  • Institute for the Advanced Study of Information Warfare
  • Center for Democracy and Technology
  • Metro Security
  • TEKALERT
  • CopNet
  • @cybercop.org
  • Eric Allman's Sendmail[New!]
  • Coalition Against Unsolicited Commercial Email
  • Security Industry Association (An association of physical security professionals.)
  • Observatoire de la Sécurité des Système d'Informaion & des Réseaux
  • North American Network Operators' Group
  • Manhattan Cyber Project
    •

    Education in Computer Security

    Major Research Centers

  • COAST Project at Purdue University.
  • Center for Secure Information Systems (CSIS) at George Mason University.
  • The Centre for the Study of Public Order at the University of Leicester (UK), MSc in Security Management and Information Technology.
  • Computer Security Group at University of Cambridge (UK).
  • Computer Security Research at UC Davis.
  • Information Security Research Centre at Queensland University of Technology, Australia.
  • Cyberspace Policy Institute at George Washington University.
  • SIRENE: SIcherheit in REchnerNEtzen (Security in Computer Networks) at the University of Hildesheim/IBM Zurich.
  • Sicherheit in der Kommunikationstechnik (German, University of Freiburg)
  • Centre for Computer Security Research at the University of Wollongong (Australia)
  • Defense Science Study Group (DSSG)
  • Center for Cryptography, Computer, and Network Security
  • NPS CISR - Naval Postgraduate School Center for INFOSEC Studies and Research
  • National Research Council--Science in the Headlines
  • International Federation for Information Processing

    • Cryptography and Computer Security Courses

  • Cryptographic Protocols and Analysis, New York University
  • Cryptography and Internet Security, UMBC
  • UMBC Cryptography Course
  • Network and Computer Security, MIT
  • Information Security, George Mason
  • Introduction to Cryptography, Clemson University
  • Cryptography and Computer Security, Princeton
  • Cryptography and Data Security, Purdue University(Computer Sciences)
  • Penetration Analysis, Purdue University(Computer Sciences)
  • Cryptography and Secure Communications, Purdue University (ECN)
  • Modern Cryptography, UC-Davis
  • Cryptography and Data Security, Worcester Polytechnic
  • Cryptography and Security, California State University
  • Data Security and Cryptography, Oregon State University
  • Cryptology in Computing, University of New Mexico
  • Telecommunications Security, George Washington University
  • Introduction to Cryptography, Duke University
  • Introduction to Cryptography, UCSD
  • Cryptography and Computer Security, University of Nebraska, Lincoln
  • Cryptology, Odense University (Denmark)
  • Cryptology, Oberlin University
  • Computer Security and Cryptography, Idaho State University
  • Cryptography (in Dutch), University of Amsterdam
  • Computer System Security I, Iowa State University
  • Computer System Security II, Iowa State University
  • Introduction to Cryptography, Iowa State University
  • Digital Security and its Implications, Brown University
  • Network Security, Georgia Tech
  • Computer Security, Data Communications, Modern Cryptology, and Network Security, Monash University in Australia(These pages only accessible by Monash users)
  • Cryptography, University of Kentucky
  • Computer and Network Security, University of Tennessee
  • Cryptology, Eindhoven University of Technology in Eindhoven (the Netherlands)
  • Advanced Cryptography, University of Wisconsin
  • Data Security, University of Wisconsin
  • Cryptography, University of Illinois
  • State of the Art and Evolution of Computer Security and Industrial Cryptography, Katholieke Universiteit Leuven in Belgium(four day summer course)
  • CS W4995-001 (Topics in Computer Science): Network Security at Columbia University
  • UIUC Computers, Security, and Ethics Course
    •

    Other Education/Research Projects

  • Computer Security Research at the University of Idaho
  • Computer Security Research at Iowa State
  • The GOST Group at ISI/USC.
  • Information Security Institute (short courses)
  • Cryptography & Security Research at PSU
  • Royal Holloway College (University of London) program in Information Security
  • Doug Tygar's security projects at CMU
  • Collaborations in Internet Security (CIS)

    • Research Conferences

  • COAST Experimental Events Calendar
  • 1996 Symposium on Security and Privacy
  • IFIP 96 Working Conference on Database Security
  • Computer Security Foundations Workshop[New!]
  • Ninth IEEE Computer Security Foundations Workshop
  • NISS-18 Papers, Panels, and Tutorials List
  • INFOSEC HOME PAGE
  • Eurocrypt '96
  • Conferences on Security and Cryptography
  • The Sixth Conference on Computers, Freedom, and Privacy
  • 1997 RSA Data Security Conference
  • Financial Cryptography 97 conference
  • Georgia RACF Users' Group - GARUG
  • DIMACS Workshop on Network Threats
  • Dartmouth Workshop on Transportable Agents
  • New Security Paradigms '97
  • Second International Workshop on Enterprise Security [New!]
  • 1997 Information Survivability Workshop
  • Fifth ACM Conference on Computer and Communications Security
  • The IEEE Singapore International Conference on Networks
  • The 18th International Conference on Distributed Computing Systems
  • International Seminars Division Event Calendar
  • Beyond HOPE
    •

    Publications

    Journals, Newsletters and Mailing Lists

  • COAST Newsletter ("CoastWatch")
  • Bugtraq archives at NetSpace
  • Bugtraq archives
  • Bugtraq list in hypermail
  • The PRIVACY Forum
  • IEEE-CS TC on Security and Privacy Cipher newsletter
  • Computer Underground Digest WWW Site
  • NetWatchers Front Page
  • The RISKS Forum
  • Firewalls mailing list
  • 2600 Magazine
  • Phrack
  • Sneakers-Internet Wide Area "Tiger Teamers" mailing list.
  • Virtual Library Mailing List Archive (includes bugtraq and firewalls lists)
  • GrayAreas
  • Journal of Computer Security[New!]
  • Disaster Recovery Journal
  • Back issues ofComputer and Communications Security Reviews
  • Infosecurity News - Introductory Home Page
  • Computers & Security
  • The Virus Bulletin
  • www-security mailing list
  • SunWorld Online
  • The Crypt Newsletter WWW Homepage
  • Crypt Newsletter
  • Papers published by Reliable Software Technologies
  • Security Digest
  • The Scout Report Homepage
  • Legion of Lame Home Page
  • Win 95 Net Bugs Archives
  • The Red Rock Eater
  • OFFSHORE, an eJournal
  • Microsoft CryptoAPI Mailing list
  • A definition of the word hacker, and some associated links.
  • IBM's Other Voices
  • Cryptolgia - A quarterly journal devoted to all aspects of cryptology
  • The Journal of Infrastructural Warfare
  • The Journal for Internet Banking and Commerce
  • Journal of Systems and Software
  • Journal of American Undergrond Computing [New!]
  • Cypherpunks Mailing List[New!]
  • International Journal of Forensic Computing
  • Secure News
  • ISS Comprehensive Security Mailing Lists
    •

    FAQs and Glossaries

  • PGP 2.6.2 FAQ, Buglist, Fixes, and Improvements
  • Security term glossary
  • Usenet security FAQs
  • The alt.2600/#hack FAQ Introduction
  • The WWW Security FAQ
  • Ssh (Secure Shell) FAQ
  • Java Security: Frequently Asked Questions
  • Win 95 Net Networking FAQ
  • Free On-Line Dictionary of Computing
  • List of security FAQs
  • MITRE Security glossary
  • Dictionary of PC Hardware and Data Communications Terms
  • DCE FAQ
  • VIRUS-L FAQ
  • List of Virus FAQs
  • Security Term Glossary
  • Cybertek/Modern Survivor FAQ
  • Sniffer FAQ
    •

    Books & Book Info

  • The Hacker Crackdown by Bruce Sterling
    • [New!]
  • US site
  • another US site
  • O'Reilly Security Book info
    • [New!]
  • Computer Security Basics by Russell and Gangemi
  • Practical Unix Security by Garfinkel and Spafford
  • UNIX & Internet Security, 2nd Edition
  • PGP: Pretty Good Privacy by Garfinkel
  • Computer Crime: A Crimefighter's Handbook by Icove, Seger & VonStorch
  • Building Internet Firewalls by Chapman and Zwicky
  • Building in Big Brother by Lance Hoffman
  • Cryptography Theory and Practice
  • TAKEDOWN
  • Cryptography's Role in Securing the Information Society
  • Computing and Communications in the Extreme Research for Crisis Management and Other Applications
  • Prime Numbers and Computer Methods for Factorization [New!]
  • The New Book of Prime Number Records [New!]
  • The Underground
  • WEB Security Sourcebook
  • At Large The Strange Case of the World's Biggest Internet Invasion
  • Network and Internetwork Security by William Stallings"
    •

    Other Publications

  • Common Criteria Draft
  • Site Security Handbook (FYI #8)
  • GAO reports on computer security
  • The Group Administration Shell and the GASH Network Computing Environment
  • NewsPage Hierarchy Level: Information Security
  • FIRST Archive of Security Papers
  • IPng Specifications
  • A_Structured_Approach_To_Computer_Security
  • AUSCERT Papers
  • Unofficial Markoff, Mitnick, Shimomura FAQ
  • Common Criteria, Version 1.0
  • Cyber Whiz Makes Crime His Business
  • Court Challenge to the CDA
  • Kerberos: An Authentication Service for Computer Networks
  • Predicting How Badly 'Good' Software Can Behave
  • Internet Explorer Security Flaw
  • Continuous Assessment of a Unix Configuration: Integrating Intrusion Detection and Configuration Analysis
  • Detecting Breaches in Computer Security: A Pragmatic System with a Logic Programming Flavor
  • Languages and Tools for Rule-based Intrusion Detection
  • Java security, take two
  • Bug in Java Security Enables Malicious Applets to Attack
  • Navy Publicatioins [New!]
  • Navy Handbook for the Computer Security Certification of Trusted Systems
  • Center for High Assurance Computer Systems Publications
  • Various papers via FTP
  • Multilevel Security Article
  • Why I Don't Like Microsoft's FrontPage Web Authoring Tool
  • Break-In! article in Client / Server Magazine
  • Computerworld Special Feature on Security
  • It's the end of the world (as we know it) Virus Hoaxes
  • cause for alarm e-zine
  • Abstract of Security Survey of Key Internet Hosts & Various Semi-Relevant Reflections
  • The Revolutionaries
  • Information Week/Ernst and Young Information Security survey
  • Papers from the Center for the Study of Online Communities
  • Time-lock puzzles and timed-release Crypto
  • Virus Scanners of the year 2000
  • Using Software as an Invesitgative Tool
  • Computer Crime: An Emerging Challenge for Law Enforcement
  • Spectre Press
    • w
  • CERT Advisories [New!]
  • Improving the Security of your Site by Breaking Into It
  • CERT advisory 96.10 on default NIS+ file permissions
  • Earlier Security columns in SunWorld Online
  • PCCrypto - CNET[New!]
  • Burn It - Macworld[New!]
  • DataSafe - CNET[New!]
  • Security Risks [New!] in Key Recovery
  • EFF Publication Archive [New!]
  • Coping with the Threat of Computer Security Incidents[New!]
  • CERT Technical Tips [New!]
  • AT&T Papers - Internet Security [New!]
  • Oxford Security Papers[New!]
  • The Architecture and Implementation of Network-Layer Security Under UNIX[New!]
  • AUSCERT Papers Archive [New!]
  • Reviews of papers and tools[New!]
  • TAP vs Ident [New!]
  • Draft of Generally Accepted System Security Principles (GSSP)"
  • CSL Bulletin -- THREATS TO COMPUTER SYSTEMS
  • The Social Organization of the Computer Underground
  • Computer Security Policy: Setting the Stage for Success
  • Computer Break-ins: A Case Study
  • CSL Bulletin -- Connecting to the Internet: Security Considerations
  • Security Problems in the TCP/IP Protocol Suite
  • HotWired on IP Spoofing
  • A Weakness in the 4.2BSD Unix TCP/IP Software
  • More Security Bugs Bite Netscape
  • Firewall Products Today (PDF)
  • It's HIP to Hack, Euros Say
  • Sequence Number Attacs
  • UnixWorld Online: Sequence Number Attack on Shimomura
  • RFC 1948: Defending Against Sequence Number Attacks
  • Firewalls-Digest V5 #20 on Sequence Number Attacks
  • Bellovin on "Security Problems in the TCP/IP Protocol Suite"
  • RFC 2196: Site Security Handbook
  • Information Security: Computer Attacks at Department of Defense Pose Increasing Risks
  • The Rise of the Underground Engineer
    •

    Security Archives, Servers & Indicies

    Comprehensive Sites

    These sites may have documents, tools, standards, advisories, and pointers to other security collections.

  • COAST Archive (via WWW index)
  • COAST Archive (via ftp)
  • NIST Computer Security Resource Clearinghouse
  • NRL's High Assurance Computing Systems
  • Security Reference Index
  • EINet's Security Page
  • Comprehensive page at NIH
  • Hotlist by Bennet Yee
  • Directory at Yahoo
  • Security (Computer Technology) index at EInet
  • CIAC Web Site
  • NRL ADP Security
  • Security for Businesses on the Internet
  • U. Pennsylvania - Information Security and Privacy
  • AuditNet
  • EFF Crypto/Privacy/Security Archive
  • Sirene Pointers
  • Idaho State's Security Library page
  • A general index at CNS (Luxembourg)
  • Szymon Sokol's security page
  • SIMS Security links page
  • Network/Computer Security Technology
  • Unix Net for Computer security in Law Enforcement (U.N.C.L.E.)
  • CNS - Network Security Pages
  • RFC Index
  • Computer Security index @ Chalmers
  • funet.fi ftp archive
  • Tiamat's lair (a different spin on this hotlist)
  • "Unix Guru Universe" hotlist
  • Computer Security
  • Security Resource Net - Computer Security
  • The Irish Computer Security Archives
  • RST Reliability Hotlist
  • Anonymous FTP abuses
  • Email bombing
  • Email spoofing
  • STEL -- A secure telnet surrogate
  • A-Z Cryptology
  • Directory of Scholarly and Professional E-Conferences
  • The Solaris Security FAQ
  • Crypto-Log: Internet Guide to Cryptography
  • Win 95 Net Bugs Archives
  • Kim-Spy Archive (Military and Political)
  • Kim-Spy Archive (Non-Military)
  • PVEP-Security Archive
  • Quadralay Cryptography Archive
  • The Great Big Privacy Page
  • Mega Security Links
  • Intelligence on the Web
  • Loyola Homepage on Strategic Intelligence
  • The National Security Archive
  • Security UK
  • National Institutes of Health Computer Security Information
  • Electronic Frontier Foundation Security Archive
  • MITRE Information Security Technical Center Info
  • The Collection of Computer Science Bibliographies
  • Virtual World of Spies and Intelligence
  • Global Technology Research's Information Security Archive
  • FACTNet Library and Archives
  • New Zealand Security Industry Association
  • SGI: The Information Vault
  • List of sites to report vulnerabilities
  • Sunworld security links
  • Related network security stories from SunWorld Online's Site Index
  • Also check out the Site Index for stories on Web server security
  • Computer Security Resource Clearinghouse[New!]
  • IBM Computer Security Links[New!]
  • Infilsec Vulnerability Database
  • Matt's Unix Security Page
  • FORMIS VIRTUAL ARCHIVE
  • Security Page
  • BugNet
  • Cyphernet
  • Secure Data Networks
  • Gateway to Information Security
  • Interesting Security Links
  • Computer and Internet Security Resources
  • Harvard Information Infrastructure Project Policy Gateway
    •

    Tools

    These are pointers to collections of tools, or good archives where you can find security-related tools.

  • COAST Archive (via WWW index)
  • COAST Archive (via ftp)
  • Unix System Monitoring Tools
  • Doug's tools page
  • Internet Locations for Materials on the Disks for Applied Cryptography
  • Klaxon (a port monitoring tool)
  • Rscan Homepage
  • Netpassword - changing passwords safely across the net
  • The Kerberos Network Authentication Service
  • The Sesame Distributed Authentication System
  • Security tools at Dartmouth (Matt Bishop)
  • System administration tools
  • funet.fi ftp archive
  • Wietse Venema's collection of tools and papers
  • Frank O'Dwyer's Homepage - Security Code
  • Ssh (Secure Shell) Home Page
  • osh, Operator Shell, Distributes Privileges Under UNIX [New!]
  • Satan Homepage
  • Unix Host and Network Security Tools
  • DCE Homepage
  • Far Out! Computer Security
  • Michael Sobirey's Intrusion Detection Systems page
  • Linux NetKit
  • AVP Virus Encyclopedia
  • Word Lists[New!]
  • Dictionaries from Oxford[New!]
  • passwdd 1.2, A complete substitute for passwd/yppasswd that does password-checking[New!]
  • securelib[New!]
  • sfingerd, Logging fingerd, and other tools[New!]
  • xinetd, a replacement for inetd[New!]
  • DFN CERT Tools Archive [New!]
  • Argus 1.5, a generic IP transaction auditing tool[New!]
  • ARP Watcher[New!]
  • the NETMAN family of programs [New!]
  • swatch, simple log watcher[New!]
  • TCP Port Prober[New!]
  • tcpdump [New!]
  • passive-ftp, FTP client that doesn't establish TCP connections on ports > 1023[New!]
  • SFS, Secure File System[New!]
  • Netpipes
  • Asmodeus
  • Janus, A Secure Environment for Untrusted Helper Applications
  • The Offline Utility to Change NT Passwords
  • Joe's Generic SUID/SGID Wrapper
  • Ballista
  • Linux chkexploit
  • IP logger for Linux
    •

    "Underground" Sites

    These sites may or may not advertise themselves as "underground" sites. Last time we looked, you might be as likely to find tools or instructions about how to break into a system as protect it. These links are provided for information use only.

  • The Internet Underground (John Gott's list)
  • Spy.org
  • Aleph1's security page
  • A list of "underground" sites
  • L0pht Heavy Industries
  • The DEFCON site
  • Unauthorized Access Home Page (videotape)
  • HacKeR WorLD
  • Computer underground Digest WWW Site
  • EFF Computer Underground Digest [New!]
  • CuD "Computer Underground E-Publications - Top Level" Archive
  • Directory of /pub/hacker at Giga Internet Group
  • SaTaN's Lair
  • Vexation's -_-UnDeRgRoUnD-_-
  • Phil's: Phil's (Unix & Hacking) Texts
  • Computer Underground, Hackers, Security Sites WAVC
  • Jim's Page of KeWL Stuff
  • Big Bad BoyZ
  • Hacks 'R Us...
  • Jargon File - a compendium of hacker slang
  • Hacker's Paridise
  • John's Boxing Page
  • The Irish Hacking Resource Page
  • Mac Hacks
  • B1FF#S K3WL HOM3 PAG3
  • Cyber Underground Hacker Links
  • The Annex -- security related information, much like COAST
  • Insomniac, The
  • Otherside
  • The New Dutch Hack/Phreak Magazine
  • Cosmos' Underground
  • Skullcap's Dominion
  • Razor Pirating Page
  • Group 42 Sells Out! - The Information Archive
  • HackerZ Hideout
  • Security Software
  • Dr. Matrix's Underground Information Archives
  • The New Hacker's Dictionary
  • The Hacker Crackdown
  • Noobs Hack Links
  • Security & Hackerscene
  • The Hijack Packet Project
  • Hacking Hints
  • Hacking cracking archives
  • HaRM's
  • Information Liberation Front
  • Hacking, cracking and Warez site
  • A page of hotlinks to other hacking sites.
  • A small list of available files, and some hacking links.
  • A few phreaking tools.
  • A nice general hacking page, nothing really impressive, but well put together.
  • The FAQ for the newsgroup alt.2600.
  • KrUwEl KiDs WoRlD of DiGiTaL KoMbAT..
  • VooDoo's Underground Pages
  • A political page for freedom of speech and the home of the Hacker's Defense Fund.
  • TACD - Techno Anarchists Creating Disorder
  • Access All Areas(A^3) in London UK
  • Hacker site
  • Brandon's hacker page
  • Queen of Darkness hacker links
  • Anti-Sailor and hacker links
  • Ziggiey's Hack Hut for Macs
  • UnBoRn iNC.
  • QuantumX
  • List of Macintosh underground sites
  • Locutus' Phreaker and Anarchy Page
  • Fravia's Page of Reverse Engineering
  • Queen Of Darkness
  • SpamMan
  • AOL, Hackers, and Time magazine
  • le bulletin lambda
  • Hacking Rulez
  • Lord Hack's Computer Security and Hacking Page
  • infik's hacking hole
  • Copies of hacked web pages
  • Infinity Void
  • Cracking programs
  • Hacking Links
  • Inner Ring Webring
  • Man Eats Dog UK Phreak Archive[New!]
  • Hacking Websites[New!]
  • World's Greatest Hacking Links[New!]
  • mArKoViAn'S Place[New!]
  • Xero Freak[New!]
  • Potman's Hacking Page[New!]
  • Joubert's Dungeon[New!]
  • Hacking In Progress 97[New!]
  • Acid Warp[New!]
  • CyberJihad
  • Hacker's Pages at Yahoo! [New!]
  • thE neW evolutioN [New!]
  • WarezNet World's Top 50 [New!]
  • Z-Crack [New!]
  • Warez Site Lists [New!]
  • CyberJOX Cafe [New!]
  • Cracker archive at Oxford University[New!]
  • Burnt Toad
  • Enslaver
  • Hack NT
  • Smashing the Stack
  • Hack the Evil Empire!
  • Nomad Mobile Research Centre
  • rootShell.com
  • Warez Arena
  • Top 69 Warez Sites
  • Unlimited Warez
  • Dead Carnival
  • TazZone
  • Lote's World
  • Warez Clan
  • Warez Ftp
  • Web Poop
  • Dark Dante
  • Warez Wizards
  • Fallout Zone
  • Loony's Asylum
  • CrunchMan
  • Axur05
  • Dimunchik's Home Page
  • Phone Phreakers' Fonebook
  • Elite H/P/C/A/V/W/irc
  • System Down
  • Phreak Zone
  • Hack
  • Se7en
  • Hackers Club
  • Illuminati '97
  • Cyrus's Haven
  • Ghost of Security
  • AOL Phun
  • Hex Dump
  • Mad Hackers
  • Bunalow Bill's Den
  • Hack! The Planet

    • Cryptography

    PGP-related

  • Home page for www.pgp.net
  • Cryptography, PGP, and Your Privacy page
  • Getting PGP
  • PGPfone Home Page
  • PGP 2.6.2 FAQ, Buglist, Fixes, and Improvements
  • Finding someone's PGP key
  • ViaCrypt WWW Site
  • NCSA httpd/Mosaic: Using PGP/PEM auth
  • MacPGP Control - MPGPC
  • PGP Digital Timestamping Service
  • PGP Keyserver Statistics
  • Cryptography and Computer Security
  • PGP Interface for WinPMail
  • PGP & Remailers made Simple using Windows
  • Tsuruta's MacPGP Page
  • PGP for the Moderately Skilled
  • Benjamin's Pretty Good Privacy Page
  • The Privacy Pages PGP links
  • Interview with Phil Zimmermann
  • Pretty Good Privacy, Inc.
  • Invincible Mail for Pegasus
  • Access Control
    • [New!]
  • SETUP attacks on PGP
  • PGPCrack
  • Using Public Key Technology -- Issues of Binding and Protection
  • Simple Key-Management for Internet Protocol (SKIP)
  • Where do I get PGP?
  • Keith's UK International PGP Home Page
  • PGP Quick Reference
  • Annotated PGP Bibliography
  • PGP'o'MAGIC: PGP-FrontEnd (win) / Support Page
  • Beginner's Guide to PGP and Internet Privacy
  • Win-PGP
  • All Personal Security -- PGP!
  • The Watchman[New!]
  • Zimmerman Telegram Newsletter[New!]
  • MacPGP: Encryption and Macintosh [New!]
  • PC PGP archive [New!]
  • Books on PGP
    • [New!]
  • PGP: Pretty Good Privacy by Garfinkel
  • The Official PGP User's Guide by Phil Zimmermann
  • Encryption detour discovered
  • Hashes - MD4 and MD5 problems, RIPEMD-160
  • The hash function RIPEMD-160
  • Pretty Good Privacy (PGP) Installation - Step by Step

    • Export Control & Politics

  • Cryptography Export Control Archives
  • EPIC's page on crypto policy in the US
  • CPSR Clipper Chip page
  • Information on the NIST Key Escrow Export meeting
  • Building in Big Brother by Lance Hoffman
  • The Applied Cryptography Case
  • COECouncil of Europe Recommendation No. R (95) 13
  • News Item: Alternate...all about crypto
  • Cryptography's Role in Securing the Information Society
  • Australia Customs Regulations on Cryptography
  • Information of Key Recovery Initiative Legislation
  • Vice Presidential Statement on export controls for commercial encryption products
  • The Center for International Trade and Security
  • Security und Hackerszene (In German)
  • Conrad Burn's homepage
  • Encryption Policy Resource Page
  • Department of Commerce Encryption Export Regulations
  • Cryptography Policy
  • OECD Guidelines on Cryptography
  • UK Cryptography Policies
  • Statement on Crypto Policy
  • Cryptography Framework
  • Cryptography Policy and the Information Economy
  • OECD Crypto Policy[New!]
  • Government access to crypto keys[New!]
  • Government allowsCylink, TIS and Digital to export 56bit encryption [New!]
  • Commercial Encryption Export Controls [New!]
  • EFF Policy Archive [New!]
  • House of Representatives Committee on International Relations Members Briefing Regarding Encryption
  • Statement of Louis J. Freeh, Director Federal Bureau of Investigation Before the Senate Judiciary Committee Hearing on Encryption United States Senate
  • The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption
  • The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption
  • NRC report: "Cryptography's Role In Securing the Information Society"
  • Building in Big Brother
  • A Framework For Global Electronic Commerce
  • Consensus On International Encryption Policies Challenged
  • ZDNET Politics and Encryption
  • ZDNET Encryption Magician
  • Infoworld: U.S. encryption algorithms escape Pandora's box -- legally
  • French Cryptography Law
  • International PGP Freeware
  • Fortify for Netscape: 128 bit security in Export Versions of Netscape
    •

    Other cryptography

  • RSA's S/MIME Central
  • Cryptography: The Study of Encryption
  • Quadralay Cryptology Archive
  • Lawrie Brown's crypto bibliography
  • Cypherpunks' Homepage
  • RSA's Frequently Asked Questions
  • BIG crypto code archive @ University of Milan.
  • International Association of Cryptologic Research (IACR)
  • The Cryptography Project (Dorothy Denning @ Georgetown University)
  • Ross Anderson's homepage (some papers on crypto)
  • Ronald L. Rivest's Cryptography and Security page
  • TEA, a Tiny Encryption Algorithm.
  • Steganography
  • Cryptography Theory and Practice
  • International Cryptographic Software Pages for Encryption, Decryption, Cryptanalysis, Steganography, and Related Methods
  • Welcome to CRYPTOGRAPHY.COM
  • VENONA Home Page
  • Cypris Encryption Processor
  • Crypto++ 2.0 - a C++ Class Library of Cryptographic Primitives
  • Enigma & Co. - Professional Cryptography Software
  • CRYPTOGRAPHY.COM
  • Coded Drag
  • Data Encryption Techniques
  • Crypt Newsletter
  • Conferences on Security and Cryptography
  • SKIP - Simple Key management for Internet Protocols
  • ASCOM Systec Homepage
  • A-Z Cryptology
  • Center for Cryptography, Computer, and Network Security
  • Crypto-Log: Internet Guide to Cryptography
  • Counterpage Systems, Computer Security and Cryptography Consulting
  • Why Cryptography is Harder than it Looks
  • Carrick, an encryption toolkit
  • Data Integrity, LLC
  • Mitsubishi Electric Corp Data Encryption Algorithm MISTY
  • Anderson and Kuhn Paper on the limits of tamper resistance
  • nCipher Corporation
  • The RSA Cracker Challenge Team Home page
  • Teledyne Security Information
  • Certicom
  • Evaluation Criteria for Cryptography
  • Quadralay Cryptography Archive
  • Datacomms Technologies cryptography archive
  • Cryptologia - A quarterly journal devoted to all aspects of cryptology
  • CryptDisk software for the Mac
  • Cryptography Resource Collection
  • Crack password cracker
  • cryptlib
  • Message Authentication Research, alternative to MD5
  • The Tiny Cryptography Contest Homepage
  • Data Encryption Standard Challenge
  • Time-lock puzzles and timed-release Crypto
  • CryptoWeb
  • SECURE encryption
  • RPK Public Key Cryptography
  • Beginners Cryptography Page
  • RSA Algorithm Javascript
  • Secure Technologies
  • Internet Software Solutions
  • Crypto Shareware and Freeware
  • Newbies guide to cryptography
  • Digital Signatures as Legal Signatures
  • Fortezza Encryption Card
  • The Colossus Rebuild Project
  • Cold War Codebreaking
  • RSA Cryptography FAQ
  • Public-Key Cryptography Standards
  • Cryptography's Role in Securing the Information Society
  • DES crack page [New!]
  • A list of DES cracking sites[New!]
  • FIPS, Government Encryption Standards [New!]
  • Internet Certificate Policy Papers [New!]
  • Meganet Virtual Matrix Encryption [New!]
  • Cryptanalysis Papers and Tools from Oxford [New!]
  • RPEM, Rabin Privacy Enhanced Mail[New!]
  • Cryptography archive at ftp.funet.fi [New!]
  • RC5-56 Project
  • Bovine RC5 Cracking Project
  • Slammin' Tech Inc.
  • Function-Based Encryption
  • envelope
  • SEMS
  • Flaw in Cell Phone Encryption Identified
  • Overview of Certification Systems: X.509, CA, PGP and SKIP
  • SkeyCalc - A NEXTSTEP S/Key Response Calculator
  • RFC 1510
  • Kerberos FAQ
  • Sesame
  • Limitations of the Kerberos Authentication System
  • Protocol Failure in the Escrowed Encryption Standard
  • Diffie-Hellman Method For Key Agreement
  • Algorithmic Research
  • Towards A European Framework for Digital Signatures And Encryption
  • New Crypto Technique from NEC
    •

    Computer Viruses

  • Chris Johnson's Gatekeeper Mac Anti-virus Tool
  • John Norstad'sDisinfectant Mac Anti-virus Tool
  • Safetynet, Inc.
  • Computer Viruses page by Lorna @ SigNet
  • Data Fellows WWW pages (F-PROT Professional)
  • IBM's Anti-Virus page
  • Dr. Solomon's Virus Info
  • Alwil Software
  • Macintosh Virus info
  • Things that Go Bump in the Net
  • MS-DOS Anti-virus Tools
  • WinWord Nuclear virus
  • Virus-L/comp.virus FAQ
  • Information on the Word Prank Macro
  • Threat Assessment of Malicious Code and Human Computer Threats
  • Eddy Willems Free Anti-Virus Consultancy (WAVC)
  • Virus Information
  • ThunderBYTE Anti-Virus Software
  • Dr Solomon's Anti-Virus Software
  • Sophos Sweep Anti-Virus Software
  • Stiller Research, Integrity Master Anti-Virus Software
  • Joe Hartman's Anti-Virus Site, HAVS
  • Computer Virus Myths
  • Robert Chu's Simple Anti-Virus Page
  • anti-GoodTimes virus page
  • Doug Muth's (anti) Virus Homepage
  • Anonymous index of Virus and other Malicious Code
  • Word Macro Virus list
  • Macro Virus Protection Tool
  • Hoax Virus lists
  • Symantec's list of virus hoaxes
  • Hoax Virus lists
  • A Large Virus Description Database
  • Keith Parkins' Virus Home Page
  • List of Virus FAQs
  • VIRUS-L FAQ
  • Antivirus catalog
  • Datawatch
  • Data Fellows Virus Information Center
  • McAfee Anti-Virus
  • AVP Virus Encyclopedia
  • Software for Macintosh
  • Good Times Hoax FAQ
  • Safetynet's Security and Anti-Virus Cafe
  • Viruses R'nt Us
  • Virus Scanners of the year 2000
  • Virus Author Information
  • Computer Virus Research Lab (CVRL)
  • Anti viral products for e-mail, web, and ftp access
  • List of common viruses on the Internet
  • Microsoft Word Macro Viruses
  • ShareFun. [New!]
  • NCSA Virus Lab[New!]
  • Virus and Antivirus Help[New!]
  • Anti-Virus Program Archive [New!]
  • Virus Information [New!]
  • University of Michigan Virus Buster
  • Microsoft® Word Macro Virus Protection Tool
  • Word Macro Virus FAQ
  • Macro Virus: Protecting Yourself is Easy
  • The Facts about Computer "E-Mail Viruses"
  • AOL4FREE
  • ASSIST Virus FAQ
  • Mac Virus
    •

    Privacy Issues

  • The PRIVACY Forum
  • alt.privacy archive (Usenet)
  • An extensive set of references on privacy
  • Alan Wexelblat's paper Why is the NII Like a Prison?
  • Medical Privacy Coalition's draft bill
  • Minnesota online privacy bill
  • Internet Privacy Coalition
  • Who's Watching Who?
  • Electronic Surveillance in a Digital Age
  • Network Observer
  • CPSR Privacy and Civil Liberties
  • Anonymous Remailer List
  • Anonymous Resources
  • Anonymous Remailer FAQ
  • Privacy
  • EPIC Online Guide to Practical Privacy Tools
  • Ring connecting Personal Computer Privacy pages
  • Webgator: Investigative Links for Private Investigators
  • Securing the internet against Wiretapping
  • Cyber-rights & Cyber-liberties (UK)
  • Internet Privacy Issues
  • EPIC Online Guide to 105th Congress Privacy and Cyber-Liberties Bills [New!]
  • Platform for Internet Content Selection (PICS) [New!]
  • Privacy in the Information Age
  • FTC Report on Consumer Privacy [New!]
  • Protecting Privacy of Health Information
  • US ACM Medical Privacy
  • Privacy and Anonymity on the Internet
  • Crowds: Anonymity on the net
  • Eternity Service: distributed, anonymous publishing
  • Nothing to Hide: Privacy Issues in the '90s
  • Anonymizer
    •

    Computing Ethics

  • Ethical and Professional Issues in Computing, Rensselaer Polytechnic Institute
  • Science Ethics Resources on the Net
  • LBL ELSI Home Page
  • Janet Reno's New Cyperwar Policy
  • Privacy/Anonymity URLs
  • Supreme Court to consider Internet Indecency Law
  • Macintosh Hacking
  • University Ethics Policies [New!]
  • Policies collected by Internic[New!]
  • Computer Ethics - Cyberethics
    •

    Network Security

    Firewalls

  • COAST Hotlist Firewalls
  • Firewalls mailing list
  • A Reference Model For Firewall Technology and its Implications for Connection Signaling
  • Firewalls FAQ
  • Security mailing mix
  • Virtual Library Mailing List Archive (includes bugtraq and firewalls lists)
  • Building Internet Firewalls by Chapman and Zwicky
  • Fortified Network's Firewall Evaluation Checklists
  • Open Mind Solutions
  • Firewall Index
  • Computer Forensics and System Security Group, Melbourne University
  • CTI Communications Mailbox Hub
  • Norman Data Defense Systems
  • Actane - Your Security Partner
  • NetGate Firewall Info
  • SessionWall firewall add on
  • RadGuard
  • Index - The Rotherwick Firewall Resource
  • MimeStar, Inc. Web Site
  • ISI Home Page
  • Reese Web
  • DMS Compliant Firewall
    • [New!]
  • Portcullis Products [New!] [New!]
  • Firewalls [New!] Are Not Enough! [New!]
  • BSDi ipfirewall [New!]
  • TCPr [New!]
  • DRAFT Firewall Protection Profile
  • Data Communications: Selected Firewall Vendors
  • Rating [New!] of application layer proxies
  • Lantimes [New!] Firewalls
  • NCSA Firewall Policy Guide
    • [New!]
  • PC Today Windows NT Firewalls
  • InfoWorld Firewall Comparison
  • Firewall Fiesta
  • "Can Firewalls Take the Heat?"
  • "Firewalls: Don't Get Burned"
  • LanTimes: Defending the Front Line
  • ZDNet: Find the right Firewall
    •

    Security in WWW

  • World Wide Web (in)Security
  • Security in Mosaic
  • Rutger's documents on WWW security
  • NCSA httpd/Mosaic: Using PGP/PEM auth
  • HTTP Security group of W3C
  • Norton-Active-X combination putting systems at risk[New!]
  • Security in Netscape/SSL
    • [New!]
  • The WWW Security FAQ
  • Browser Crasher
  • Exploiting sendmail!
  • www-security mailing list
  • Safe Internet Programming, Princeton University
  • Malcolm's Guide to Persistent Cookies resources
  • Andy's Netscape HTTP Cookie Notes
  • Persistent Client State HTTP Cookies
  • EMERgency24
  • Atalla Corporation
  • Netcraft Network Examination
  • Law Enforcement Product News
  • Internet Explorer Security Flaw
  • Cisco Systems Advises Industry on Security Against Possible Hacker Attacks
  • Mastercard-Secure Electronic Transmissions
  • Software and Systems Engineering Ltd.
  • Maximized Software: Products - Site Shield
  • Remote conrtol of Unix netscape
  • A Distributed Authorization Model for WWW
  • DCE Web tools
  • PRIVATE-i
  • Why I Don't Like Microsoft's FrontPage Web Authoring Tool
  • Web Spiders
  • Web Robots
  • New bugs in MS IIS
  • Security Hole in Macromedia's Shockwave
  • Forcing SMB negotiation with Internet Explorer
  • MS Internet Explorer authentication
  • Internet Security
  • Security fix for script mapped (.asp) files
  • Internet Security Systems, Inc.
  • Internet Security Association and Key Management Protocol
  • Secure Electronic Transaction Specification
  • Summary of dangers from the web
  • Secure CGI Scripts
  • Search engines and web server security
  • Securing Internet information servers
  • Web Spoofing: An Internet Con Game
  • Simson Garfinkel on dangers of ActiveX "controls"
  • JavaScript Problems I've Reported[New!]
  • Serious Security Flaws in Microsoft's Explorer[New!]
  • Serious Security Flaws in Microsoft's Web Server[New!]
  • Web Spoofin[New!]
  • Bug in MSIE[New!]
  • CGI Scripts and Security[New!]
  • CGI Vulnerabilities[New!]
  • IP-spoofing[New!]
  • Spoofit
  • PHF Attacks[New!]
  • Internet Insecurity Survey [New!]
  • Web Spoofing: An Internet Con Game [New!]
  • Swan: Securing the Internet Against Wiretapping [New!]
  • Safe CGI Programming
  • cgiwrap 2.[New!]
  • Security on the Web Using DCE Technology
  • Internet Explorer/Powerpoint Bug
    •

    Security in Java

  • Java Security Risk
  • The Java Security FAQ
  • Java Security [New!]
  • Low Level Security in Java
  • Netscape Navigator 2.02 Security-Related FAQ
  • Security Enhancements in Netscape Navigator 2.02
  • Java Security
  • Java Security: Frequently Asked Questions
  • Java Security Paper
  • Deadly Black Widow on the Web: Her Name is JAVA
  • Java security, take two
  • Bug in Java Security Enables Malicious Applets to Attack
  • Yes, Java's Secure. Here's Why
  • Finjan Safe Surfing, The Java Security Software Provider
  • Java Applet Security: Sockets
  • JavaSoft FORUM 1.1
  • Wei Wang and Yi Yan: How is security implemented in the Java language?
  • Joseph A. Bank: Java Security
  • Java Security
  • Hostile Applets Homepage
  • Java Security: From HotJava to Netscape and Beyond
  • Java Applet Security
  • Java Security
  • jotp, The java OTP (aka S/Key) calculator
  • RSA Algorithm Javascript
  • On Hostile Java Applets
  • Signing and Security in Java Applets
  • Web Graffiti & High Bandwidth Covert Channels Using Java [New!]
  • JDK 1.1.1 digital signing vulnerability[New!]
  • Java and Applet Security[New!]
  • Java and JavaScript Vulnerabilities (CIAC Notes 96-01)[New!]
  • When Java Was One: Threats from Hostile Byte Code and Java Platform Viruses
  • Java versus ActiveX[New!]
  • The Java Security Hotlist [New!]
  • A Friendly Introduction to Hostile Applets [New!]
  • JavaScript CERT Advisory
  • DRAFT: Secure Browsers
  • Active-X "Exploits"
    •

    Electronic Commerce

  • Basic Flaws in Internet Security and Commerce
  • Maintaining Privacy in Electronic Transactions
  • The NetBill Project
  • Electronic Commerce World Institute
  • MasterCard International Pointers
  • Argent Q&A
  • Java Agents for Meta-learning
  • Electronic International Banking
  • nCipher Corporation
  • W3 Internet Services Ltd.
  • The e$ homepage
  • Financial Cryptography 97 conference
  • The Business Software Alliance [New!]
  • The Defense Science Board's Report on Information Warfare [New!]
  • Electronic Payment Schemes
  • Visa's SET Page
  • White Paper: Joint Electronic Payment Initiative (JEPI)"
    •

    NT Security

  • Windows NT Password Recovery Service
  • Windows NT Security Issues
  • NT Web Server - Security Issues
  • Kane Security Analyst for Windows NT
  • NT and C2 security
  • NT WEB Server security
  • Netscape on NT security
  • The NT Shop, NT Security Homepage
  • RPC bug in Windows NT
  • Attack and Defense related details of NetBIOS and CIFS resource-sharing networks
  • NT bug exploit
  • Windows 95 and MSIE Security Hole
  • PC Week: NT Vulnerable to Attack on CPU
  • http - DOS CGI Configuration
  • MS Internet Explorer authentication
  • NT Exploits
  • SAM Attack on Windows NT[New!]
  • The NT Shop[New!]
  • Windows NT Password Dump Utility[New!]
  • NTBUGTRAQ site[New!]
  • FAQ on attacls on NT password hashes[New!]
  • NTSecurity.net[New!]
  • NTsecurity.com[New!]
  • Somarsoft, Inc.[New!]
  • NT Research[New!]
  • NT Exploits Page
  • NT Internals
  • On NT Password Security
  • Microsoft To Post NT Security Fixes
  • MyDesktop Network
  • FAQ: NT Cryptographic Password Attacks & Defences
  • NT Security FAQ
  • Microsoft NT Policies White Paper
  • Microsoft NT5.0 white papers (some security info)
    •

    Other

  • Netsurfer Focus: Computer and Network Security
  • Win 95 Net Bugs Archives
  • Network Rating Model Workshop Information
  • Netweek: Daemons defy hackers
  • Remailers
  • ATM Security Page
  • Network and Network Monitoring Programs
  • Risk-Free Access Into The Global Information Infrastructure Via Anonymous Re-Mailers
  • Unix Host and Network Security Tools
  • Kerberos: An Authentication Service for Computer Networks
  • TCP SYN Flooding
  • IP spoofing
  • ASK WOODY about SPOOFING ATTACKS
  • Getting a grip on NIS+ security features
  • Sendmail Vulnerabilities
  • Solaris AFS/DFS Integrated login bug
  • The Ping o' Death Page
  • Access Specialties, Inc.
  • Quanta SecurSystems, Inc.
  • Publications on Distributed Communications
  • Novell Security
  • AssureNet Pathways
  • ESCOM Corporation
  • PentaSafe, Inc. security for IBM AS/400
  • Measured Interference of Security Mechanisms with Network Performance
  • L0pht Heavy Industries Services
  • Ypghost: spoof of yp passwd
  • How to make BSD kernels SYN-flood resistant
  • Mail archive discussing Syn flooding
  • BSDI Releases Defense For Internet Denial-of-Service Attacks
  • Tuning Digital UNIX against TCP SYN Flooding and IP Spoofing Attacks
  • Eliminating IP Address Forgery
  • SecurNet Consulting
  • TIS Research: Sigma Project
  • CERT Security advisory for linux systems running dip
  • NaughtyRobot[New!]
  • The RSA Data Security Secret-Key Challeng[New!]
  • a 'secure' single-machine fingerd[New!]
  • PHF Prober Perl Script[New!]
  • John the Ripper password cracker[New!]
  • IP Filter[New!]
  • Site Security Handbook[New!]
  • SNMP Probes[New!]
  • NIS and Security[New!]
  • An Analysis Of Security Incidents On The Internet
  • CIFS attack discussion
  • Break In
  • Generic Security Service Application Program Interface
  • Generic Security Service API : C-bindings
  • The Kerberos Version 5 GSS-API Mechanism
  • Sun Microsystems Security Bulletin
  • Net Crime: Don't be a victim
  • Intrusion Management and Computer Forensics
  • Mobile IP for FreeBSD
  • ATM: Dangerous at any speed?
  • Securing Data Transfer in Asynchronous Transfer Mode Networks
  • Securing ATM Networks
  • ATM Security Scope and Requirements
  • A Framework for Authenticated Key Distribution in ATM Networks
  • A Certification Infrastructure
  • SSH/X11 Vulnerability analysis
    •

    Intrusion Detection

  • COAST Intrusion Detection Pages
  • COAST Intrusion Detection Hotlist
  • Intrusion Detection Inc. Home Page
  • Haystack Labs, Inc.
  • Continuous Assessment of a Unix Configuration: Integrating Intrusion Detection and Configuration Analysis
  • ASAX, Advanced Security Audit Trail Analysis on Unix : Papers and Research Reports
  • NITB Intrusion Detection Systems
  • Computer Forensics and System Security Group, Melbourne University
  • Visual Audit Browser
  • Logcheck software of UNIX by Psionic Software Systems
  • SRI Intrustion Detection
  • Intrusion Detection and Response at Lawrence Livermore National Laboratory
  • Michael Sobirey's Intrusion Detection Systems page
  • Network Intrusion Detection
  • MimeStar Incorporated
  • ASAX intrusion detection project[New!]
  • SecureNet PRO IDS[New!]
  • GRIP: Guidelines and Recommendations for Incident Processing [New!]

    • Commercial Sites

    Computer Vendors

    This is a collection of pointers to vendor-provided security patches.

  • Digital Equipment Corporation
  • Hewlett Packard SupportLine Services
  • Directory of security patches for SGI
  • Sun Microsystems Sponsor Page (SunSite)
  • Security Research at IBM Watson
  • MicroFrame Inc. Home Page
  • SGI Security Headquarters
  • Paradox Security Systems
  • Command Software Systems
  • Eutron Computer Security Solutions
  • Beach Security Group
  • Blackwatch Inc. Security Consultants [New!]
  • Hackers Catalog
    • [New!]
  • ESTec Systems Corporation [New!]
  • Executive Protection Services [New!]
  • Kane Security Analyst [New!]
  • LV Sales Inc. [New!] [New!]
  • BSDI patches
    • [New!]
  • Caldera Linux
    • [New!]
  • Redhat Linux
    • [New!]
  • Debian Linux Security Information
    • [New!]
  • FreeBSD
    • [New!]
  • NEXT [New!] Patches
  • SCO
    • [New!]

    Primarily Firewalls

  • List of Commercial Firewalls and Related FW Products (Cathy Fulmer's list)
  • Another list of Firewall Vendors
  • ANS HOME PAGE
  • BorderWare software by Border Network Technologies
  • CheckPoint Software Technologies (Firewall-1)
  • Cohesive Systems
  • Cisco Systems
  • Firewalls R Us
  • Global Technology Associates
  • KarlBridge/KarlBrouter
  • Livermore Software Labs
  • NetLOCK(tm) from Hughes
  • Network Systems Corporation
  • On Technology
  • Secure Computing Corporation (Sidewinder)
  • SecurIt Firewall
  • TIS Gauntlet
  • Virtual Open Network Environment Corporation
  • Finjan Safe Surfing, The Java Security Software Provider
  • Global Technology Associates
  • Ukiah Software Incorporated
  • CSI Firewall Matrix
    • [New!]
  • Norman Data Defense Systems
    • [New!]
  • Network Engineering Technologies
  • Network-1, Software and Technology, Inc.
  • SessionWall firewall add on
  • RadGuard
  • The Softway advantage
  • Internet Security Incorporated: The Norman Firewall
  • Reese Web
  • WinGate [New!] [New!]
  • Actane
    • [New!]
  • Abhiweb Corporation
    • [New!]
  • Internet Security Services
    • [New!]
  • Cisco PIX Firewall
    • [New!]

    Others

  • /sys/admin, inc.: Home Page
  • AXENT Technologies Home Page
    • [New!]
  • Atlantic Systems Group Mosaic Index
  • CERBERUS Information Security Consulting Inc.
  • Citadel Computer Systems, Inc.
  • COST Computer Security Technologies (Sweden)
  • Cylink Corporation
  • Data Discovery Computer Data Examination
  • DynaSoft Sweden
  • e.g. Software, Inc.
  • Elementrix Technologies
  • En Garde Systems
  • FSA Corporation
  • Great Circle Associates Home Page
  • Information Warehouse! Inc. Corporate Page
  • Ingress Communications
    • [New!]
  • Internet Security Corporation
  • Internet Security Systems, Inc.
  • Los Altos technologies
  • Management Analytics
  • Mergent
  • Utimaco Software
  • Minatronics Corporation
  • NEC Socks Web Archive
  • PRC Corp
  • Rocksoft (Veracity)
  • RSA, Inc.
  • Security Dynamics
  • SecureWare
  • SOS Corporation
  • SRI
  • SRI CSL
  • Sun's Internet Commerce Group Home Page
  • Welcome to Templar Net
  • Terisa Systems
  • Trusted Information Systems
  • ViaCrypt WWW Site
  • CyberSoft Home Page
  • Data Security Services
  • Data Encryption Systems Limited
  • INFOSEC Engineering, Inc. (infoseceng)
  • Eagle Data Protection, Inc.
  • Welcome To Surety!
  • Verisign [New!]
  • WheelGroup Corporation
  • SST - Settle Services In Technology
  • Argus Home Page[New!]
  • Cypris Encryption Procesor
  • Enigma & Co. - Professional Cryptography Software
  • Computer Misuse Detection System Domain
  • TSB Home Page.html
  • Remote Backup Service 206.639.0504
  • L0pht Heavy Industries Home Boyz and Girlz
  • Welcome to TeleSec
  • IBM Business Recovery Services Home Page
  • Liebert Corporation
  • INTRINsec Computer Security
  • The GSR Consulting Group [New!] Inc.
  • Via Security Network Inc.
  • Trade Wave Corporation
    • [New!]
  • Databridge Services Limited
  • Kent*Marsh Ltd.
  • Micah Development
  • Command Software Systems
  • Cheyenne
  • Jetico Inc.
  • Codex Surveillance & Privacy Page
  • ThunderBYTE Anti-Virus Software
  • Dr Solomon's Anti-Virus Software
  • Sophos Sweep Anti-Virus Software
  • Stiller Research, Integrity Master Anti-Virus Software
  • Rothstein Associates Inc, Disaster Recovery Catalog
  • EMERgency24
  • Atalla Corporation
  • Netcraft Network Examination
  • National Registry Inc
    • [New!]
  • Syntegration Inc.
  • Xact Labs
    • [New!]
  • Law Enforcement Product News
  • Nortel Secure Networks, Entrust
  • Memco Software
  • Infilsec Systems Security
  • Spy Zone
  • Gradient Technologies Inc.
  • Haystack Labs, Inc.
  • Reliable Software Technologies Corp.
  • ZDNet Software library
  • Secure Information Systems Limited
  • Technology Imagineering Research
  • Archiving Software on secure backup servers
  • UniShield -- A UNIX network security system
  • The Electris Home Page
    • [New!]
  • Graphic Security Systems Corporation
  • Stanteh Data Security,Inc.
  • Homecom Internet/Intranet Security Solutions
  • Vision Development Group Inc.
  • Blockade Systems Corp.
    • [New!]
  • Computer Security Superstore
  • Norred & Associates, Inc
  • Microcomputer Applications, Inc
  • Bodyguard Security [New!] and Spy Supply
  • The Enigma Group - Workflow Architects
  • Privacy Connection, Inc
  • BTV Amerisafe
  • BrainTree Technology
  • Wave Systems Corp
  • Daily Bread Homepage
  • Access Control--Security Products
  • IconHideIt
  • Prime Factors, Inc
  • Spysite! - American Innovations, Inc.
  • DIMI's New Website
  • Finjan Safe Surfing, The Java Security Software Provider
  • McAfee Network Security and Management
  • Counterpage Systems, Computer Security and Cryptography Consulting
  • OpenVision Technologies
  • Fortified Networks LAW
  • First Amendment Cyber Tribune
  • U.S. Federal Surveillance Laws
  • Court-ordered Surveillance PHYSICAL SECURITY
  • Big Brother's Checklist
  • Privacy International
  • Spy Numbers Stations
  • t@p Voyeur Spy-Cams
  • Smart Cards called tool of Big Brother
  • Wiretapping and Outside Plant Security
  • Open Mind Solutions
  • Blue lance Incorporated
  • Dascom Incorporated
  • Data Security
  • Global Security Incorporated
  • Kriton Electronics
  • nCipher Corporation
  • Quintet Corporation
  • Pinkerton
  • Security Magazine
  • Bell Security
  • Gamma Secure Systems Limited
  • SecureWin, Total Security Solution
  • Sentry Software
  • Wang Federal SSSO
  • Tempest Monitoring the real world
  • Maximized Software: Products - Site Shield
  • W3 Internet Services Ltd.
  • QC Consultancy
  • Certicom
  • Elegant Communications Incorporated
  • Network Engineering Technologies
  • Stealth Scannerrs
  • Security First Technologies
    • [New!]
  • Digital Secured Networks Technology
  • Domus Software - IT Security Consultants
  • DCE Homepage
  • Redistribute Internet Explorer
  • Security Information and Code Updates
  • Microsoft Internet Explorer
  • Security Information and Code Updates
  • Microsoft Security Advisor [New!]
  • Qpopper version 2.2
  • Trillion Software Ltd: audit software tools
  • Systemics Cryptix crypto library for Perl
  • Security Manager software
  • The First Invitational Vulnerabilities Data Base Workshop
  • Psionic Software Systems Inc.
  • Deming Software, Inc
  • PageCommerce & MailMerce
  • Aventail Corporation
  • Safetynet's Security and Anti-Virus Cafe
  • Safeword authenication system
  • Netplex Group, Inc
  • Westinghouse Security Electronics
  • Computer Security Products, Inc
  • Security Information Systems, Inc.
  • CyberSafe Corporation
  • Netlock from Hillier
  • Profiles Threat Assessment Group
  • Walk Easy Ltd Security Products: Personal Alarms
  • Micro Advanced Detection
  • 007 James Bond Professional Investigation
  • Commercial Private Investigation & Security
  • Dallas Security Systems Inc.
  • Intervision - The CCTV Distributor
  • NASA Corporate Profile
  • Internet Explorer Exploit #4
  • New Security Enhanced Shockwave
  • Troy Systems, Inc. information security
  • MimeStar Incorporated
  • Centri - Secure Internet Gateway Solution
  • Internet Privacy Guaranteed
  • BL Computer Security
    • [New!]
  • Centurion Technologies, Inc.
  • Northern Computers
  • NetBack, Inc.
  • EPIC Bookstore
  • Pretty Good Privacy, Inc.
  • Aliroo Ltd.
  • Microcosm Ltd
  • Soft Winter Corp.[New!]
  • Baltimore Technologies[New!]
  • Breakwater Technologies, Inc.[New!]
  • Priva-C PC Access Control[New!]
  • Databanks, Inc.[New!]
  • Keywitness Canada[New!]
  • Lurhq[New!]
  • Ed Nemie and Associates Inc.[New!]
  • PlastiCard Systems[New!]
  • Security Services Center[New!]
  • InterGo: Internet access control[New!]
  • ON-X International[New!]
  • Serverware[New!]
  • Email Cloaking Device[New!]
  • Electronic Security In ternational[New!]
  • Security7 Ltd.[New!]
  • Absolute Software Corporation[New!]
  • Galea Network Security[New!]
  • Miros[New!]
  • Net Access[New!]
  • Printscan[New!]
  • Selenium[New!]
  • L0pht Heavy Industries[New!]
  • Security-Online[New!]
  • Choreo Systems Inc.[New!]
  • CRYPTOCard Corporation[New!]
  • Sandelman Software Works Corp.[New!]
  • TrustedWeb[New!]
  • SecureNet PRO IDS[New!]
  • Wang Government Service[New!]
  • Tumbleweed Software
  • Vanhacking Challenge
  • Big Brother: A Web-based Unix Network Monitoring and Notification System
  • DataProtect
  • NEC: Automated Fingerprint Identification System
  • Magna-Code
  • Entegrity Solutions
  • Cinco Networks
  • Secure Networks, Inc.
  • Crack a Mac
  • Okiok Data
  • XYPRO
  • An On-Line Supplement to Practical UNIX & Internet Security
  • UNIX Security: the Buffer Overflow problem
  • Advanced Computer Research
  • Hierarchical Development Systems, Inc. (HDSi)
  • Concord-Eracom
  • PC Guardian
  • Convergence Technologies
  • MIS Europe Ltd
  • ROSS ENGINEERING
  • CyLAN Technologies, Inc.
  • Ewen Associates
  • ZONEOFTRUST.COM
  • Baseline Software
  • En Garde Systems
  • Information Security Corporation
  • Datalynx Inc.
  • The Security Board
  • eSafe Technologies
  • Secure Lock
  • Security First Technologies
  • Computer Security Canada, Inc.
  • GTE Privacy Productts
  • Cybertrace
  • MCI's Denial of Service Tracker
    •

    Law

    See also Spaf's hotlist on government.

  • Law resources
  • Morris, Manning & Martin homepage
  • Porn and regulation of the Internet
  • Comprehensive Law Page at Cornell
  • Computer Crime: A Crimefighter's Handbook by Icove, Seger & VonStorch
  • Law Enforcement Related Links
  • Cop Net & Police Resource List
  • HTCIA, Northern CA Chapter
  • HTCIA Main
  • Kevin Manson's Cybercop.org
  • Junger vs. Christopher: Plaintiff Seeks Summary Judgment in Cleveland Case Challenging Licensing of "Exports" of Cryptographic Information
  • Domain Name Disputes and Trademarks
  • Computer Law Discussion Digest
  • Computer Law Discussion Gateway
  • Web Assurance Bureau
  • Medical Record Privacy
  • Basic Proposal for the Substantive Provisions of the Treaty on Intellectual Property in Respect of Databases (WIPO)
  • Database Extraction Rights
  • Internet Initiative White House Press Release
  • The Computer Crime and Investigations Center
  • Canadian export controls on cryptography software
  • Association of Federal Defense Attorneys
  • First Amndment Decision
  • IU Campus Police - information relating to crime and punishment on the internet
  • The Computer Crime and Investigations Center
  • Cyber-rights & Cyber-liberties (UK)
  • opinion in _United States v. Petersen
  • Domain Name Lawsuit
  • Lawsuit to Open the Domain Name Registration Market
  • Judd Robins, Expert Witness/Consultant on Software Forensics
  • CompuLaw
  • Criminal Justice Links
  • Site for Inspectors general
  • Domain Names and Trademark Law
  • Trademarks in Cyberspace
  • Copyright and Fair use Site
  • Law Journal Xtra!
  • "CEPIS Special Interest Network "Legal & Security Issues"
  • Law Related Listservs
  • It Came From Planet Clipper: The Battle over Cryptographic Key Escrow [New!]
  • EFF Law Archive [New!]
  • Newsletter of Emerging Legal Issues[New!]
  • Internet Privacy Law
  • Computer Fraud and Abuse Act of 1986
  • Full Committee Markup of H.R. 695 SECURITY AND FREEDOM THROUGH ENCRYPTION (SAFE) ACT
    •

    Physical Security

  • Sargent and Greenleaf Lock Manufacturer
  • Bay Alarm
  • Fidelity Burglar & Alarm Company
  • Signacon Controls Inc
  • Sednet
  • Business Protection Products
  • Sentrol Inc.
  • Security Technology Systems
  • Security Eye
  • Home Automation Systems Catalog
  • Communications Control System's Spy Zone
  • Telekey Campus Security
  • Brink's Home Security, Inc.
  • Kastle Systems Inc
  • SFC Supply, Fiber Optics
  • 21st Century Hard Armor
  • First Defense International
  • KABA - Locksmiths Wholesalers
  • Options for Personal Security
  • VingCard
  • Address-o-Lite
  • Ameriking-WYZ CCTV and Surveillance
  • Conway Manufacturing
    • [New!]
  • International Security Services
  • JDS Security System
  • Nevada Lock Supply
  • Mills Security Alarm Systems, Inc.
  • Spy Store, The
  • Metro AutoLock
  • Smoke and Security South
  • Cable Engineering Systems
  • Renful Security Group
  • Investigative Law Offices - Security Laboratories
  • SOS Temps Inc.
  • Spy Guys Discount Catalog
  • SPYTEC
  • Southland Executive Protection
  • Westec Security, Inc.
    • [New!]
  • Zhejiang Pujiang Zhongxing Co. Ltd.
  • Modern Identification Systems Incorporated
  • SoundOUT PC Alarm
  • American Burglar & Fire Systems
  • Anteco Communications
  • The Spy Shopt
  • Smart Water provides a way to identify hardware ownership
  • Interstate Locksmith Group, Inc.
  • First Alert Professional
  • American Alarm and Communications, Inc.
  • Olympus Lock
  • Sonitrol
  • Ranger Scanners (Metal Detectors and Such)
  • Visionics Corporation - Innovations in Recognition Systems
  • Omega R&D Homepage
  • Eye Tech Surveillance
  • LDM Enterprises - Automotive Locksmith
  • Secutron Inc. Home Page
  • Elcor Universal Video [New!]
  • Metalcraft, Inc. [New!]
  • Avoidance Plus, Inc. [New!]
  • Central Station Alarm Monitoring Software [New!]
  • CCTV Labs [New!]
  • Titan Physical Security [New!]
  • SecureNET [New!]
  • T.R.L. Security Co., Inc. [New!]
  • City Lockmasters Mobile [New!]
  • TEMPEST in a teapot
  • Security Engineered Machinery
  • Covert Technology
  • David R. Marks International
  • Harrison Electronic Systems Inc.
  • IdentaCard
  • Micro Video (TM) Products
  • SECURITY ENGINEERNG sal's
  • EXCEL SECURITY SYSTEMS
  • SSI Custom Data Cards
  • Electronics Design & Manufacturing Pty Limited
  • Sensormatic
  • Team NISCA
  • Business Equipment Protection
  • Dade Lock and Key
  • NetProtector
  • Safeguard Security Projects
  • Ordacard
  • Catscard: The Ultimate Computer Anti-Theft System
  • Loronix: CCTV and ID Cards

    • Miscellaneous

  • Resources for system administrators
  • Ches's security page
  • X Windows Security
  • Why send email when you can Fakemail?
  • DigiCash - ecash home page
  • Massively Distributed Systems
  • MS-DOS System Security Tools
  • Covert Services Investigation Agency
  • IntelWeb - The WWW Site of Intelligence Watch Report (IWR)
  • How to choose passwords
  • DigiCrime Inc.
  • The Computer Science Literature Index
  • Biometrics References (with some references on cryptography)
  • Information Technologies for the Control of Money Laundering
  • Security Command Center
  • Total Security Services International, Inc.
  • Safe Data System
  • infowar.com
  • CORBA Security Specification (large files)
  • Computer Security at CERN
  • Cyber Rights
  • Bot Spot - Artificial Intelligence on the Net
  • Looking for software on the internet? Try download.com
  • Netizens Against Gratuitous Spamming
  • Controlled Access/Data Based Security
  • Business Espionage Controls & Countermeasures Association (BECCA)
  • comprehensive collection of network tools
  • Obtuse smtpd smtp proxy
  • Qmail sendmail replacement
  • Index - I/T Service Kerberos Links Page
  • Kerberos Reference Page
  • Information Warfare
  • ActiveX Homepage
  • UK Internet Security Directory
  • Executive Order 13010
  • Operating Systems / Security Workshops and other security material
  • Autonomous Agents Conference
  • Secure Deletion of Data from Magnetic and Solid-State Memory[New!]
  • Security Policies for the Internet[New!]
  • Bash Vulnerabilities (CIAC Bulletin H-01)[New!]
  • Vulnerability Database (ISS)[New!]
  • X Windows Security[New!]
  • Word Macro Virus Protection Tool
  • Word Virus Information
  • 7Pillars Partners
  • CommSec
  • CSL Bulletin -- Security Program Management
  • Network SMURFING Attack Description
    •

    Return to COAST Lab entry.

    Suggestions & Comments

    Gene Spafford <spaf@cs.purdue.edu>