Thanks for visiting!

 Home | About Us | Alerts | Links | Site Map | Virus

Security Report and Tracking

 

Security Reporting and Tracking

Advisory Mailing List Archives
Please see our Alerts section for a complete security mailing list archive.

ARIS
Attack Registry Intelligence Service Analyzer by SecurityFocus.

BugTraq
Securepoint BugTraq Mailing List Archive.

BugTraq
SecurityFocus BugTraq Mailing List Archive.

CCIPS Computer Intrusion Cases
Computer Crime and Intellectual Property Section provides a summary of recently prosecuted computer cases.

CERT Coordination Center See also US CERT
The CERT Coordination Center (CERT/CC) is a center of Internet security expertise, at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. We study Internet security vulnerabilities, handle computer security incidents, publish security alerts, research long-term changes in networked systems, and develop information and training to help you improve security at your site. Recovering from an Incident - If you believe that your site may have suffered a break-in or other type of incident, the CERT/CC has some 
documents that can help you. Cert publishes annual statistics since 1988.

Computer Incident Handling and Response Information:
CERT CSIRT Handbook PDF | CSIRT FAQ | CERT Root Compromise | DOC Links | FedCIRC | FIRST | Incident Handling Steps | Labmice | Microsoft | NIST SP 800-61 PDF | SANS Incident Handling | SANS Step by Step

SecurityFocus.com Incidents | Infocus

OPERATIONS MANUAL Information Protection Center. Although dated, these documents provide good insight for incident handling. IPC Overview 1454 | Passive 1455 | Protection 1456 | Detection 1457 | Assessment 1458 | Response 1459 | Integrative 1460.

SUN Microsystems Blueprints Online - PDF Files

Responding to Customer's Security Incidents:

Part 1: Establishing Teams and a Policy | Part 2: Executing a Policy
Part 3: Following Up After an Incident | Part 4: Processing Incident Data

DShield.org
DShield.org was officially launched end of November 2000. Since then, it has grown to be a dominating attack correlation engine with worldwide coverage. While initially run as a volunteer effort, DShield.org has recently received support from the SANS Institute.

FIRST
This coalition, the Forum of Incident Response and Security Teams (FIRST), brings together a variety of computer security incident response teams from government, commercial, and academic organizations. FIRST aims to foster cooperation and coordination in incident prevention, to prompt rapid reaction to incidents, and to promote information sharing among members and the community at large. Currently FIRST has more than 100 members.

GASSP Generally Accepted System Security Principles (GASSP).
The International Information Security Foundation (I2SF) - Sponsored Committee to Develop and Promulgate Generally Accepted System Security Principles.

HERT Hacker Responce Team
HERT is a think pool of computer engineers and scientists specialized in security and reverse engineering.

HTCN
The High-Tech Crime Network presently consists of law enforcement agencies and corporate security professionals from 15 countries. It is a network operated by former law enforcement officers for law enforcement officers and limited members of the private sector. The High-Tech Crime Network is not affiliated with or operated by any law enforcement agency.

IFCC
The Internet Fraud Complaint Center (IFCC) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). IFCC's mission is to address fraud committed over the Internet. For victims of Internet fraud, IFCC provides a convenient and easy-to-use reporting mechanism that alerts authorities of a suspected criminal or civil violation. For law enforcement and regulatory agencies at all levels, IFCC offers a central repository for complaints related to Internet fraud, works to quantify fraud patterns, and provides timely statistical data of current fraud trends.

INFOCON
INFOCON (Information Condition) Threat Centre, a major IWS research project, was launched on the 1st of January 2001. The IWS INFOCON has affiliated with InfoSec companies and hackers to provide its own news feed and cyberthreat analysis.

Insecure.org
Any hacker will tell you that the latest news and exploits are not found on any website -- not even Insecure.Org. No, the cutting edge in security research is and will continue to be the full disclosure mailing lists such as Bugtraq. Insecure.org provides web archives, updated in real-time, for many of their favorite lists.

IRR
The Internet Routing Registry (IRR) is a next-generation database development effort with participants from many international networking organizations. Data from the Internet Routing Registry may be used by anyone worldwide to help debug, configure, and engineer Internet routing and addressing. Currently, the IRR provides the only mechanism for validating the contents of a BGP session or mapping an AS number to a list of networks.

ISP - Online Services List
This list by Forensicsweb.com contains a variety of ISPs and similar information services, specifically, contacts at the legal departments for service of subpoenas, court orders, and search warrants.

MARC - Searchable Mailing List ARChives
MARC is an RDBMS (MySQL, to be exact) driven database of mailing list messages, viewable and browsable by list, thread, author, or searchable via a full-text search engine. As of 2003-03-24, the MARC archive has 13 million emails across almost 1500 mailing lists, from just over a million different authors. It gets about 350,000 new mails per month, and about 4.5 million total web-hits per month.

myNetWatchman
myNetWatchman is a service that automatically aggregates the firewall logs from a very large number of computers, analyzes these logs for evidence of hacker or worm attacks, and notifies the ISPs where attacks are coming from. As such, it provides a vital level of internetwork security.

NANOG
The North American Network Operators' Group (NANOG) provides a forum for the exchange of technical information, and promotes discussion of implementation issues that require community cooperation. Coordination among network service providers helps ensure the stability of overall service to network users. Searchable NANOG Mailing List Archives from: Merit | CCTec | Security Clipper.

Network Operations Centers:

NANOG ISP Resources

Netops NOC list compiled by Jared Mauch.

Packet Clearing House Inter-Network Operation Center Dial-by-ASN INOC-DBA Hotline Phone System.

NTBugtraq
Bugtraq is the leading mailing list for IT Professionals who discuss security exploits and security bugs in Windows NT, Windows 2000, Windows XP, and related applications.

Open Source Vulnerability Database
OSVDB is an independent and open source database created by and for the community. Their goal is to provide accurate, detailed, current, and unbiased technical information.

Organization for Internet Safety
OIS was formed to make it easier for security researchers and vendors to work together to fix security vulnerabilities. Today, there are no agreed-upon processes for handling security vulnerabilities. Every vendor has different expectations about how security researchers should report newly discovered vulnerabilities, the amount and type of information they should provide, and so forth. Likewise, every security researcher has different expectations about how often a vendor should provide status on ongoing investigations, give credit to the finder, and so forth. The lack of any consensus procedures complicates the process of fixing vulnerabilities, and ultimately increases the risk that all computer users face. OIS was formed as a unique partnership between leading security researchers and vendors, for the purpose of proposing such processes.

OWASP
The Open Web Application Security Project (OWASP) is dedicated to helping organizations understand and improve the security of their web applications and web services. This list was created to focus government and industry on the most serious of these vulnerabilities. Web application security vulnerabilities are highly exploitable and the consequence of an attack can be devastating. These vulnerabilities represent an equivalent magnitude of risk as network security problems, and should be given the same degree of attention.

Postini Email Stat Track
Postini, Inc. is the industry's leading provider of email security and management solutions that protect email communications infrastructure by preventing spam and attacks from reaching the enterprise gateway.

SANS / FBI Top 20 List
This updated SANS/FBI Top Twenty is actually two Top Ten lists: the ten most commonly exploited vulnerable services in Windows, and the ten most commonly exploited vulnerable services in Unix.

SANS Incidents.org
Incidents.org is a virtual organization of advanced intrusion detection analysts, forensics experts and incident handlers from across the globe. The organization's mission is to provide real time "threat-driven" security intelligence and support to organizations and individuals.

Security Clipper
Security Clipper is every security professional's best friend and saves you hours every day by automating your ongoing search for the security-related information that's relevant to YOUR needs. Security Clipper performs real-time, up to the minute, searches of thousands of articles in dozens of email mailing lists for the IT products or vendors you're interested in, and puts just those matching messages you want into your personal, private Security Clipper Inbox.

Security Stats
SecurityStats.Com was founded in April, 2000. The site was created out of a perceived need for a central repository of interesting computer security statistics, which could be used in research materials as well as corporate security expenditure documentation.

Vulnerability Disclosure Publications and Discussion Tracking
A long and vivid debate for and against different vulnerability disclosure models is still taking place. Sources that collect all these valuable arguments are scarce. This document acts as a place-holder for related contributions that we are aware of. Paper, articles and more informal documents are grouped based on the type of publication. We hope that these links are useful to anyone familiarising themselves with the scene or planning further contributions.

Jared's NOC List

Vendor
Org.
Contact Information Advisory and Alert Archives
AOL domains@aol.net none
Apache security@apache.org http://www.apache.org
AUSCERT auscert@auscert.org.au http://www.auscert.org.au/
CERT cert@cert.org http://www.cert.org
Checkpoint security-alert@checkpoint.com http://www.checkpoint.com/techsupport/alerts/
CIAC ciac@ciac.org http://www.ciac.org/ciac/
Cisco security-alert@cisco.com http://www.cisco.com/warp/public/707/advisory.html
Compaq security-alert@hp.com http://ftp.support.compaq.com/patches/.new/
security.shtml
Debian security@debian.org http://www.debian.org/security/
DOD-CERT cert@cert.mil http://www.cert.mil
FIRST first-sec@first.org http://www.first.org
FreeBSD security-officer@freebsd.org http://www.freebsd.org/security/
HP security-alert@hp.com http://www2.itrc.hp.com/service/home/home.do
IBM security-alert@austin.ibm.com http://www.ers.ibm.com/tech-info/
advisories/index.html
Internet Storm Center http://isc.incidents.org/contact.html http://isc.incidents.org
Linksys security@linksys.com http://www.linksys.com/
Mandrake security@linux-mandrake.com http://www.mandrakesecure.net/en/advisories/
Microsoft secure@microsoft.com http://www.microsoft.com/security/

Web-based vulnerability reporting
NASA-NASIRC nasirc@nasirc.nasa.gov http://www-nasirc.nasa.gov/incidents.html
NetBSD security-officer@netbsd.org http://www.netbsd.org/Security/
Novell secure@novell.com http://support.novell.com/security-alerts/
OpenBSD deraadt@openbsd.org http://www.openbsd.org/security.html
Oracle secalert_us@oracle.com http://otn.oracle.com/deploy/security/alerts.htm
RedHat Linux bugs@redhat.com http://www.redhat.com/apps/support/errata/
Road Runner security@rr.com http://security.rr.com
SCO-Caldera security-alert@sco.com http://www.sco.com/support/security/
Sendmail sendmail-security@sendmail.org http://www.sendmail.org/
SGI security-alert@sgi.com http://www.sgi.com/support/security/
Squirrelmail See website http://www.squirelmail.org/about.php
SuSE security@suse.de http://www.suse.de/de/security/index.html
Sun security-alert@sun.com http://sunsolve.sun.com/pub-cgi/show.pl
?target=security/sec
US-CERT us-cert@us-cert.gov http://www.us-cert.gov
US-CERT Federal 888.282.0870 https://incidentreport.fedcirc.gov/

 

Apache Server 

Website best viewed using MS IE6 with a minimum screen resolution of 1024x768.

Contact | Legal | Links  | Privacy  | Search  | Site Map

Copyright 2001-2006 McCracken Associates

Website Modified: January 27, 2006

Cnet Ranks One World No1 Host