A Survey of Security-Related Online Resources

HTTP Sites

SRI Computer Science Lab

SRI has responsibility for the ACM Forum on Risks in the Use of Computer and Related Systems. Here you'll find a link to it.

SRI WWW Server

see also

Purdue COAST Project

(Computer Operations, Audit and Security Tools). A great ftp site collecting many things pertinant to security

Digital Secure Systems

Digital markets a series of products and services for internet security.

Computer Systems Consulting

CSC has much of the information and tools available to the cracker community.

RSA Data Security, Inc.'s Home Page

RSA provides the defacto industry standard in public key encryption

NIST WWW Home Page

The National Institute of Standards and Technology has a lot of information on computer security

The Secure HyperText Transfer Protocol

This is the draft text for an RFC (Request For Comment) being circulated to elicit public comment

Christopher L. Menegay's Security Page

This site contains explicit information about how to break into Unix systems. It also details how to stop these methods. A valuable service.

NASA Automated Systems Incident Response Capability

Not really of much use, you can't go beyond an introductory screen without authorization.

General FTP Sites Interested in Comp Security

NIST FTP Server

The National Institute of Standards and Technology's Computer Science Laboratory, Computer Security Divison FTP site. You might want to select the index.html file once there for a cleaner interface.

CERT FTP Server

Computer Emergency Response Center FTP site. Many advisories and tools are available here.

CIAC FTP Server

Computer Incident Advisory Capability ftp site

COAST Security FTP Archive

Computer Operations, Audit and Security Tools ftp site

Greatcircle FTP Server (firewalls)

This is the system the firewalls mailing list lives on, and contains an extensive list of documentation and other useful information about firewalls.

Trusted Information Systems (TIS) FTP Server

TIS does consulting in the firewalls market. They also have a very complete suite of software to implement a firewall available by anonymous ftp

AT&T FTP Server

Athena FTP Server

From MIT, the Athena Project has more to offer than X. Among other things, you'll find kerberos software here, as well as a great collection of USENIX papers, and other tasty tidbits.

SURA FTP Server

SURAnet security archive. They have CERT and CIAC alerts, NIST publications, Department of Defense Alerts, pagers, security programs, etc...

DDN Security Bulletins FTP Server

This is the NIC's security ftp server. Skip all the files starting with ddn-security- until you get down to ddn-security-8901. All the previous ones will just tell you that the naming conventions have changed, and you're looking at the wrong file.

Texas AMU security tools

Texas A&M, in response to being broken into, has developed a lot of expertise in detecting and preventing breakins. Here you'll find papers and tools.

NEC.COM FTP Server

While intended for the use of NEC and it's subsidiaries, this site always has a nifty assortment of tools for socks, sudo, cops, etc...

Dartmouth Security Tools

Matt Bishop's cool collection of papers and programs related to security, including passwd+.

COAST- intrusion_detection

AI and statistical tools to detect intrusion.

SRI's NIDES Next-Generation Intrusion Detection System

Gopher Sites

NIST Main Gopher

NIST Security Gopher

FIRST Gopher

CSC Security Gopher

Security,Audit & Control (SIGSAC)