Security Resources

See also, ITD Open Forum presentation on "Security Challenges"

ComTech Net-Info Mailing List

Information on subscribing can be found at: http://comtech.ncsu.edu/networking/support/lists.htm
This is Networking's announcement list. If there is a major security problem that I think campus needs to be notified about I will post it on this list.

Lan Administrators List

http://comtech.ncsu.edu/networking/support/lanadmin.html
This is Networking's list of technical contacts in the various Buildings and Units on campus. When there is a problem with a host for which an owner is not identified I will notify the listed contact of the problem.

The SANS Institute

http://www.sans.org/
This site has lots of useful information. They also host several mailing lists, one that I find useful is the Security Alert Consensus (SAC). Their description is:

One definitive weekly summary of new alerts and countermeasures with announcements from: SANS, CERT, the Global Incident Analysis Center, the National Infrastructure Protection Center, the Department of Defense, Security Portal, Ntbugtraq, Sun, and several other vendors. When you subscribe, by selecting only the operating systems you support, you will receive a version of Security Alert Consensus tailored and customized to your needs.

http://server2.sans.org/sansnews
One of the best benefits of this list is the summaries are usually in common English vs. many of the security postings and vendor notices which may be on a more technical level. I think this makes it easier for many people to understand which issues apply to them.

CERT Coordination Center

http://www.cert.org/
Essentially the original computer security group. They have fairly good information about computer security issues that have been discovered. They do tend to be somewhat slower in publishing, because they review more thoroughly and work to get vendor solutions/patches/fixes before postings.

Security Focus

http://www.securityfocus.com/
This site also has lots of good information. They also host numerous security related mailing lists including Bugtraq. Note that many of these lists can get very technical in their discussions. Also those lists marked as high traffic are, especially just after a new or seeming new exploit comes out (I would say 5-10 messages a day average on Bugtraq with some days almost 100).

NTBugtraq

http://www.ntbugtraq.com/
This site host the list NTBugtraq which is setup to be similar to the Bugtraq list but focused exclusively on Windows NT and its related Windows versions.

Free Tools

Foundstone
Look under Resources, Free Tools
Vision and Fport are useful tools when trying to find rogue processes.
Sysinternals Freeware
Several useful utilities including Autoruns, Filemon, Regmon, PsTools

Send questions or comments to security@help.ncsu.edu

Last updated 20 June 2005 by jsw