New England Area Associations
Magazines
Information Security Links
CCCure
The CISSP, SSCP, CISM, CISA, ISSPCS, and SANS GIAC GCFW Open Study Guides Web site is dedicated
to helping people in achieving their goal of becoming a CISSP, SSCP, CISM, CISA, ISSPCS, or GCFW.
Over the years it has become a vast container of resources that can assist you in mastering the
domains of the specific Common Body of Knowledge related to each of the above certifications.
This site also offers all of the tools that you need to ensure that you are ready for the exam.
Hundreds of people have used this site along with some of the leading CISSP study books and have
successfully passed the exam. The site today also offers security news, news aggregation through
our dashboard, great security links, and an extensive library of documents that people like to
peruse and extract from to dig deeper into specific domains of the CBK or simply to help in their
daily security tasks.
Internet Security Systems,
Inc. (ISS)
ISS is the pioneer and leading supplier of adaptive security
management systems, providing enterprise-wide information
protection software. ISS is a worldwide innovator of security
solutions designed to augment the security performance of
existing systems by complementing security safeguards
such as firewalls, authentication and encryption.
NT
Bug Track
A very comprehensive site that tracks NT issues.
Anti
Online
As discussed in the July issue of Wired Magazine, this Web
site has the most recent information on network attacks
worldwide.
InfoSec.com
& InfoWar.com
Companies dedicated to information security and warfare.
The
SANS Institute
A research and educational organization committed to
providing world-class technical education for security
and systems management professionals. It's annual Network
Security (Fall) and SANS (Spring) Conferences are perennially
among the highest-rated educational programs for technologists
because they rely exclusively on the most effective
practitioner/teachers, many of whom teach at no other gatherings
each year.
Internet
Hoaxes
A page from CIAC dedicated to Internet Hoaxes and how to
avoid them.
The
Kerberos Network Authentication Service
Authentication is critical for the security of computer
systems. Without knowledge of the identity of a principal
requesting an operation, it's difficult to decide whether
the operation should be allowed. Traditional authentication
methods are not suitable for use in computer networks
where attackers can monitor network traffic and intercept
passwords. The use of strong authentication methods
that do not disclose passwords is imperative. The
Kerberos authentication system supports strong authentication
on such networks.
National
Institute of Standards and Technology
The National Institute of Standards and Technology was established
by Congress "to assist industry in the development
of technology . . . needed to improve product quality,
to modernize manufacturing processes, to ensure product
reliability . . . and to facilitate rapid commercialization
. . . of products based on new scientific discoveries."
An agency of the U.S. Department of Commerce's Technology
Administration, NIST's primary mission is to promote U.S.
economic growth by working with industry to develop
and apply technology, measurements, and standards.
CERIAS
Homepage
CERIAS -- The Center for Education and Research in Information
Assurance and Security (CERIAS) is currently viewed as one of the world's
leading centers for research and education in areas of information
security that are crucial to the protection of critical computing and
communication infrastructure. Contains the archives of the retired COAST project.
RSA
Data Security
RSA Data Security, Inc. is the world's brand name for
cryptography, with more than 75 million copies of
RSA encryption and authentication technologies installed
and in use worldwide. RSA's encryption technology
is embedded in Microsoft Windows, Netscape Navigator,
Intuit's Quicken, Lotus Notes, and hundreds of other products.
RSA technologies are part of existing and proposed
standards for the Internet and World Wide Web, ITU-T,
ISO, ANSI, IEEE, as well as business, financial and electronic
commerce networks around the globe. The company develops
and markets platform-independent developers' kits and
end-user products and also provides comprehensive cryptographic
consulting services.Founded in 1982 by the inventors of
the RSA Public Key Cryptosystem, the company is headquartered
in Redwood City, Calif.
Forum
of Incident Response and Security Teams
Since November of 1988 an almost continuous stream of security-related
incidents has affected thousands of computer systems
and networks throughout the world. To address this
threat, a growing number of government and private sector
organizations around the globe have established a
coalition to exchange information and coordinate response
activities. This coalition, the Forum of Incident
Response and Security Teams (FIRST), brings together
a variety of computer security incident response teams from
government, commercial, and academic organizations.
FIRST aims to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to
promote information sharing among members and the
community at large. Currently FIRST has more than 30 members.
THE
INTERNATIONAL ELECTRONIC RIGHTS SERVER
The mission of the Internet Privacy Coalition is
to promote privacy and security on the Internet through
widespread public availability of strong encryption
and the relaxation of export controls on cryptography.
The
Crypto Page
Encryption technology is the key
to the future of the information revolution. It allows
businesses and individuals to communicate securely over
any inexpensive communication platform without fear
of eavesdropping. This page is dedicated to pointing
out the failure of the Administration in attempting to squash
encryption through it's failed Clipper Chip schemes
and antiquated export regulations.
Princeton's
JAVA Analysis
Read about the weaknesses in SUN's JAVA language from the
scientists who discovered them. Their motto is "We
are studying ways to make executable content on the Internet
safe, so that people can use them without exposing
themselves to much security risk."
Privacy Sites
The Electronic Frontier Foundation
The Electronic Frontier Foundation is a non-profit civil
liberties organization working in the public interest
to protect privacy, free expression, and access to public
resources and information online, as well as to promote
responsibility in new media.
PRIVACY Forum
The Internet PRIVACY Forum is a moderated digest for
the discussion and analysis of issues relating to
the general topic of privacy (both personal and collective)
in the "information age" of the 1990's and
beyond. Topics include a wide range of telecommunications,
information/database collection and sharing, and related
issues, as pertains to the privacy concerns of individuals,
groups, businesses, government, and society at large.
The manners in which both the legitimate and the controversial
concerns of business and government interact with
privacy considerations are also topics for the digest.
Sites No Longer Maintained
Government
Security Site
A good overall security site for all types of information.
Advanced
Laboratory Workstation System
The Division of Computer Research and Technology, National
Institutes of Health has an extensive security section.
Security
Programs
A list of software used to improve security of computers.
At this time most of software is for Unix operating
system but a number of these programs have non-Unix versions.
|
