| Bigadmin portal  |
The BigAdmin portal SUN has, is focusing on Solaris security. They have FAQs, How-To's, discussion areas, ready-made scripts, additional resource and lots more. Worth checking out if you're managing Solaris boxes. From here you also know of latest vu |
707 |
|
| Hacking guide (roelof temmingh) |
Roelof Temmingh's excellent "paper" of hacking techniques, I recommend reading this one. It contains a bit humor and pretty nice description of what one would really do when h4x0ring/pentesting away. |
1'666 |
|
| Hackproofing ibm db2 |
This presentation gives you an overview of the security-measures you have to take to make your IBM DB2 installation more secure. |
531 |
|
| iis lockdown and urlscan |
This explains pretty well how to install these two on a windows-box, providing good information about best practices for IIS. URLScan is useful when the URLs for the website is mostly easy, thus very dynamic sites could deny themselves. |
520 |
|
| ISECOM |
It has created OSSTMM (OpenSource Security Testing Methodology Manual) and SPSMM (Secure Programming Standards Methodology Manual) and other resources. It has a very good tool-list that fits a security specialist's toolbox. Worth checking out. The si |
559 |
|
| IT baseline protection manual |
This is a manual that digs in into lots of security policies. Worth checking out if you're planning security policies for your company. The manual is really huge and touches lots of surfaces that you probably have never thought of. Check it out. |
763 |
|
| Microsoft technet security |
Microsoft has a security-area in the Technet-section of it's site. Here you can find howto-guides & checklist for various stuff, latest hotfixes & servicepacks. You also find a good tool called hfnetcheck that can be used for determining if some patc |
605 |
|
| Networking guide |
This site holds an excellent guide to networking. It basically covers the network topologies, protocols, hardware, routing, addressing and lots more. A very good network resource, that gets you in the loop in no time ;) There is more out on the web, |
1'236 |
|
| NSA hardening guides |
NSA has released security guides for NT, W2K, XP & Cisco. The configurations they suggest are pretty anal, so if you need some heavy security, these guides are something to look at. A word of warning, thought. Implementing some features might break y
|
604 |
|
| openBSD packet filtering guide |
A very nice resource for OpenBSD's packet filter. There is lots of example-rules and explanations of the inner workings of PF. A recommended site if you use OpenBSD as your firewall. |
477 |
|
| OWASP |
The Open Web Application Security Project (OWASP) is developing software tools and knowledge based documentation that helps people secure web applications and web services. They have a TOP-10 list of most common web-application programming mistakes a |
495 |
|
| Securing mysql step-by-step |
This is a quite good guide to securing an installation of MySQL, dealing with chrooting the daemon, dealing with default accounts, and other "hardening" that should be done. |
450 |
|
| SQL tutorial |
This is a nice online SQL tutorial, that can be useful for web-app testers, as the syntax for SQL is a bit hard to remember if you don't use it daily. The site also hosts lots of other www-related tutorials, and is worth checking out. |
535 |
|
| Wireless security paper |
IIS.net has released a whitepaper about Wireless Security. This paper has good viewpoints that should be taken into consideration when you plan implementing wireless technologies into your network/office environment. If you are into wireless stuff, r |
500 |
|
| www.cisecurity.org |
CIS provides methods and tools to improve, measure, monitor, and compare the security status of your Internet-connected systems and appliances, plus those of your business partners. It has nice guidelines & benchmarks that you can utilize to check th |
488 |
|
| www.linuxsecurity.com |
On this site you will find lots of information about securing Linux for many different roles, web-server, firewall and so on. Overally this site should be one-stop place for your needs when securing Linux. It also keeps up with the newest tools and o |
471 |
|
| www.markusjansson.com |
This site is specialized on privacy & Windows-security for home users. If you feel like you don't want to be that friendly neighbourhood hacker again, point your friend to this site. A word of warning thought. These pages have quite some paranoia inc |
495 |
|
| www.sqlsecurity.com |
SQL-security focuses on MS SQL database security. It has a very good checklist for securing your database. The site also hosts some useful scripts that you can use to assess your SQL-servers. The MS SQL server is very flexible database and there is l |
558 |
