tag:blogger.com,1999:blog-52665646460831493512012-01-04T18:20:45.236-08:00All about IT securityLofanhttp://www.blogger.com/profile/05514626834354148476noreply@blogger.comBlogger21100tag:blogger.com,1999:blog-5266564646083149351.post-2881786898460911002012-01-04T18:01:00.000-08:002012-01-04T18:20:45.254-08:00IT Security Reference links<table border="0"><tbody><tr><td><br /></td><td><h2>Government Organization Web Site</h2><div></div><ul><li><a href="http://www.edb.gov.hk/index.aspx?nodeID=4797&langno=1&iframe=true&width=1010&height=500" target="_blank">EDB - Information Technology in Education Reference Materials</a></li><li><a href="http://www.police.gov.hk/ppp_en/04_crime_matters/tcd/tcd.html" target="_blank">Hong Kong Police Force - Technology Crime Division</a></li><li><a href="http://www.hongkongpost.gov.hk/index.html" target="_blank">Hongkong Post e-Cert</a></li><li><a href="http://www.ofta.gov.hk/" target="_blank">OFTA, Office of the Telecommunications Authority</a></li><li><a href="http://www.ogcio.gov.hk/" target="_blank">OGCIO, Office of the Government Chief Information Officer</a></li><li><a href="http://www.ogcio.gov.hk/en/infrastructure/methodology/security_policy/index.htm" target="_blank"> </a></li><li><a href="http://www.infosec.gov.hk/english/main.html" target="_blank">OGCIO - InfoSec</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>The Worldwide National Computer Emergency Response Team</h2><div></div><ul><li><a href="http://www.auscert.org.au/" target="_blank">Australian Computer Emergency Response Team (AusCERT)</a></li><li><a href="http://www.bdcert.org/" target="_blank">Bangladesh Computer Emergency Response Team (BDCERT)</a></li><li><a href="http://www.brucert.org.bn/" target="_blank">Brunei Computer Emergency Response Team (BRUCERT)</a></li><li><a href="http://www.cert.br/en" target="_blank">Brazil CERT (Cert.br)</a></li><li><a href="http://www.cert.gov.il/" target="_blank">Cert.gov.li (Israel)</a></li><li><a href="http://www.certa.ssi.gouv.fr/certa/contact_en.html" target="_blank">CERTA (France)</a></li><li><a href="http://www.govcert.nl/" target="_blank">The Netherlands Government CERT (GOVCERT.NL)</a></li><li><a href="http://www.cert-in.org.in/" target="_blank">Indian Computer Emergency Response Team (CERT-In)</a></li><li><a href="http://www.cert.or.id/" target="_blank">Indonesia Computer Emergency Response Team (ID-CERT)</a></li><li><a href="http://www.jpcert.or.jp/english" target="_blank">Japen Computer Emergency Response Team Coordination Center (JPCERT/CC)</a></li><li><a href="http://www.krcert.or.kr/english_www" target="_blank">Korea Internet Security Center (KrCERT/CC)</a></li><li><a href="http://www.mycert.org.my/en" target="_blank">Malaysian Computer Emergency Response Team (MyCERT)</a></li><li><a href="http://www.cert.org.cn/english_web/index.htm" target="_blank">National Computer network Emergency Response technical Team/Coordination Center of China (CNCERT/CC)</a></li><li><a href="http://www.phcert.org/" target="_blank">Philippine Computer Emergency Response Team (PHCERT)</a></li><li><a href="http://www.singcert.org.sg/" target="_blank">Singapore Computer Emergency Response Team (SingCERT)</a></li><li><a href="http://www.slcert.gov.lk/" target="_blank">Sri Lanka Computer Emergency Response Team (SLCERT)</a></li><li><a href="http://www.twncert.org.tw/" target="_blank">Taiwan National Computer Emergency Response Team (TWNCERT)</a></li><li><a href="http://thaicert.nectec.or.th/about_en/about_en.php" target="_blank">Thai Computer Emergency Response Team (ThaiCERT)</a></li><li><a href="http://www.us-cert.gov/" target="_blank">United States Computer Emergency Readiness Team (US-CERT)</a></li><li><a href="http://www.vncert.gov.vn/en" target="_blank">Vietnam Computer Emergency Response Team (VNCERT)</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>The Worldwide Computer Emergency Response Team</h2><div></div><ul><li><a href="http://www.apcert.org/" target="_blank">Asia Pacific Computer Emergency Response Team (APCERT)</a></li><li><a href="http://www.bkav.com.vn/" target="_blank">Bach Khoa Internetwork Security Center (BKIS)</a></li><li><a href="http://www.ccert.edu.cn/index_en.php" target="_blank">CERNET Computer Emergency Response Team (CCERT)</a></li><li><a href="http://www.cert.org/" target="_blank">CERT/CC</a></li><li><a href="http://www.first.org/" target="_blank">Forum of Incident Response and Security Teams (FiRST)</a></li><li><a href="http://www.nus.edu.sg/comcen/security" target="_blank">National University of Singapore Computer Emergency Response Team (NUSCERT)</a></li><li><a href="http://www.cert.org.tw/eng/index.htm" target="_blank">Taiwan Computer Emergency Response Team / Coordination Center (TWCERT)</a></li><li><a href="http://www.terena.org/" target="_blank">TERENA</a></li><li><a href="http://www.terena.org/activities/tf-csirt" target="_blank">TF-CSIRT</a></li><li><a href="http://www.surfnet.nl/nl/Thema/surfcert" target="_blank">SURFcert</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Vulnerability Information Website</h2><div></div><ul><li><a href="http://www.linuxsecurity.com/" target="_blank">LinuxSecurity.com</a></li><li><a href="http://www.microsoft.com/technet/security/current.aspx" target="_blank">Microsoft Security Bulletin</a></li><li><a href="http://www.oracle.com/technetwork/topics/security/whatsnew/index.html" target="_blank">Oracle Secuirty bulletin </a></li><li><a href="http://support.apple.com/kb/ht1222" target="_blank">Apple Security updates</a></li><li><a href="http://tools.cisco.com/security/center/home.x" target="_blank">Cisco Security</a></li><li><a href="http://secunia.com/advisories/historic" target="_blank">Secunia</a></li><li><a href="http://www.securiteam.com/" target="_blank">SecuriTeam</a></li><li><a href="http://www.securityfocus.com/" target="_blank">SecurityFocus</a></li><li><a href="http://www.us-cert.gov/cas/techalerts" target="_blank">United States Computer Emergency Readiness Team (US-CERT)</a></li><li><a href="http://www.vupen.com/english/security-advisories" target="_blank">VUPEN Security Advisories</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Internet Security Status Monitoring</h2><div></div><ul><li><a href="http://atlas.arbor.net/" target="_blank">ArborNet Global Dashboard - Top attacks , Top scanned service and Top threat sources</a></li><li><a href="http://www.securitywizardry.com/radar.htm" target="_blank">Computer Network Defence</a></li><li><a href="http://dnsbl.abuse.ch/statistic/fastflux.php" target="_blank">dnsbl.abuse.ch - Fastflux DNS bot activity status</a></li><li><a href="http://www.hkix.net/hkix/stat/aggt/hkix-aggregate.html" target="_blank">Hong Kong Internet Exchange - HKIX switch statistics</a></li><li><a href="http://scoreboard.keynote.com/scoreboard/Main.aspx?Login=Y&Username=public&Password=public&iframe=true&width=1010&height=500" target="_blank">Keynote - Internet Health Report: Network performance</a></li><li><a href="http://response.network-box.com/internet-health" target="_blank">Network Box - Internet Health: Probes, Intrusion, Malware, Spam</a></li><li><a href="http://isc.sans.org/reports.html" target="_blank">SANS Internet Storm Centre - Top ports, Top source IP</a></li><li><a href="http://www.shadowserver.org/wiki/pmwiki.php/Stats/GeoLocations" target="_blank">Shadowserver Foundation - Botnet C&C activity status by country</a></li><li><a href="http://www.team-cymru.org/Monitoring/Graphs/" target="_blank">Team Cymru - Top malicious activities, Top bot activities</a></li><li><a href="http://www.virustotal.com/stats.html" target="_blank">Virustotal - Malware Submissions, Detection rate distribution, Top malware detection</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Information Security Blog</h2><div></div><ul><li><a href="http://ddanchev.blogspot.com/" target="_blank">Dancho Danchev's Blog</a></li><li><a href="http://www.f-secure.com/weblog" target="_blank">F-Secure Weblog</a></li><li><a href="http://infosec20.blogspot.com/" target="_blank">Greg Martin's blog</a></li><li><a href="http://news.hostexploit.com/" target="_blank">HOSTEXPLOIT.COM</a></li><li><a href="http://s3cwatch.wordpress.com/" target="_blank">s3c-watch</a></li><li><a href="http://isc.sans.org/diary.html" target="_blank">SANS Internet Storm Center</a></li><li><a href="http://blog.scansafe.com/" target="_blank">ScanSafe STAT blog</a></li><li><a href="http://www.shadowserver.org/wiki" target="_blank">Shadowserver Foundation</a></li><li><a href="http://blog.trendmicro.com/" target="_blank">TrendLabs</a></li><li><a href="http://securitylabs.websense.com/content/blogs.aspx" target="_blank">WebSense - Blogs - Security Labs</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Information Security Guideline</h2><div></div><ul><li><a href="http://www.auscert.org.au/render.html?it=5816&template=1&iframe=true&width=1010&height=500" target="_blank">AusCERT UNIX and Linux Security Checklist v3.0</a></li><li><a href="http://www.cert-in.org.in/s2cMainServlet?pageid=GUIDLNVIEW01&iframe=true&width=1010&height=500" target="_blank">CERT-In Security Guidelines</a></li><li><a href="http://www.fdic.gov/news/news/financial/2005/fil6605a.html" target="_blank">FDIC - Best Practices on Spyware Prevention and Detection</a></li><li><a href="http://www.interhack.net/pubs/fwfaq" target="_blank">Interhack Research - Internet Firewall FAQ</a></li><li><a href="http://msdn.microsoft.com/en-us/library/ms998411.aspx" target="_blank">Microsoft .NET Framework Security Guidelines</a></li><li><a href="http://www.ogcio.gov.hk/en/infrastructure/methodology/security_policy/index.htm" target="_blank"><b>Documents on IT Security Policy and Guidelines</b></a></li><li><a href="http://www.us-cert.gov/control_systems/pdf/personnel_guide0904.pdf" target="_blank">US-CERT - Personnel Security Guidelines</a></li><li><a href="http://www.owasp.org/index.php/Category:OWASP_Guide_Project" target="_blank">The OWASP Guide to Building Secure Web Applications and Web Services</a></li><li><a href="http://www.owasp.org/index.php/Category:OWASP_Testing_Project" target="_blank">The OWASP Testing Guide</a></li><li><a href="http://www.w3.org/Security/Faq/www-security-faq.html" target="_blank">W3C - The World Wide Web Security FAQ</a></li><li><a href="http://www.safewifi.hk/eng" target="_blank">WTIA - Safe WIFI</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Other related to Information Security Website</h2><div></div><ul><li><a href="http://www.antispywarecoalition.org/" target="_blank">Anti-Spyware Coalition</a></li><li><a href="http://www.firewallguide.com/spyware.htm" target="_blank">Anti-Spyware Guide</a></li><li><a href="http://www.honeynet.org/" target="_blank">Honeynet Project Blogs</a></li><li><a href="http://nvd.nist.gov/" target="_blank">National Vulnerability Database</a></li><li><a href="http://www.team-cymru.org/" target="_blank">Team Cymru</a></li><li><a href="http://www.antiphishing.org/" target="_blank">The Anti-Phishing Working Group (APWG)</a></li><li><a href="http://www.virusbtn.com/" target="_blank">Virus Bulletin</a></li><li><a href="http://www.virustotal.com/" target="_blank">Virus Total</a></li><li><a href="http://www.windowsecurity.com/" target="_blank">WindowSecurity.com</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Information Security News</h2><div></div><ul><li><a href="http://news.cnet.com/security/?tag=hdr;snav&iframe=true&width=1010&height=500" target="_blank">CNET, Security News</a></li><li><a href="http://www.computerworld.com/news/index.jsp" target="_blank">Computerworld, News</a></li><li><a href="http://www.networkworld.com/topics/security.html?tnav=_l320_t1_s&iframe=true&width=1010&height=500" target="_blank">Networkworld, Security News</a></li><li><a href="http://www.msnbc.msn.com/id/3033077" target="_blank">msnbc, Security News</a></li><li><a href="http://www.scmagazineus.com/News/section/100" target="_blank">SC Magazine, News</a></li><li><a href="http://www.theregister.co.uk/security" target="_blank">The Register, Security News</a></li><li><a href="http://www.vnunet.com/categories/security" target="_blank">vnunet, Security News</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Technology Crime and Related Ordinances</h2><div></div><ul><li><a href="http://www.police.gov.hk/hkp-home/english/tcd/intro.htm" target="_blank">Hong Kong Police Force - Introduction to Technology Crime and Prevention Tips</a></li><li><a href="http://www.infosec.gov.hk/english/crime/crime.html" target="_blank">InfoSec - Computer Related Crime</a></li><li><a href="http://www.infosec.gov.hk/english/ordinances/ordinances.html" target="_blank">InfoSec - Related Ordinances</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Spam and Electronic Messages</h2><div></div><ul><li><a href="http://www.hkispa.org.hk/antispam" target="_blank">Hong Kong Internet Service Provider Association - Antispam</a></li><li><a href="http://www.ofta.gov.hk/en/uem/main.html" target="_blank">OFTA - Unsolicited Electronic Messages Ordinance</a></li><li><a href="http://www.ofta.gov.hk/en/enq_help/uem.html" target="_blank">OFTA - Unsolicited Electronic Messages Report Form</a></li><li><a href="http://www.antispam.gov.hk/english/main.htm" target="_blank">OFTA - Anti-spam Home Page</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>List of Fake Bank</h2><div></div><ul><li><a href="http://www.info.gov.hk/hkma/eng/press/category/fraudulent_web.htm" target="_blank">Hong Kong Monetary Authority - Fraudulent Websites, E-mails and Telephone System, and other fraud cases</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Application of Information Technology and Security Statisitcs</h2><div></div><ul><li><a href="http://www.police.gov.hk/hkp-home/english/tcd/overview.htm" target="_blank">Hong Kong Police Force - Technology Crime Statistics in Hong Kong</a></li><li><a href="http://www.info.gov.hk/digital21/eng/statistics/stat.html#annual" target="_blank">OGCIO - Digital 21 Strategy - Statistics and Figures</a></li></ul><div></div><hr /><div></div></td></tr><tr><td></td><td><h2>Malicious Website Blocklist</h2><div></div><ul><li><a href="http://www.malwaredomains.com/" target="_blank">DNS-BH - Malware Domain Blocklist</a></li><li><a href="http://www.malware.com.br/lists.shtml" target="_blank">Malware Patrol - Block Lists</a></li></ul><div></div></td></tr></tbody></table><div class="SectionHead"><br /></div><div class="SectionHead"><br /></div><div class="SectionHead"><br /></div><div class="SectionHead"><br /></div><div class="SectionHead"><br /></div><div class="SectionHead"><br /></div><div class="SectionHead"><br /></div><div class="SectionHead"><br /></div><div class="SectionHead">CERT Organisations :</div><ul><li class="engtext"><a href="http://www.auscert.org.au/" target="_blank">AusCERT</a> - Australian Computer Emergency Response Team</li><li> <span class="engtext"><a href="http://www.cert.org/" target="_blank">CERT/CC</a> - US Computer Emergency Response Team Coordination Center</span></li><li> <span class="engtext"><a href="http://www.cert.org.cn/" target="_blank">CNCERT/CC</a> - China Computer Emergency Response Team Coordination Center</span></li><li> <span class="engtext"><a href="http://www.first.org/" target="_blank">FIRST</a> - The Forum of Incident Response and Security Teams</span></li><li> <span class="engtext"><a href="http://www.hkcert.org/" target="_blank">HKCERT</a> - Hong Kong Computer Emergency Response Team Coordination Centre</span></li><li> <span class="engtext"><a href="http://www.mycert.org.my/">MyCERT</a> - Malaysian Computer Emergency Response Team</span></li><li><span class="engtext"><a href="http://www.singcert.org.sg/" target="_blank"> SingCERT</a> - Singapore Computer Emergency Response Team</span></li></ul><div class="SectionHead">Anti-virus Ogranizations</div><ul><li><b>Virus Bulletin</b><br /> <a href="http://www.virusbtn.com/%20">http://www.virusbtn.com/ </a></li><li><b>The WildList Organization International</b><br /> <a href="http://www.wildlist.org/">http://www.wildlist.org/</a><br /> </li></ul><br /><div class="SectionHead">Virus Databases</div><ul><li><b>Computer Associates Virus Encyclopaedia</b><br /> http://www3.ca.com/securityadvisor/virusinfo/browse.aspx</li><li><b>F-Secure Security Information Center</b><br /> http://www.f-secure.com/virus-info/</li><li><b>McAfee Virus Information Library</b><br /> http://vil.nai.com/vil/default.asp</li><li><b>Symantec Virus Encyclopaedia</b><br /> http://securityresponse.symantec.com/avcenter/vinfodb.html</li><li><b>Trend Micro Virus Encyclopaedia</b><br /> http://www.trendmicro.com/vinfo/virusencyclo/default.asp</li></ul><div class="SectionHead">Useful References :</div><ul><li><span class="engtext"><b>The SafetyNet Guide (English version), AOEMA</b></span><br /> URL://www.aoema.org/SafetyNet/index.htm</li><li><span class="engtext"><b>The SafetyMail Guide (English version), AOEMA</b></span><br /> URL://www.aoema.org/safetymail/index.htm</li><li><a class="engtext" href="http://www.sans.org/top20.htm" target="_blank">SANS/FBI Top 20 Most Critical Internet Security Vulnerabilities List</a><br /> The list includes 20 vulnerabilities organized into 3 categories: vulnerabilities that affect all systems, those that affect Windows systems, and those that affect Unix systems.</li><li><span class="engtext"><b>Establishing a Computer Security Incident Response Capability, NIST (National Institute of Standards and Technology) Special Publication 800-3, Nov 1991.</b></span><br /> URL://csrc.nist.gov/topics/inchand.html</li><li><b class="engtext">Sample Incident Handling Procedures, from SANS (System Administration, Networking, and Security Institute), April 1998.</b><br /> URL://www.sans.org/newlook/resources/policies/item7.pdf</li><li><b class="engtext">RFC 2196 Site Security Handbook, from IETF (The Internet Engineering Task Force) </b><br /> URL://www.ietf.org/rfc/rfc2196.txt</li><li><span class="engtext"><b>RFC 2350 Expectations for Computer Security Incident Response, from IETF (The Internet Engineering Task Force)</b></span><b><br /> </b>URL://www.ietf.org/rfc/rfc2350.txt</li><li><span class="engtext"><b>Responding to Computer Security Incidents: Guidelines for Incident Handling, University of California Lawrence Livermore National Laboratory, July 1990.</b></span><b><br /> </b>ftp://ciac.llnl.gov/pub/ciac/ciacdocs/ihg.txt </li></ul><div class="engtext"><br /></div><div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/5266564646083149351-288178689846091100?l=itsecnews.blogspot.com' alt='' /></div>Lofanhttp://www.blogger.com/profile/05514626834354148476noreply@blogger.com0tag:blogger.com,1999:blog-5266564646083149351.post-51674307475940646202010-12-08T17:58:00.001-08:002010-12-08T17:58:47.544-08:00We're backWe're back now<br />Can't wait for it!<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/5266564646083149351-5167430747594064620?l=itsecnews.blogspot.com' alt='' /></div>Lofanhttp://www.blogger.com/profile/05514626834354148476noreply@blogger.com0