External IT Security Resources
- Requesting re-indexing by search engines (.doc)
- SANS Top 20 Vulnerabilities
- SANS Internet Storm Center
- Vulnerability listing at SecurityFocus.com
- Duke has an institutional membership with the Center for Internet Security. As a member of the Duke community, you can create an account to have access to the tools and benchmarks they provide.
- The CERT Coordination Center at CMU addresses risks at the software and system levels.
Web Development Resources
There are a lot of great resources available for web application developers - here are a few that we recommend:
- OWASP - the Open Web Application Security Project - provides information on development, code review, tools, top ten web app risks, and more.
- Qualys' SSL Labs provides an SSL Server Test tool as well as other information and tools related to SSL.
- Georgia Tech has a great site about backlink spam, including tools for detecting it on your own sites.
Malware Removal and Forensics Resources
- helix distro: incident response, computer forensics and e-discovery in one simple to use interface - free version: https://www.e-fense.com/store/index.php?_a=viewProd&productId=11
- malware bytes: detects and removes all traces of malware including worms, trojans, rootkits, rogues, dialers, spyware and more.
- sleuthkit (includes autopsy & dd): Sleuthkit and Autopsy are open source digital investigation tools (a.k.a. digital forensic tools) that run on Windows and Unix systems. They can be used to analyze NTFS, FAT, HFS+, Ext2, Ext3, UFS1, and UFS2 file systems and several volume system types. The Sleuth Kit (TSK) is a C library and a collection of command line tools. Autopsy is a graphical interface to TSK.
- ddrescue: GNU ddrescue is a data recovery tool. It copies data from one file or block device (hard disc, cdrom, etc) to another, trying hard to rescue data in case of read errors.
- sysinternals tools: Sysinternals utilities can help you manage, troubleshoot and diagnose your Windows systems and applications.
- foremost: Foremost is a console program to recover files based on their headers, footers, and internal data structures. This process is commonly referred to as data carving. Foremost can work on image files, such as those generated by dd, Safeback, Encase, etc, or directly on a drive. The headers and footers can be specified by a configuration file or you can use command line switches to specify built-in file types. These built-in types look at the data structures of a given file format allowing for a more reliable and faster recovery.
- ubuntu rescue remix: Ubuntu-Rescue-Remix provides a robust yet lean system for data recovery and forensics. No graphical interface is used; the live system can boot and function normally on machines with very little memory or processor power.
Any other tools you use regularly & recommend? Let us know and we can list them here.