IMHO, one of the best security sites is a white hat one: www.securityfocus.com You can check BugTraq's archives in this site. BugTraq is one of the best security oriented mailing lists in the world. A little on the dark side you have some interesting ones, like (the list is far from complete):
hack.co.za (seems dead) www.technotronic.com www.hackersclub.com www.hackers.com (a kind of museum, pretty old) www.rootshell.com (if still alive, they've problems with their ISP) www.uha1.com www.cyberarmy.com (home of the Zebulun challenge) astalavista.box.sk neworder.box.sk www.astalavista.com www.heinekenteam.com.ar (spanish) If anyone in the list is proficient with spanish, he/she is welcomed to grab the es.comp.hackers newsgroup FAQ from: http://comunidad.ciudad.com.ar/argentina/buenos_aires/koolkat/ech_puf_TXT.zip http://comunidad.ciudad.com.ar/argentina/buenos_aires/koolkat/ech_puf_HTML.zip http://comunidad.ciudad.com.ar/argentina/buenos_aires/koolkat/ech_puf_PDF.zip Of course is the same file with 3 different file formats. I'm currently the FAQ maintainer under the name "Nekromancer". At the end of the FAQ there're some references to sites in Internet (those can be understood by english-only people ;-) Books like Hacking Exposed (the 3rd edition is coming), Hacking Linux Exposed, Linux System Security, Real World Linux Security and many others are an excellent source of information if you're going to learn about the wonderful world of IT security. Hope this info helps. Best regards, Miguel Dilaj PD: many thanks to Mike Harris and Joanne Dow, who encourage me to LEARN about security some time ago ;-) Richard Hebert <[EMAIL PROTECTED]>@redhat.com on 10/10/2001 09:18:52 Please respond to [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: [EMAIL PROTECTED] cc: Subject: Re: Testing To Crack.. or Crack to test... On Wed, 10 Oct 2001 14:41:41 +0700 "lonh SENG" <[EMAIL PROTECTED]> wrote: > Hi all, > > How can I know my system is in top security? > Do we have a site for testing this? > Could anyone help me? > > Kind Regards, > lonh I agree that grc.com has a nice but basic testing Sheilds up It can also probe some common ports. Lately with a few friends on IRC we began using nmap on each other. nmap will scan for open ports quite thoroughly. It needs be done from someone you trust from a remote location. But that wont tell you all. Example. SSH it's nice to login from remote but how can you be sure it's safe ? The basics are this .. disable all that you're not using.Not using SSH ? disable it. Again strong passwords containing not only letters but numbers and symbols mixing upper and lower case. Mixing them so the dictionary attack is difficult at best. There is a ton of good literrature on the subject. Keeping up with security updates and using the latest programs also helps. Specially for a server that's on the internet. Right now in the present situation id give this as a guideline. All you can do to secure your network will pay for itself big time. There is too much " wanna be kiddie script cracker " applications available on the cracker web sites. A good way to grasp the situation is to go visit co called hacker sites. Astalavista.com is a good place to start if you havent ever went to one. >From there you will realise how serious the problem is.There are search engines in there that look for everything.Cracks, hacks,virii kits, attack programs ( like Divine Intervention ) Trojans , backdoors ... can't name them all. To be aware of what's out there and to smell the wind is an excellent way to stimulate you into taking all the measures to secure your computer or network. Richard _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list _______________________________________________ Seawolf-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/seawolf-list
