PUBLIC MARKS from xenomorph

the Exploration of Computation

Expression is everything.. see how our talented team can unleash extreme creativity for your organization

MapBuilder lets you tag locations on a map and publish it on your own site. Mapping is now easier than ever. It's free.

Google Enterprise Solutions

The Honeynet Project is a non-profit (501c3) organization dedicated to improving the security of the Internet by providing cutting-edge research for free. Founded in October, 1999 we have been providing the following services for free to the public.

Network security articles and hacking prevention resources for the government and general public. Covering all aspects of Computer Hacking, including tutorials and exploit downloads.

Computer Security Forum, Firewalls, Encryption, IDS, Linux, Windows, Hardware, Software.

# Advisories # Backend RSS # Downloads # Exploits # Feedback # Free Shells # Gallery # IP Index # Library # Password Generator # Private Messages # Recommend Us # Security Services # Stories Archive # Security Store # Submit News # Text Files # Top10 # Topics # Tutorials # UNIX Man Pages # Web Links # WhitePapers

PacketDefense: Information Security and BS7799 / ISO 17799 News

Com Sec Routing Out Vulnerabilities

Industry-leading software solutions mean superior business results. And better solutions depend on solid research. BindView's elite RAZOR team delivers the cutting edge in security research. In an ongoing commitment to superiority, RAZOR develops the vulnerability checks, best practices, and compliance algorithms behind BindView's solutions.

VCP iDEFENSE recognizes that there is an abundance of technical security knowledge concerning undisclosed vulnerabilities and exploit code that are constantly discovered or created by individuals and security groups. Some of this information may see the light of day on security mailing lists or eventually be disclosed as the result of a post-mortem analysis of a compromised computer system. Our Vulnerability Contributor Program (VCP) compensates individuals who provide iDEFENSE with advance notification of unpublished vulnerabilities and/or exploit code. Alternately, iDEFENSE can donate any earned funds to a charity of the contributor's choice in their name.

The Neohapsis Archives is a collection of public mailing lists and vendor announcements. As such, the community at large generates the archival content, not Neohapsis. Most of the content consists of messages sent to popular (public) mailing lists. Our original intent was to collect mailing lists that we regularly use, and put them in one place - a secure place that would be around for a while. Although Archives has grown into a substantial repository today, the idea is still the same. Our goal is to have a complete, unchanging historical record of information, and to keep it free and accessible for as long as possible.

SecurityFocus is the most comprehensive and trusted source of security information on the Internet. SecurityFocus is a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

Experts In Strategic Security

SANS is the most trusted and by far the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - Internet Storm Center. The SANS (SysAdmin, Audit, Network, Security) Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals, auditors, system administrators, network administrators, chief information security officers, and CIOs who share the lessons they are learning and jointly find solutions to the challenges they face. At the heart of SANS are the many security practitioners in government agencies, corporations, and universities around the world who invest hundreds of hours each year in research and teaching to help the entire information security community.

Only Internet Security Systems can deliver preemptive security due to our singular focus on security excellence and unwavering commitment to research and development. ISS' security excellence is driven by the world-renowned X-Force research and development team and 24/7 global attack monitoring.

Introducing NIAP The National Information Assurance Partnership (NIAP) is a U.S. Government initiative originated to meet the security testing needs of both information technology (IT) consumers and producers. NIAP is a collaboration between the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) in fulfilling their respective responsibilities under PL 100-235 (Computer Security Act of 1987). The partnership combines the extensive IT security experience of both agencies to promote the development of technically sound security requirements for IT products and systems and appropriate measures for evaluating those products and systems.

The Center for Education and Research in Information Assurance and Security (CERIAS) is currently viewed as one of the world's leading centers for research and education in areas of information security that are crucial to the protection of critical computing and communication infrastructure. CERIAS is unique among such national centers in its multidisciplinary approach to the problems, ranging from purely technical issues (e.g., intrusion detection, network security, etc) to ethical, legal, educational, communicational, linguistic, and economic issues, and the subtle interactions and dependencies among them.

Common Vulnerabilities and Exposures (CVE) is: A list of standardized names for vulnerabilities and other information security exposures - CVE aims to standardize the names for all publicly known vulnerabilities and security exposures. A Dictionary, NOT a Database - The goal of CVE is to make it easier to share data across separate vulnerability databases and security tools. While CVE may make it easier to search for information in other databases, CVE should not be considered as a vulnerability database on its own merit. A Community-Wide Effort - The content of CVE is a result of a collaborative effort of the CVE Editorial Board. The Editorial Board includes representatives from numerous security-related organizations such as security tool vendors, academic institutions, and government as well as other prominent security experts. The MITRE Corporation maintains CVE and moderates Editorial Board discussions.

NVD is a comprehensive cyber security vulnerability database that integrates all publicly available U.S. Government vulnerability resources and provides references to industry resources. It is based on the CVE vulnerability naming standard.

OSVDB is an independent and open source database created by and for the community. Our goal is to provide accurate, detailed, current, and unbiased technical information.

Lock picking is almost as much an art as it is a science. You can read all the lock picking instructions and still not be able to open a single lock. The skill of lock picking involves gaining a good feel for the lock mechanism and the lock picking technique needed to open it. This requires practice and concentration. The number and variety of locks in current use is staggering, yet the vast majority of locks in use are simple pin-tumbler designs. Common lock types include: * Pin-tumbler locks * Warded locks * Wafer locks * Lever locks * Dial combination locks * Disc combination locks * Push-button combination locks

The Institute for Security and Open Methodologies (ISECOM) is an open-source collaborative community since January 2001 with non-profit status in the USA and Spain. We are dedicated to providing practical security awareness, research, certification and business integrity. ISECOM provides certification, training support, and project support services for non-partisan and vendor-neutral funding of our projects and infrastructure and to assure you our training programs, standards, and best practices are truly neutral of national or commercial influence.

Security risk analysis, otherwise known as risk assessment, is fundamental to the security of any organization. It is essential in ensuring that controls and expenditure are fully commensurate with the risks to which the organization is exposed. However, many conventional methods for performing security risk analysis are becoming more and more untenable in terms of usability, flexibility, and critically... in terms of what they produce for the user. This site is intended to explore the basic elements of risk, and to introduce a security risk assessment methodology and tool which is now used by many of the worlds major corporations. It also embraces the use of the same product to help ensure compliance with security policies, external standards (such as ISO 17799) and with legislation (such as Data Protection legislation).