Resources

Get Started. It's Free
or sign up with your email address
Rocket clouds
Resources by Mind Map: Resources

1. Security

1.1. Blog & News

1.1.1. Schneier's Blog

1.1.2. Security Warrior

1.1.3. SecURLs

1.2. Domain

1.2.1. Access Control

1.2.1.1. RFID

1.2.1.1.1. Viruses leap to smart radio tags

1.2.1.2. Extended EAP (Extensible Authentication Protocol)

1.2.1.3. SolutionBase: RADIUS deployment scenarios

1.2.1.3.1. There are many different ways that RADIUS servers can be deployed, both in ISP and in corporate environments. Here are some of the less common types of RADIUS deployments.

1.2.2. Architecture

1.2.2.1. Virtualization

1.2.2.1.1. What are the security risks associated with virtual PCs?

1.2.2.1.2. If a virtual machine is hacked, what are the consequences?

1.2.3. Application & Database

1.2.3.1. Jess Gracia's Malware Analysis Knowledge Base

1.2.3.2. Web Application

1.2.3.2.1. PHP / SQL Injection

1.2.3.2.2. XSS

1.2.3.2.3. Web Application Security Consortium

1.2.3.2.4. Open Web Application Security Project (OWASP)

1.2.3.2.5. Web Hacking Incident Database

1.2.3.2.6. HTTP attacks: Strategies for prevention

1.2.3.2.7. Developer's active content delivery checklist

1.2.3.2.8. Buffer overflows and memory leaks in a Web application?

1.2.3.3. Blind SQL Injection Tool

1.2.3.3.1. an automatic blind SQL injection tool, developed in python, capable to perform an active database management system fingerprint, enumerate entire remote databases and much more. The aim of this project is to implement a fully functional database management system tool which takes advantages of web application programming security flaws which lead to SQL injection vulnerabilities.

1.2.4. BCP & DRP

1.2.4.1. Disaster Recovery e-book

1.2.5. Crypto

1.2.6. Incident Handling

1.2.6.1. Management

1.2.6.1.1. CERT Coordinated Response - guidance to establish computer security incident response teams (CSIRTs)

1.2.6.1.2. Creating a Computer Security Incident Response Team: A Process for Getting Started

1.2.6.1.3. Action List for Developing a Computer Security Incident Response Team (CSIRT)

1.2.6.1.4. Steps for Recovering from a UNIX or NT System Compromise

1.2.6.2. Forensic

1.2.6.2.1. Jess Garcia's Forensic Knowledge Base !

1.2.6.2.2. First Responders Guide to Computer Forensics - Advanced Topics

1.2.6.2.3. Tools

1.2.6.2.4. Various Notes

1.2.6.3. Spyware removal checklist

1.2.7. Law

1.2.8. Management

1.2.8.1. Policy

1.2.8.1.1. Reduce the risks of uncontrolled email and web usage

1.2.8.1.2. IT Security Policy Checklist

1.2.8.1.3. Policy & Procedure Manual

1.2.8.1.4. Build Your Own: E-mail Usage Policy

1.2.8.1.5. E-Policy Best Practices Guide

1.2.8.2. Total Enterprise Assurance Management (TEAM) model

1.2.8.3. Top tools for testing your online security

1.2.8.4. Master the principles of computer security

1.2.8.4.1. Computer security may seem complicated, but in truth the theory behind computer security is relatively simple. Hacking methods fall into just a few categories, and solutions to computer security problems are actually rather straightforward. In this sample chapter from Network Security Foundations: Technology Fundamentals for IT Success, explore the history of computer security, investigate the reasons that computers aren't secure, and master the theoretical underpinnings of network security.

1.2.8.5. Standard / Certification

1.2.8.5.1. CC Validated Product List

1.2.9. Operation

1.2.9.1. The 15-Minute Backup Solution Using Open Source

1.2.9.2. Animated RAID Tutorial

1.2.9.3. RAID Space Calculator

1.2.9.4. RAID storage explained

1.2.10. Physical

1.2.10.1. ASIS Security Toolkit

1.2.10.2. ASIS Executive Documents

1.2.10.3. CIA's The World Factbook

1.2.10.4. Security Management Online

1.2.10.5. Protection of Assets (POA) Manual

1.2.10.6. Lock Picking

1.2.10.6.1. Definitive Guide

1.2.10.7. Physical Security in Mission Critical Facilities

1.2.10.8. Monitoring Physical Threats in the Data Center

1.2.11. Telecom

1.2.11.1. Sniffing

1.2.11.1.1. Tools - Free

1.2.11.2. URL Filtering

1.2.11.2.1. Google translator as proxy to by-pass restricted sites

1.2.11.3. Immunity Resource - Papers

1.2.11.4. MIDCOM (MiddleBox Communication)

1.2.11.5. Network Role Based Security

1.2.11.6. Combining NetFlow with Security Information Management systems

1.2.11.7. DDoS

1.2.11.7.1. Can service providers prevent DDoS attacks?

1.2.11.7.2. Block and reroute denial-of-service attacks

1.2.11.8. Wireless

1.2.11.8.1. WPA

1.2.11.8.2. The Opportunities and Challenges Associated With Wi-Fi Deployment

1.2.11.8.3. Eleven Myths about 802.11 Wi-Fi Networks

1.2.11.8.4. Ultimate guide to enterprise Wireless LAN security

1.2.11.8.5. The six dumbest ways to secure a wireless LAN

1.2.11.8.6. Hack most wireless LANs in minutes!

1.2.11.8.7. ASLEAP - Cisco LEAP Cracking Tool

1.2.11.8.8. WEP: Dead Again

1.2.11.9. VoIP

1.2.11.9.1. IP Telephony Pocket Guide

1.2.11.9.2. Investigate and implement Session Initiation Protocol (SIP) gateways

1.2.11.9.3. SIP Server: Technical Overview

1.2.11.9.4. Successfully Deploy and Maintain VoIP with these Best Practices

1.2.11.10. The OSI Model: Understanding the Seven Layers of Computer Networks

1.2.11.11. TCP/IP Fundamentals for Microsoft Windows

1.2.11.12. DNS Step-by-Step Guide

1.2.11.13. Microsoft Windows Server 2003 TCP/IP Implementation Details

1.2.11.13.1. This white paper describes the implementation of the TCP/IP protocol stack in the Microsoft® Windows Server™ 2003 family and is a supplement to the Windows Server 2003 Help and Support Center and Technical Reference documentation. This white paper contains an overview of TCP/IP in Windows Server 2003 features and capabilities, a discussion of protocol architecture, and detailed discussions of the core components, network application interfaces, and critical client components and services. The intended audience for this paper is network engineers and support professionals who are already familiar with TCP/IP. Except where noted, the TCP/IP implementation for Windows® XP is the same as that for Windows Server 2003.

1.2.11.14. Firewall

1.2.11.14.1. 10 things you should look for in a desktop firewall

1.2.11.14.2. Application Firewall Overview

1.2.11.14.3. A firewall checklist

1.2.11.14.4. Firewall Performance Testing Methodology

1.2.11.14.5. Firewall failure plan checklist

1.2.11.15. IDS/IPS

1.2.11.15.1. IPS - Types of Signature

1.2.11.15.2. IPS Topics on searchsecurity.com

1.2.11.15.3. Evading NIDS, revisited

1.2.11.16. How Does Ping Really Work?

1.3. Specific

1.3.1. Career

1.3.1.1. CISSP

1.3.1.2. CISA

1.3.1.2.1. Exam Self Assesment dari ISACA

1.3.2. Assurance

1.3.2.1. Audit & Assessment

1.3.2.2. PenTest

1.3.2.2.1. Tools - Open Source

1.3.2.2.2. Wi-Fi hacking, with a handheld PDA

1.3.2.2.3. NIST 4-Stage Pen-Testing Guideline

1.3.2.2.4. FoundStone's Pen-Testing Methodology

1.3.2.2.5. OSSTMM

1.3.2.3. Log Analysis

1.3.2.3.1. Tools - Open Source

1.3.2.3.2. Tools - Commercial

1.3.2.4. No-Tech Hacking

1.3.3. Awareness

1.3.3.1. Ethics

1.3.3.2. Social Engineering

1.3.3.3. Tips

1.3.3.3.1. Security Awareness Content for Managers

1.3.4. SCADA

1.3.4.1. LOGIIC Correlation Project

1.3.4.1.1. The LOGIIC Correlation Project was a 12-month technology integration and demonstration project jointly supported by industry partners and the U.S. Department of Homeland Security (DHS). The project demonstrates an opportunity to reduce vulnerabilities of oil and gas process control environments by sensing, correlating and analyzing abnormal events to identify and prevent cyber security threats. The project partners will: * Identify new types of security sensors for process control networks * Adapt a best-of-breed correlation engine to this environment * Integrate in test bed and demonstrate * Transfer technology to field operations

1.3.5. Security Guide

1.3.5.1. Security Technical Implementation Guides (STIGS)

1.3.5.2. NSA Security Guides

1.3.5.2.1. All Current Security Guides

1.3.5.2.2. Archived Security Guides

1.3.5.3. Center for Information Security (CISecurity)

1.3.5.4. NIST Checklists Program for IT Products

1.3.6. Various Stories

1.3.6.1. Slashdot Security Stories

1.3.6.2. Aircraft Remote Control

1.3.6.3. 45 millions Credit-Card Data Went Out Wireless Door - TJX case

1.3.7. Various Tools

1.3.7.1. List of Mgmt tools for Enterprise SysAdmin

1.3.7.2. Online

1.3.7.2.1. Process Library

1.3.7.3. Keymail the KeyLogger

1.3.7.3.1. An E-mailing Key Logger for Windows with C Source.

1.3.7.4. MadMACs

1.3.7.4.1. MAC address spoofer

1.3.7.5. Brutus

1.3.7.6. Pentest Download

1.3.7.6.1. Oracle & Bluetooth

1.3.8. Vulnerability

1.3.8.1. Database

1.3.8.1.1. National Vulnerability Database (NVD)

1.3.8.2. Fuzzer

1.3.8.2.1. (L)ibrary (E)xploit API - lxapi

1.3.8.2.2. Mangle

1.3.8.2.3. SPIKE

1.3.8.2.4. PROTOS WAP

1.3.8.2.5. PROTOS HTTP-reply

1.3.8.2.6. PROTOS LDAP

1.3.8.2.7. PROTOS SNMP

1.3.8.2.8. PROTOS SIP

1.3.8.2.9. PROTOS ISAKMP

1.3.8.2.10. RIOT & faultmon

1.3.8.2.11. SPIKE Proxy

1.3.8.2.12. Tag Brute Forcer

1.3.8.2.13. FileFuzz

1.3.8.2.14. SPIKEFile

1.3.8.2.15. notSPIKFile

1.3.8.2.16. Screaming Cobra

1.3.8.2.17. WebFuzzer

1.3.8.2.18. eFuzz

1.3.8.2.19. Peach Fuzzer

1.3.8.2.20. Fuzz

1.3.9. Video

1.3.9.1. Tutorial

1.3.9.1.1. The dangers of Ad-Hoc networks in Windows XP SP2

1.3.9.1.2. Hacking Mac OS X - A Case Study

1.3.9.1.3. Hacking SQL in Linux using the SecureState Swiss Army Knife

1.3.10. Threats Monitor

1.3.10.1. The security risks of Google Notebook

1.3.10.2. 10 emerging malware trends for 2007

1.3.10.3. Google Desktop gets scarier

1.3.10.3.1. How to tame Google Desktop

1.3.11. Cyberwar

1.3.11.1. DoD's Report on China Military Power

1.3.11.1.1. News

1.4. Mix-Resources

1.4.1. MITRE.org Projects & Links

1.4.1.1. complete index

2. Common Tools

2.1. Portable

2.2. Installer

2.3. Online

2.3.1. Mind Mapping

2.3.1.1. 3 Web-based Mind Mapping Tools Review

3. E61i

3.1. NokSync

3.1.1. NokSync is a Thunderbird extension. NokSync synchronizes contacts between Thunderbird and a NOKIA phone. NokSync will * read one or more Thunderbird address books * read the phonebook in a NOKIA phone (using cable, infrared or bluetooth connection) * compare the two, and suggest updates to bring them into synchronization * let the user change the suggestions to synchronize exactly as he wishes * update contact information in Thunderbird address books and the NOKIA Phone accordingly NokSync is free, open-source software.

3.2. Goosync

3.2.1. Synchronize your Google Calendar with your mobile phone or PDA. Goosync will seamlessly synchronize almost any mobile device with your Google Calendar. It's quick and simple, sign-up and start syncing.

3.3. Themes

4. New node

5. New node

6. New node

6.1. Products

6.1.1. Universal Command Guide for Operating Systems

6.1.2. Microsoft

6.1.2.1. Tools

6.1.2.1.1. Sysinternals

6.1.3. VMware

6.1.3.1. Untitled

6.1.3.2. Lots of Vmware Links....

6.1.3.3. VMguru

6.1.3.4. ESX Server Supported Hardware Lifecycle Management Agents

6.1.3.5. Virtual Tricks

6.1.3.6. VMworld 2006 Conference Sessions

6.1.3.7. Create VM using VMware Player

6.1.3.8. Success Stories

6.1.3.9. Forum: VMware Infrastructure: Virtual Machine and Guest OS

6.1.3.10. Problems

6.1.3.10.1. Windows Vista Enterprise (official release) install issues on ESX 3.0.1

6.1.3.10.2. Cross LUN file operation performance

6.1.4. Asterisks

6.1.4.1. Reference

6.1.4.1.1. synsip.eu > References