Links úteis

Coletânea de links com informações sobre Segurança

• http://www.rnp.br/cais/
  • O Centro de Atendimento a Incidentes de Segurança da Rede Nacional de Ensino e Pesquisa atua na detecção, resolução e prevenção de incidentes de segurança na rede RNP2. Criado em 1997, o CAIS também divulga informações e alertas de segurança e participa de organismos internacionais na área.

• http://cbl.abuseat.org/
  • O CBL coleta spams atraves de ferramentas automatizadas, e inclui em sua lista-negra somente IPs que foram detectados como sendo open-proxies. Mesmo sem revelar os metodos de coleta ou informacoes sobre os spams, os dados divulgados pela CBL sao considerados confiaveis, sendo utilizados por diversos grupos de seguranca no combate ao envio de spams.

• http://www.ipok.com.br/
  • O IP OK dispõe de aplicações online para análise e verificação de domínios e servidores.

• http://cartilha.cert.br/
  • A Cartilha de Segurança para Internet contém recomendações e dicas sobre como o usuário pode aumentar a sua segurança na Internet. O documento apresenta o significado de diversos termos e conceitos utilizados na Internet e fornece uma série de procedimentos que visam melhorar a segurança de um computador.

• http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/en-US/Security_Guide/
  • RedHat Enterprise Linux 4 Security Guide

• https://twiki.grid.iu.edu/bin/view/Security/WebHome
  • OSG Security twiki

• https://twiki.grid.iu.edu/bin/view/Security/SecureEmail
  • The OSG security team has created a PGP key for security at opensciencegrid dot org. Official announcements from the security team are digitally signed by this key so recipients can verify message authenticity. When sending sensitive information to the OSG security team, messages should also be encrypted using this key. Further details, including instructions on verifying digitally signed messages and encrypting messages are available on the above link.

• http://security.web.cern.ch/security/
  • CERN Computer Security Information

• http://www.spamhaus.org/
  • Spamhaus tracks the Internet's Spammers, Spam Gangs and Spam Services, provides dependable realtime anti-spam protection for Internet networks, and works with Law Enforcement to identify and pursue spammers worldwide.

• http://www.us-cert.gov/
  • The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors. Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.

• http://www.cert.org/
  • The CERT® Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University in Pittsburgh, Pennsylvania. Following the Morris worm incident, which brought 10 percent of internet systems to a halt in November 1988, the Defense Advanced Research Projects Agency (DARPA) charged the SEI with setting up a center to coordinate communication among experts during security emergencies and to help prevent future incidents. This center was named the CERT Coordination Center (CERT/CC).

• http://ciac.llnl.gov/ciac/
  • The Computer Incident Advisory Capability has been providing the U.S. Department of Energy with incident response, reporting, and tracking, along with other computer security support since 1989. CIAC is a founding member of GFIRST, the Government Forum of Incident Responders and Security Teams and FIRST an international incident response and security organization.

• http://www.auscert.org.au/1935
  • AusCERT (Australian Computer Emergency Response Team) UNIX and Linux Security Checklist

• http://sectools.org/
  • Top 100 Network Security Tools

• http://www.honeynet.org/
  • The Honeynet Project is an international, non-profit research organization dedicated to improving the security of the Internet at no cost to the public.

• http://www.sans.org/
  • The SANS (Sysadmin, Audit, Network, Security) Institute is the most trusted and by far the largest source for information security training and certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security.

• http://www.linuxsecurity.com/
  • LinuxSecurity was first launched in 1996 by a handful of Open Source enthusiasts and security experts who recognized a void in the availability of accurate and insightful news relating to open source security issues. Led by Dave Wreski, who currently serves as chief executive officer of Guardian Digital, this group has grown into a global network of collaborators who devote their time to gathering and publicizing the latest security news, advisories and reports relevant to the Linux community.

• http://www.securityfocus.com/
  • SecurityFocus is the most comprehensive and trusted source of security information on the Internet. SecurityFocus is a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

• http://www.bastille-unix.org/
  • The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. Bastille can also assess a system's current state of hardening, granularly reporting on each of the security settings with which it works.

• http://www.puschitz.com/SecuringLinux.shtml
  • Securing and Hardening Red Hat Linux Production Systems: this article is a practical step-by-step guide for securing Linux production systems. It discusses basic Linux Security requirements for systems that need to pass various audits in an enterprise environment.

-- RogerioIope - 19 Jun 2008