TCSEC Orange Book Summary





IT Security Sites



Security Organizations


Chronology of Data Breaches


Security Tools

LiveAmmo Security Tools Directory


SSH Links


Certificate CA


Security Information

Security Files/Programs



NIST Links


DR / Business Continuity


Anti Virus / Malware

Ad-aware Plus







Database Monitoring


Firewall Sites


Security Vendors

RSA Bedford,MA office entrance



home mail contact us site map

(ISC)2 CISSP Security certification

Security Configuration Guides - hardware, OS, applications

SANS Institute - security policies * TOP SITE *


Privacy Rights ClearingHouse

ASIS International - CPP certification

Internet Storm Center - intrusion detection log reports

InfraGard - information sharing (government & business)

Information Systems Security Association (ISSA)

Center for Internet Security - methods, tools, and measures

Alerts, Advisories, and summaries - corrective measures

CERT Virtual Training Environment Public Access (Training)

US Computer Emergency Readiness Team (est. 2003)

List of Common Vulnerabilities and Exposures (CVE)

Trusted Assessment/Evaluation Program (TTAP/TPEP)

Rainbow Series Library (DoD Guides/Criteria)

UK ITSEC / Common Criteria Assurance

European Union (EU) ITSEC / Common Criteria and Methods

Common Criteria (CC) Support Environment

Security Forum - Open Group

Computer Security Institute

Honeynet Project - OpenSource research (Linux CD)

Security infrastructure monitor - Framework

Network Security Library (Policies / Rainbow)

Security Web Site


Radius protocol server, Demon for UNIX OS

OpenLDAP software, Java LDAP class libraries

Kerberos Network Authentication Protocol


IP Video Surveillance News and Reviews

Biometric Consortium

VOIP Security Alliance - VoIP Tools



Google Hacking Database (GHDB)

Geographic IP address locator

Network security - Log Analysis, Net Monitoring

Audit log & Syslog receiver - Windows (OpenSource)

IPS Testing - Bidirectional replay saved tcpdump dumpfiles


Windows password cracking software

Web application security assessment tool

Password security explorer (Audit tool)

Network security related tools / projects

Open source security - MSyslog (Python)

Immunity security - (GNU) Public Software

Security tool - NMAP distribution

TL Security - List of backdoors and Trojans

Security / Cryptography / Reference software

Live Ammo Security - Tools / Services

WLAN, Bluetooth and bootable Auditor ISO CD

eEye SecureIIS Firewall / Security Scanners

UNIX remote security scanner, (Client/Server) - Free (*)

Security & Hacking Community resources

Extensive data recovery / forensic tools

Network Infrastructure Parser (NIPPER) - open source

Wireless Client Security Tools - KARMA



SSH Protocol creator - tech information

OpenSSH encryption terminal session tools - secure telnet, ftp

SSH clients/Servers - Windows, UNIX, Java, Others

Building Linux SSH jump points - Instructions



PKI and trusted Certificate Authorities (CA) Listing

Certificate Authority (CA) - Thawte (SSL)



MIT Freeware distribution center PGP site - Encryption

Library of SECURITY information

National Center for Education Statistics - Safeguarding IT - Network Security

Security information relating to locks and safes


Fred Cohen & Associates - Strategic Security & Intelligence

IWS - Information Warfare Site - Security Issues

A Cryptographic Compendium

AES encryption, encodes into the background of other files

Information Security Resources - Idaho State University

Security Portal for Information System Security

Provides cryptography technology & services to companies

AES algorithm (Rijndael) information - NIST

SKIP - Simple Key Management for Internet Protocols

Security news, vulnerabilities and many tools

Security Risk Analysis information / software

National Security Institute - Reference Library

Bureau of Industry and Security - US Dept of Commerce

Interpol - Information Security crime section

DSS - Defense Security Service (DoD agency)


XSS (Cross Site Scripting) Cheat Sheet (filter evasion)



NIST - Computer Security Resource Center (CSRC)

NIST - Computer Forensic Tool Testing Program (CFTT)

NIST - ICAT Vulnerability Searchable Metabase

NIST - online NIST Security Assessment Tool

NIST - Security PDF Publications



Disaster Recovery World - Impact / Planning

DRI (Disaster Recovery) International

Disaster Recovery Journal

SUNGARD Availability Services

IBM Business Continuity and Recovery Services

FEMA Business Recovery Checklist



McAfee Antivirus Software & IPS

Sophos Antivirus, Anti-spam

Trend Micro - Antivirus, Anti-Spam

Symantec "Norton" Antivirus, anti-spyware, endpoint

F-Secure Antivirus and security tools

CA Antivirus Enterprise "eTrust"

AVG Free Antivirus & Antispyware

Anti-spyware product, scans in real time

Another Anti-spyware product

Anti-Malware - freeware


AV-Test testing lab - independent

Free Antivirus and Anti-Malware resources


raw (i.e. dd, 512-bytes), Expert Witness EWF (i.e. EnCase)

AccessData Forensic Toolkit (FTK)

ASR Data SMART - Storage Media Analysis Recovery Toolkit

Basis Technology - Odyssey Digital Forensics

The Coroner's Toolkit (TCT) - UNIX system tools

Guidance Software - EnCase

John the Ripper - password cracker (open source)

Logic Cube - Forensic Dossier (Drive Duplication)

Online Digital Forensic Suite (live computers)

Paraben P2 - Handheld devices

Scalpel - file carver

Sleuth Toolkit (command lines) - open source

X-Ways Forensics


Helix - Detect, Identify, Analyze, Preserve and Report



US Copyright Office - Library of Congress

US Patent and Trademark Office - Dept Commerce

Electronic Frontier Foundation (EFF)



Database auditing / assessment - AuditDB

Database security / monitoring - appliance based

Database Activity Monitoring - SecureSphere

Database Activity Monitoring - Mantra

Database auditing - DB Audit

Database auditing/alerting - SQL Compliance Manager

Database Activity Monitoring - NitroView DBM

Database Audit Controls - IPLocks Audit Control

Hedgehog Real-Time Database Monitoring



CheckPoint Firewall-1/VPN software vendor

Independent CheckPoint Firewall/VPN FAQs, Links, downloads


Microsoft Internet Security & Acceleration Server (ISA)

Cisco PIX 500 Series Firewalls

Cisco PIX software LOG messages (Ver 6) PDF

Mission Critical Systems - Security Vendor



Network Management/Security software tools

Security software and services

Application Security - Fortify

Abagnate - Anti-Check Forgery

Security training/compliance - "For Your Eyes Only"

AirMagnet's wireless LAN planning / management tools


Security products - enVision, SecureID, ...





Patents protect inventions and improvements to existing inventions.
Copyrights cover literary, artistic, and musical works.
Trademarks are brand names and/or designs which are applied to products or used in connection with services.
Two key pairs per user (called dual-key support).
One pair for encryption and one for digital signatures (non-repudiation)
Any material furnished by Nickerson Consulting Group,, is furnished on an "as is" basis. Nickerson Consulting Group makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Nickerson Consulting Group does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.


copyright 2009 created by