Computer and Internet Security, Firewalls, Authentication, Policy
Advisories & Patches
CERIAS - Center for Education
and Research in Information Assurance and Security. University center for multidisciplinary
research and education in areas of information security.
US-CERT - Established in 2003
to protect the nation's Internet infrastructure, US-CERT coordinates defense
against and responses to cyber attacks across the nation.
Apache HTTP Server Vulnerability
Lists - Lists of security problems fixed in released versions of the Apache
AusCERT - Australian Computer Emergency
Response Team. Advisories and tools.
Bugtraq - Independent source
for security vulnerabilities, alerts, and threats.
CERT Coordination Center - Studies Internet security
vulnerabilities, provides incident response services to sites that have been the
victims of attack, publishes a variety of security alerts, researches security and
survivability in wide-area-networked computing, and develops information to improve
Computer Incident Advisory Capability
- CIAC publishes security bulletins and virus and hoax information. They provide
computer security assistance to US Department of Energy (DOE) sites.
eVuln - Original source of responsible open source
FrSIRT - Provides security advisories
and real-time information about vulnerabilities, exploits, and threats. Sponsor
of the Common Vulnerability Scoring System (CVSS).
ISS X-Force - Security alerts,
advisories, and alert summaries from ISS.
Linux Security Group - Security Advisories,
Anti Hackers, programming books and related links.
Makesecure.com - Network security news,
alerts and updates
New Zealand Computer Emergency Readiness Team
- Security Alerts and Advisories
Open Source Vulnerability Database - Searchable
database of vulnerabilities. Offers data for download in XML format as well as via
website. Details of how to submit new vulnerabilities, database schema and FAQ.
Center - Tips, tools, and technologies to keep Oracle products safe, secure,
Patch Management Forum -
Mailing list facilitates networking and information exchange related to patch management:
announcements, testing, verification, operations processes, and vulnerabilities.
PatchAdvisor - Fee based patch alert service.
PatchEasy - Software vendor for patch management.
Patchlink Corporation - Software vendor for
cross platform patch management.
PatchManagement.org - Mailing list
dedicated to the discussion of patch management.
SANS Internet Storm Center - Cooperative cyber
threat monitor and alert system. Features daily handler diaries that summarize and
analyze new threats and events.
Secunia - Provides security advisories and information
about patches, and provides software for vulnerability management.
Secure Elements - Software vendor for
IS technical control auditing, vulnerability management, and compliance. Provides
advisories via XML and RSS, and fully supports OVAL and XCDDF XML standards for
compliance and vulnerability functions.
- Software vendor for patch management of operating systems and applications.
DeepSight Threat Management System - Fee based security alert service that
provides early warning of active attacks.
VulnWatch - Computer security vulnerability
disclosure mailing list
BioPassword - A software-based technology
that learns and verifies unique typing patterns. Includes an introduction to biometrics
and keyboard dynamics.
Dos and Don'ts of
Client Authentication on the Web - Paper by Kevin Fu, Emil Sit, Kendra Smith,
and Nick Feamster. In the Proceedings of the 10th USENIX Security Symposium, Washington,
D.C., August 2001. [PDF]
Finally Software - Enterprise security
solutions based on PKI and Kerberos. Also offer a secure terminal emulator for connecting
to Unix servers from Windows. Product information and downloadable evaluation software.
Flicks Software - Software password protects
web content (Windows NT / 2000). Free trial downloads available.
iDEX Systems, Inc. - Java-powered iButton based
personal identity management security services and digital certificate authentication
for secure logon, secure messaging, and digital signatures.
IIS User Authentication Tutorial
- Information on various methods for WWW password protection using Internet Information
Server (IIS). Text-based tutorial with some screenshots.
iisPROTECT - Functions with Internet Information
Server to secure web sites. Includes live demo.
Intertrust Technologies Corporation - Develops
general purpose digital rights management platform which serves as foundation for
providers of digital information, technology and commerce services to participate
in a global system for digital commerce. (Nasdaq: ITRU).
I/O Software - Provider of software solutions,
including biometric solutions. Site includes product descriptions and technology
M-Tech Information Technology, Inc. - ID-Synch,
identity management software for managing user administration processes. Product
information, customers, press releases and contact details.
NMA, Inc. - ZSentry two-factor authentication
solution. Product information, white papers and contact details.
Open Systems Management - Password synchronization
and role based access control across UNIX, Windows NT and resident applications.
Site contains FAQs.
- Paper by M. Bishop, 1991. Discusses problems of password selection and password
management, and identifies relevant techniques. [PDF]
Pluggable Authentication Modules
- Sun's official PAM documentation. Programmer documentation and source code.
A Proactive Password Checker
- Paper by M. Bishop, 1991. The author describes a technique, and a mechanism, to
allow users to select passwords which to them are easy to remember but to others
would be very difficult to guess. [Postscript]
Proginet Enterprise Software - Password synchronization,
enterprise-wide access control management and managed file transfer software.
Remote User Authentication in Libraries
- Comprehensive collection of resources for libraries and universities. Includes
links to software and some links of interest to non-librarians.
RSA Security - Products include token-based
one time password systems and single sign on systems. Site contains information
SAFLINK - Offer a range of identity management
solutions based on tokens, smartcards and biometrics. Headquarters in Bellevue,
Secure Remote Passwords - Software integrates
into existing networked applications. Secure telnet and FTP available. Open source.
User and technical documentation as well as source code.
SecureUser.net - Providers of tools to
e-commerce developers. Site includes a technology explanation and case studies.
Theory of Identification
and Authentication - History and development of mechanisms and techniques.
Unisys - Makers of several related products.
Site includes rationale as well as comprehensive usage information.
Vasco - Makers of both software and hardware
systems. Demos, case studies and product information.
AMAG Technology, Inc. - Manufacturer of card
and biometric access control systems, with distribution worldwide. Includes articles
and descriptions of products.
Bioidentification - FAQ covering
basic information, performance, implementation, and security.
Biometric Resource Center - Biomet.org brings
together a diverse and comprehensive selection of biometric information. It provides
an extensive web resource for biometric news, products, companies and analysis.
The Biometrics Catalog - A US-government
sponsored database of information about biometric technologies including research
and evaluation reports, news articles, vendors and consultants, government documents
and legislative text.
Biometrics comes to life
- "Fingers, hands, eyes, face, voice, all are in use and could relegate PIN-based
security to history" (Orla O'Sullivan, senior editor/technology - ABA Banking
Exim21.com - Korean site offers biometric and
proximity RFID system for access control and time attendance applications.
Glossary of Biometric Terms (1999)
- Glossary compiled by the International Association for Biometrics (iAfB) and International
Computer Security Association (ICSA)
in Information Systems: Management Challenges and Public Policy Issues -
Idex - Offers fingerprint recognition
solutions. Includes a primer on biometric technologies.
Biometric Group - Collection of technology reports, testing results and
Technical Committee M1: biometrics standards
- M1's members are engaged in the rapid development and approval of formal national
and international generic biometric standards. Membership is open to all interested
Biometrics - Face Recognition
Evaluation of Face Recognition Algorithms
- An online resource for face recognition researchers that provides a standard set
of well known algorithms and experimental protocols with which novel algorithms
can be compared.
Face Detection and Face Recognition - Face
detection and recognition software project includes an online demo of the algorithm,
links to free software libraries, and a list of existing facial databases.
Face Detection Homepage - For information
and material on the task of detecting faces.
Face Recognition Homepage - Aims to provide
scientists with the relevant information in the area of face recognition. It is
intended to be an information pool for this community.
Facial Expression Resources on
the Web - Links to resources for research on facial expressions.
State University - Laboratory for Computational Vision - Research project
about the geometrical representations of faces.
Libface Project - Aims at developing
an open-source, cross-platform library implementing a variety of face recognition
Biometrics - Fingerprint Recognition
Global Analytic Information
Technology Services - Overview of fingerprint recognition technology.
Network Fingerprint Attendance
Control - Offers a networked version of a fingerprint door access system
that manages numerous access points.
OPTEL Fingerprint Creator
- Based on mathematical description of arrangement of dermatoglyphics and creation
of minutiae. Has example pictures of minutiae points, demonstration program, and
commentary on the production of synthetic images.
Antheus Technology - Agora - Extracts
minutiae points and classifies prints into classes. Has ActiveX and DLL's available.
Biometrix - Recognition algorithm,
developer tools. Has Windows login software, BioCheck search engine SDK for Win2K/XP,
and other software.
Count Me In, LLC. - Time and attendance
tracking and door access control software. [Windows]
Free Fingerprint Imaging Software -
Has pattern classification, minutiae detection, Wavelet Scalar Quantization(WSQ)
compression, ANSI/NIST-ITL 1-2000 reference implementation, baseline and lossless
jpeg, image utilities, and math and neural net libraries. All source code in C.
Identix - BioEngine SDK
- Toolkits and sample code provide verification (one-to-one) and identification
(one-to-many) matching capabilities. Has image acquisition library, quality control
library, processing library, search library, and demo applications.
Archives - WSQ - The FBI/Yale/Los Alamos Wavelet-packet Scalar Quantization
compression algorithm, for Windows 3.1 or higher. He Ouyang and M. Victor Wickerhauser
Washington University in St. Louis. Has Binary only freeware 'wsqwin.exe'
and 'read.me' archived in zip format.
NIST - WSQ Image Compression
Certification Guidelines - Provides technical document about the Wavelet
Scale Quantization standard. Describes the processes and procedure for obtaining
FBI certification of implementations for compliance with the specification.
NIST Fingerprint Image Software
(NFIS) - Software designed to facilitate and support the automated manipulation
and processing of fingerprint images. Includes a neural-network based pattern classification
system, a minutiae detector, a reference implementation of the ANSI/NIST-ITL 1-2000,
and general-purpose image utilities.
Biometrics - Iris Recognition
Biometric Group - Iris recognition technology primer.
Iris Recognition - Information, resources,
databases and links about the human iris as a biometric trait, including identification.
- FAQ covering what cryptography is, explanations of terms, tools and techniques
used, applications of cryptography and related laws.
ArticSoft - PGP-based file and email encryption
and digital signature software.
Averina Software - Library for Authenticode
signing and verification of executable files, drivers, catalogs and scripts.
Bloombase Technologies - Encryption for enterprise
storage systems/databases, email and Service Oriented Architecture (SOA).
CipherActive - Designer of software that
accelerates public key cryptography.
CopySafe - Software system for
the protection of online website content. Plugin allows viewing of encrypted images
on end-user system, while disallowing saving of images.
Cryptomathic - Encryption and authentication
products including EMV card preparation systems.
Cryptzone - EAL2 and ITSEC E1 certified encryption
of files, hard drives, USB memory sticks and email.
Data Encryption Information Center
- A comprehensive site that guides ordinary users and students around the subject
of data encryption.
DESlock+ - Transparent encryption of files,
folders and emails with an optional USB token. Supports AES, 3DES and Blowfish algorithms.
Digital Security International - Backup
tape drive encryption hardware. Product and company details, news and contact information.
Distributed Management Systems Ltd. - Manufacturer
of user authentication tokens, including a CESG-certified version for UK Government
DISUK Limited - Supplier of data encryption devices
for tape backup and archive drives.
DOMUS IT Security Laboratory - Accredited
laboratory evaluates and certifies security and cryptographic products against Common
Criteria, FIPS 140 and INTERAC (SPED).
Encryption Software Inc - Public key encryption
add-ons for a selection of instant messenging programs. Also offer elliptic curve
cryptography (ECC) libraries.
for Oracle - Offering data encryption software for the Oracle RDMBS. The
Encryption Wizard can perform DES3 Encryption and obfuscation on a complete schema.
Ingrian Networks - Offers a security appliance
that encrypts critical data in applications and databases.
MCSoft Security Solutions - Offers cryptography
and wipe software.
Navastream - A leading provider of encryption
devices for IP, ISDN, Email, and Cellular Communications, using Triple-DES and the
newer AES standards.
Pate Williams' Implementations
- Cryptographic algorithms in C, C++, Java and other programming language.
PMC Ciphers Inc. - Company offering "polymorphic
cryptography" i.e. variant algorithms and potentially huge keys.
Pointsec Mobile Technologies
- Develops and markets access-control and encryption systems for desktops, notebooks,
PDAs and smartphones.
Red Iron - Software to encrypt credit card
data between retail Point Of Sale, back-office and enterprise systems.
Sigaba - Secure e-mail, instant messaging and
document transmission. Product details, news, customer portfolio, support options
and contact information.
Utimaco Safeware AG - Supplier of disk, file
and email encryption software, FIPS-certified hardware security modules and systems
for lawful interception of telecommunications.
Voltage Security Inc. - Identity-based elliptic
curve encryption for email, application data, laptops, removable storage devices
and network shares.
Winzap - File, photo and email encryption software.
Free demo download available.
xyzmo Software GmbH - Software to add digital
signatures to electronic documents.
Cryptography - File Encryption
AWAY32 - Encryption with viewer and digital
signature that keeps pictures, data, and text private.
ccrypt - Command-line file and stream
encryption utility based on Rijndael, designed to replace crypt. Open source and
CHAOS' doors - CHAOS' doors can
compress the files and folders before encrypting them, giving additional security
to your information.
CipherPack - CipherPack compresses and enciphers
files using industrial strength cryptographic techniques and then 'packs'
them with the decompression and deciphering code. Use as a standalone utility or
CryptDecrypt - File and folder encryption
utility supporting AES, GOST, 3DES, RC2, RC4 and Windows data protection API.
Cryptosystem ME6 - Provides
ME6, a Windows program for the encrypting and decrypting multiple files in multiple
folders using a proprietary cipher with a 500-bit symmetric key.
DRM Networks, LLC - Providing solutions
for online digital rights management across multi-platform networks. Allows content
owners to securely package digital files for distribution, by encrypting the content
with a key.
Ecoded.com - Provides EC3, a free program using
a proprietary cipher with key sizes ranging from 256 bit to 65536 bits.
Encryption Protection - Encryption
Protection encrypts files, folders, and email using 128, 256, or 448 bit keys. Also
includes file shredder. [Windows]
File Locker - Software that allows users
to lock access to files on their system, also offer encryption and decryption of
non-binary files. [Windows]
Innersafe - Enables existing software to
use encrypted files, without sending decrypted data to disk. Supports AES, Twofish,
HMAC, PBKDF2 and limited anti-keylogger.
Interfuse Technology - Automated encryption
and decryption of Windows document files. Also provides Digital Rights Management.
Invisible Secrets - Encrypts and hides
data, destroy Internet traces, shred files, make secure IP to IP password transfer
and even lock any application on the computer.
KFileCoder - C++ open source Linux
KDE file encryption utility with optional bzip or gzip compression, using the PC1
algorithm with 128-bit keys (one key per file in the archive).
Kremlin Encryption Suite - File encryption
and deletion software with a choice of encryption algorithms and a royalty-free
Software Development Kit to cryptographically-enable other programs.
LexiGuard - File protection
software that supports most common encryption algorithms. Can generate own keys
and certificates or import them from other PKI vendors. Includes emergency key recovery
Mathematical Modeling, Inc. - Dynacrypt
Version 2.0 allows you to encrypt files, directories, and words, sentences or text
in files or word processors at maximum encryption strength.
MAXA Research Int'l Inc - Software for
encryption, steganography, Word file cleaning, cookie cleaning etc., in German,
English or Spanish.
Meganet Corporation - Offers data security
solutions using proprietary encryption called Virtual Matrix Encryption. Products
for laptop, desktop, and corporate privacy include VME2000, VMEmail, Fast Encryption
Software Developer Kit and VME Secure web tools.
Nscrypt - File encryption utility, integrates
with Windows explorer interface. [Windows, Freeware]
OmniSecure - Produces file level protection
products for web servers and file servers using our patented Virtual Private Disk
The OTP Scrambler
- An encryption utility based on the uncrackable one-time pad method. Its unique
feature is the ability to generate large truly random keys from analog noise in
the circuits of your sound card. Source included with registered copy.
PowerKey - Encryption toolkit designed
to protect sensitive data. Features secure deletion (Wipe) option to avoid restoration
of sensitive data. Product specifications, FAQs, and downloads.
PrivacyCrypt - Information and DLLs to
assist the implementation of DES and RSA cryptographic subsystems.
RS-Computer - Disk Crypt encryption "on
the fly" creates a virtual disk on your system (cryptdisk). (Keyfile) and a
highly secure passphrase process.
SATA Hi-Tech Services - Biometric and
autorun USB tokens for secure authentication and data encryption. Italian and English
- File encryption utility, supporting cross-platform interoperability over a wide
range of Windows and UNIX based systems.
- Encryption software for Windows, encrypt files, e-mail text messages, sfx files,
providing encryption from command line.
Softwinter - Offers tools for transparent
encryption on Pocket PC and Windows based computers.
Wincry - Tool to password-protect and encrypt
files and folders.
Cryptography - Hard Disk Encryption
Abit SecureIDE - IDE hard drive encryption card uses DES with 40-bit key
stored on a USB dongle.
Bosanova Inc. - Storage encryption hardware
appliances which provide security for back-up data and integrated security solutions
for any platform.
Clemens Fruhwirth - Project
developing a hard disk encryption system using LUKS (Linux Unified Key Setup).
CrossCrypt - One of the few open source
disk encryption systems. This system also supports mounting Linux encrypted disk
CryptArchiver - A disk encryption system
supporting a less conventional user interface, and means of managing encrypted disk
CryptDisk.4h - It is a virtual disk based
encryption tool that runs under Windows. CryptDisk.4h uses a file as virtual logic
drive and mounts it as a real one.
Crypto CD - A comprehensive archive of cryptography
programs. Includes a lot of filesystems. (Available on CD or their ftp site)
The CryptoGraphic Disk Driver -
Short description of The CryptoGraphic Disk Driver (CGD) for NetBSD and a reference
to the FREENIX paper written about it.
Cryptop - Laptop/workstation disk encryption
software using USB tokens and intrusion detection/prevntion features, running on
a virtual operating system.
CyProtect Disk Encryption - Polymorphic on-the-fly
harddisk encryption developed by CyProtect AG. Easy to use and 100% secure. It is
possible to encrypt your data on external (USB or Firewire) and internal harddisks.
Data Encryption Systems - Sells
software protection devices, copy protection, license management and encryption
technology and anti-piracy solutions.
dLock - Hard Disk encryption kit, the hardware
solution for PC data security.
DriveCrypt - real time - hard disk encryption
- 1344 Bit, Military strong, transparent real time Hard Disk encryption.
Encryption Plus Hard Disk - Delivers full
hard disk encryption: automatic, on-the-fly data protection for your entire hard
drive. Easy centralized administration for efficient corporate use.
FreeOTFE - Free "on-the-fly" transparent
disk encryption program for both PCs and PDAs, allowing the creation of one or more
encrypted "virtual disks". Offers extensive features and full source code.
GDI Technology, Inc. - Real-time hard drive
encryption kits external TV box.
PGP - PGP products keep your confidential information
PGPDisk v6.0.2i - As of version
6.5, PGPdisk is not longer included with the freeware versions. If you want PGPdisk
6.5 or later, you are required to buy one of the commercial versions. However, v6.0.2i
is available here in both mac and pc versions.
Real-Time Hardware IDE/SATA encryption -
Enova Technology specializes in developing,manufacturing and marketing real-time
hard disk encryption chipset.
SafeBit - SafeBit features military strength
on-the-fly AES encryption, by creating virtual disk drives, where you can hide files
SafeBoot Security System - Control Break provides
encryption and security tools which are both secure, and easy to administer - designed
primarily for the large enterprise, they also offer a range of consumer verisons.
Safeguard Data Encryption Software from Utimaco
- Describes Utimaco data encryption software offerings for the U.S. market. Offerings
include full hard disk encryption, LAN security, PDA Security, file encryption,
email encryption, and hard disk partioning solutions.
SafeHouse Hard Drive Encryption
- Transparent on-the-fly encryption of logical drives for Windows 3.1, 95, ME and
ScramDisk - A hard drive encryption
program that runs under Windows 95 & 98 and provides a number of high security
ciphers including 3DES, Blowfish and IDEA.
Secure Drive 1.4
- Dos TSR program that can encrypt both floppy and hard disk partitions. Compatible
with PGP 2.x keyfles. I have used this and it works great. Unfortunately it doesn't
look like the programmer has made any enhancements to it for a while.
Secure FileSystem (SFS) for DOS/Windows
- Create and manage a number of encrypted disk volumes. Runs under both DOS and
Windows 9x. Not updated since '96
Secure Systems Limited - Supplier
of Silicon Data Vault encryption device that connects into the IDE cable and requires
a password at boot time to decrypt the hard drive. Uses 128-bit AES and is designed
to meet FIPS 140-2.
Sentry 2020 for Windows XP/W2K/NT
- The first security system that protects volumes, files, folders and programs quickly
- Disk drive that automatically encrypts all data blocks written to it and then
transparently decrypts them for any application, if logged in. Once logged out,
the special disks are completely unreadable by unauthorized users and thieves.
Stonewood Flagstone - Supplier of encrypted
hard drives from 30-120 Gb including FIPS 140-2 certified devices.
Tiasoft Security software - Encryption application
that supports encrypted logical drives.
TrueCrypt - free open-source disk encryption
- TrueCrypt can create a virtual encrypted disk within a file and mount it as a
real disk. It can also encrypt an entire hard disk partition or storage device.
Supports plausible deniability.
TurboCrypt - Creates encrypted disk drives
which can be mounted at any time.
Cryptography - PGP
International PGP Home Page - PGP Resources
outside of the U.S. and Canada. Serves as a PGP code and document repository for
the PGP user community. It also keeps up-to-date PGP news, vulnerabilities, and
PGP Corporation - Commercial PGP offerings
for multiple platforms and applicaitons.
- A way to choose a secure Passphrase for use with PGP.
DSJ Networks PGP Resources -
A superior collection of PGP annotated resources and links to include books, tutorials,
utilities, news, and articles.
IETF OpenPGP Working
Group - Provides IETF standards for the algorithms and formats of PGP processed
objects as well as providing the MIME framework for exchanging them via e-mail or
other transport protocols.
Open PGP Alliance - The OpenPGP Alliance is a growing
group of companies and other organizations that are implementers of the OpenPGP
standard. The Alliance works to facilitate technical interoperability and marketing
synergy between OpenPGP implementations.
PGP Digital Timestamping Service
- Stamper is a free digital timestamping service which uses PGP and operates via
PGP pathfinder and
key statistics - Lookup the statistics of your PGP key. The pathfinder finds
trust paths between your key and some other key in the PGP web of trust.
PGP Web-of-trust analysis - Statistics about
the position of all keys within the web-of-trust. It calculates the MSD and the
rank of the key over time.
PGP-Users Mailing List Home Page
- Home page of the PGP-Users Mailing List and many good PGP related links.
Home Page - Phil Zimmermann is the original creator of PGP and a founder
of PGP, Inc. This site offers historical PGP background and current resource links.
Robot CA - It signs PGP keys automatically.
The point is only to verify the email address on the key, not to verify the identity
of the email address's owner. Given a PGP key signed by a Robot CA, the user
knows that the key really does belong to the email address on it.
Cryptography - Steganography
Analyzing Steganogaphy Software
- Review of 12 steganography products, both freeware and commercial. Covers strength
and detectability of algorithms used.
Antiy Labs - Info Stego software is
used for embedding files within other files and encrypting them with a 128 bit secure
Concealogram - Steganographic tool
for encrypting data in images. Product information, profiles of directors and contact
CryptoBola - Supports hiding data files
in JPEG image files. FAQ, downloadable trial version and user tutorial.
Hermetic Stego - Supports hiding
data files in one or more BMP image files. Usage instructions, pricing and downloadable
evaluation copy. [Windows]
OutGuess - Freeware steganographic tools
for hiding and detecting hidden data in PNM and JPEG image formats.
Reasonably Adequate Privacy -
Steganography technique which uses the tendency of dried vegetable juices to become
colored when heated as its base technology.
Safe Soft Corporation - CHAOS Universal tool
allows the hiding of encrypted data in sound, image, and text files.
Stealth Encryption - Stealth Encryption
software hides files in images. Encrypt email attachments or sensitive data. Protect
digital art. Enter the contest. Free reader and images.
Steganography and Digital Watermarking
- Collection of papers on data hiding and digital watermarking, including countermeasures.
Xidie - Offers multiple file steganography and
encryption and secure file deletion. Product technical details and ordering information.
Queue - Article discussing steganographic techniques and methods for detecting
data hidden by them. (December 1, 2004)
Securityfocus - Article
covering what Steganography is, its applications, tools available and possible approachs
to detecting where it is being used. (April 9, 2003)
Internet Firewalls Hotlist - A comprehensive list of firewall vendors, white
papers, resources, and FAQs.
DShield - Distributed Intrusion Detection
System collects firewall log excerpts from volunteers. The logs are aggregated and
analyzed. Several reports are generated showing trends in attack sources and methods
FirewallSupport.com - Online support
service specifically focused on firewall security. Information and resources to
troubleshoot firewall problems.
The Freefire Project
- Dedicated to Users, Admins and especially Developers of IT-Security Solutions
(especially Firewalls) based on Free Software. It features a large Tool overview,
some articles on IT-Security and Web Links to other resources.
Firewalls - FAQs, Help, and Tutorials
ISC Firewalls Mailing List
- For discussions of Internet firewall security systems and related issues. Also
features searchable archives and digests.
Beginners Guide to Firewalls
and Internet Security - This article is intended to provide some basic guidelines
for securing your computer, and a better understanding of how some of these technologies
work. It is intended primarily for users of high-speed Internet connections, but
most of the article is applicable to dial-up Internet users also.
Cisco PIX Firewall - Practical Guide - Practical Cisco PIX guide based on
hands-on experience with various PIX platforms and versions.
CPUG: The Check Point User Group - A group for
Check Point Firewall-1 users and implementers. Contains the Check Point Wikipedia,
discussion groups and other useful information.
FAQ - Dartmouth College Institute for Security Technology Studies firewall
FAQ and other information and research documents in related areas.
Firewall Tutorial - A fairly
concise (< 4000 words) document for readers who want to know more about what
firewalls do. Comprehensively covers main firewall concepts and technologies.
Firewall-net - Provides security and
firewall comparisons, compare tools, configuration tips. Also includes a user forum.
Firewalls and Internet Security: Repelling the
Wily Hacker - Web site for the book Firewalls and Internet Security: Repelling
the Wily Hacker Second Edition by William R. Cheswick, Steven M. Bellovin, and Aviel
D. Rubin. Contains some sample sections and a link to the complete contents of the
Home PC Firewall Guide - Features information
on security, personal firewall software and Internet security appliances for dial-up
and broadband-connected (xDSL and cable modem) home and SOHO computers. Also offers
reviews of anti-virus and anti-Trojan products and software.
How Stuff Works: Internet Firewalls
- An introductory explanation of how a firewall works and the various filtering
methods used, with related links.
How-to setup an APF Firewall
- A how-to that covers the basics and some advanced topics of installing and configuring
the firewall, especially for CPanel users.
Security and the Internet - A portal for professionals, features links,
FAQs, tutorials, product information, magazine articles and downloads.
Interhack.net: Firewalls Frequently Asked
Questions - Features a background, basics, design, implementation issues,
port and protocol issues. By Matt Curtin and Marcus Ranum. Documents are also available
in Postscript and PDF.
Protection and Security by Firewalls Paper - General overview of firewalls
and their roles in mitigating various forms of network attacks. Includes case studies.
KnowPlace Firewalling - An overview
of firewalls and security with particular reference to firewalling with Linux 2.4
Korvan's Web - How to build an OpenBSD
firewall for use with Australian broadband ISPs (Telstra and Optus, cable &
Lenny Zeltser Firewall Discussions
- Explores the use of various firewall techniques for protecting resources according
to business requirements of multi-tier applications.
Linux Firewall and Proxy Server
HOWTO - White paper outlining the basics of firewall systems and giving
details on setting up both, a filtering and proxy firewall on a Linux based system.
Lowth.com - Linux security and related software
articles and tools.
Network Security, Filters
and Firewalls - This article is a general introduction to network security
issues and solutions in the Internet; emphasis is placed on route filters and firewalls.
It is intended as an overview. Some knowledge of IP networking is assumed, although
Outpost Firewall - The Webhiker's
Guide - Extensive guide to Outpost Firewall, with information for both inexperienced
and expert users.
Packet filter (pf) mailing list
- Mailing list for the pf firewall provided as part of the OpenBSD kernel.
Personal Firewalls - what they
can do and what they can't - One author's detailed, non-technical
article explaining personal firewalls, their abilities, uses, and li
"Personal Firewalls" are
Mostly Snake-oil - The author explains his opinion that a personal firewall
"provides no real additional security over turning off the services that you
Routing/Firewalls with Linux
- A brief straightforward tutorial on creating a simple routing firewall using Linux
and netfilter (iptables).
Gateway - This documents intends to show how to build a Firewall/Gateway
with rules set on user basis having the users authenticated by a Samba Primary Domain
Securepoint Firewall Archives -
Searchable archives of the mailing list and forums on a range of different firewalls
and related items.
SecurityDocs Firewall Reference
- A collection of whitepapers and other documents on various aspects of firewalls
such as what they are, how to choose one, and proper installation.
Shields Up: Personal Firewalls - Features
FAQs, reviews, ratings, white papers, and tools to test Internet security and firewall
vulnerabilities by Steve Gibson.
Solaris 2.6 Firewall Example
Installation and Configuration - Details the procedure to configure a secure
firewall on the Sun Solaris platform.
Q&A - A whitepaper on relevant firewall questions and answers. The knowledge
of this subject relates to firewalls in general use, and stems from NAT and proxy
firewall technology experience. Welcomes feedback and comments from any readers
on the usefulness or content.
Workable passive FTP connections through
a firewall - A general article on enabling passive FTP connections through
a firewall. Examples used in the article discuss the APF firewall and Pure-FTPD
Firewalls - Products
Aker Security Solutions - Aker Firewall, a
stateful packet filtering firewall for linux and FreeBSD. Integrages with Acker's
Crypt server and client for VPN connections.
APF Firewall - A policy based iptables
firewall system designed for ease of use and configuration. Includes information
on the firewall, downloads and related articles and software.
Astaro: Integrated Perimiter Security Software
- Astaro supplies integrated perimeter security software solutions that include
firewall, VPN, virus, surf and spam.
Bastion-firewall project -
A netfilter-based firewall configurable through config files. May be used as a normal
firewall or as a firewall script generator. Integrated with the Snort inline IDS.
BizGuardian firewall - Customized FreeBSD
based software solution to turn a Pentium class computer into a firewall. Uses a
web browser based administration and a 'wizards' type setup. Available with
or without a VPN option.
Bulwark Systems - Offers SecuraNET unified
threat management solutions.
Cequrux Technologies BV - Provides firewalland
VPN security software for internet, intranet and extranet applications.
Check Point FireWall-1 - ICSA certified
Firewall-1. Operates on NT, Solaris, HP-UX, AIX, and RedHat Linux. Integrates with
Check Point's VPN Gateway and RealSecure IDS products.
Chris Lowth Firewall and Filtering Tools - Open-source
software for firewall and network traffic filtering including peer-to-peer applications.
Clavister security Products - Offers both
software and appliance format firewall and VPN solutions as well as support and
Cyberix - Offers an integrated security system
with filtering, detection and management capabilities.
Dolphinwall. The Dynamic Firewall - Installed
in two configurations, firewall/central manager and peripheral firewall It includes
stateful packet inspection, IDS, HTTP and SMTP proxies and antivirus capability.
The firewall runs completely by CD-ROM and a USB pen-drive can be used for back-up
of the configuration.
DoorStop - Macintosh based server-level
and personal-user level software firewall, providing IP address based protection
for TCP-based services.
Endian Firewall - A Linux based security distribution
with web based management, statefull packet inspection, proxies, antivirus, antispam,
content filtering and VPN.
- A manageable business-oriented firewall and VPN software solution to protect each
IT zone according to its specific security requirements. DdMZ architecture allows
tight control in compliance with overall business policy. Available overview, FAQs,
Falcon Firewall Project - UNIX/Linux open firewall
project that intended to develop a free, secure and OS independent firewall system.
Though discontinued the project site remains for historic reference.
Firestarter Linux Firewall - A graphical
interfaced Open Source firewall for Linux.
The Firewall Toolkit (FWTK) - A set of proxies
to build a firewall. Provides information and software on building free firewall
and security solutions.
FREESCO - A small free firewall router intended
as a replacement for more costly commercial products. The name stands for FREE ciSCO.
F/X Communications - Creator of firewall and internet
dailer software for multiple operating systems.
Gateway Guardian - OEM Software and hardware
for creating firewall and VPN appliances by Merilus. Includes a profile, product
range, software downloads, and technical support.
Gibraltar Firewall - Debian/Linux based professional
Firewall solution. Includes comfortable Webinterface and IPSec VPN.
IBM SecureWay Firewall
- A mature product containing filtering, proxy, and circuit level gateway. Includes
a Network Security Auditor, VPN IPSec support and disables unsafe applications,
real-time performance statistics and log monitoring and central management capability.
Available for MS Windows and AIX.
InfoExpress - Makers of the CyberArmor
layered security architecture personal firewall. Includes a profile, product range,
product specifications, news, and software downloads.
InJoy Firewall - All-in-one multi-platform
Firewall with next-generation deep packet inspection technology. Includes IPSec
VPN, Internet gateway (NAT), remote management, IDS, virus protection and PPPoE.
Supports Windows, Linux and OS/2. Has a personal version.
InnerTek Software - Creators of the fBuilder
firewall configuration utility for Linux. Includes services, product range, client
intranet, screenshots, a profile, and forums.
Intoto Inc - iGateway Security solutions
include ICSA certified Stateful Inspection Firewall integrated with NAT & ALGs,
ICSA certified Virtual Private Network (VPN) and Network Intrusion Detection System
IP Filter - Free Linux TCP/IP packet
filter, suitable for use in a firewall environment. Presently incorporated in FreeBSD,
OpenBSD and NetBSD.
IPCop Firewall Addons - A collection of binary
addons for IPCop Firewall as well as some relevant site references.
Isinglass-hzd - Linux-based
firewalls and IsinGlass, is a script meant to make the average user's Linux
machine more secure when connected to the Internet, for example, when dialing up
via a local ISP.
Kerio Technologies UK Ltd. - Personal and
corporate firewalls and secure mailserver solutions. Product details, customer references
and on-line store.
LEAF - The Linux Embedded Appliance Firewall,
an application based on iptables, with a number of optional modules including logging
and intrusion detection.
LinuxMagic VPN Firewall -
VPN FireWall, using the highest level of encryption, and industry standard IPSEC
technology, ensures that no one can snoop your passwords or sensitive data, without
paying the costs of expensive routers and dedicated networks.
Livermore Software Laboratores, Intl. - Providing
the PORTUS products for over ten years with a perfect security record. Offers Gigabyte+
levels of performance, and is scalable from the smallest business to worldwide organizations.
LutelWall - Linux IPtables shell script
written in bash for use as a stateful firewall and NAT/masquerade router for single
or multiple subnets networks. It shares access to a internet connection from multiple
M0n0wall - A free embedded firewall software package
based on FreeBSD.
NetBoz Firewall - Working over standard FreeBSD
services, provides flexibility, ease of use and performance to corporate networks.
NetBoz is a live CD and does not use a hard disk, while all the settings are stored
on a write-protectable diskette, making it virtually inmune to intrusions and power
NetBSD/i386 Firewall Project - Free firewall
solution for people with a permanent Internet connection (e.g., xDSL or cable modem).
Packet filtering firewall and NAT based on NetBSD.
The netfilter/iptables Project - Netfilter
and iptables are building blocks of a framework inside the Linux 2.4.x and 2.6.x
kernel that enables packet filtering, network addresss [and port] translation (NA[P]T)
and other packet mangling. This enable use as a firewall and router.
NetWolves - Provides a secure Internet gateway
solution for LAN-to-Internet connectivity. Offers an ICSA-certified firewall and
IPSec VPN with client VPN support and dynamic VPN routing as well as intelligent
failover with high availability. Other filtering services are also available.
Neuberger & Hughes Easygate
- EasyGate can serve as a complete internet solution with a built-in firewall, mailserver,
webserver, proxyserver, nameserver, PPTP for teleworking and IPsec for encrypted
network linking. The product also comes solely as a firewall and VPN solution, without
- ICSA certified firewall for Novell networks. Directory-based user access to intranet
and Internet content.
Open Source Firewall for
Windows - First open source firewall for windows. Includes binaries and
sources code. For Windows 2000 and later.
pf -- Daniel Hartmeier's packet filter
- Pf is a modern packet filter with NAT capabilities. It is used in OpenBSD.
pfSense - A free firewall based on Packet
Filter (pf) and FreeBSD 6.
Phion Information Technologies - Security gateways
designed to set new standards in security, connectivity and management flexibility
in the enterprise security market. Netfence systems are not just security gateways
but intelligent traffic managers providing exceptional connection intelligence.
PortsLock - Firewall that offers user-level
access controls for Windows NT/2000/XP and Windows 2003 Server. It integrates with
the Windows user authentication system.
Secure Computing - ICSA certified
SecureZone and Sidewinder firewalls and application gateways. Embedded VPN capability.
Integrates with Strikeback IDS product.
Securepoint Firewall Server - Securepoint
Firewall Server free firewall system. The Securepoint Firewall Server is a high-performance,
commercial-grade application designed to offer full protection for network assets.Also
offerings in VPN, IDS and other entwork products.
Simple OpenBSD Firewall Interface
- complete firewall solution for OpenBSD with many features, all of which are accessible
through a web interface.
SINUS Firewall Page -
Free TCP/IP packet filtering firewall for Linux. IP, TCP, UDP, ICMP and IGMP packet
filtering. Dynamic rules including time-outs. Graphical management interface.
Smoothwall Limited - Corporate server, a
linux based, stateful inspection software firewall. Plugin modules available to
add VPN and web filtering functions. Customer case studies and option to buy online.
High-Availability Firewall and VPN - An enterprise-class firewall with integrated
VPN, high-availability and load-balancing. Load-balancing includes both connections
Sygate Enterprise - Host based, packet filtering firewall product.
TeamF1, Inc. Software - Provides software solutions
in embedded network security and management on embedded OSes such as vxWorks. FireFly
for vxWorks product implements a small footprint robust firewall for use in residential
gateways and other internet appliances.
Trustix AS - Developers of the XSentry firewall
and Trustix Secure Linux. Security science and research.
Vicomsoft Firewall and Internet Security Software
- FAQs, White Papers, case studies and trial downloads of firewall and filtering
Winproxy by Ositis Software - Network Address
Translation, firewall, and modem sharing. Runs on Windows NT/95/98. Recently purchased
by Blue Coat.
Hackingv- Software Piracy
BSA Anti-Piracy Site - Software
management facts and free audit tools. Sponsored by the Business Software Alliance.
FAST - Federation Against Software Theft,
UK software industry group working alongside corporates who require advice and guidance
to achieve a legally sustainable software environment.
SPA Anti-Piracy - A division
of the Software and Information Industry Association, provides education and enforcement
in dealing with software piracy. Online report forms, anti-piracy news, FAQ, copyright
issues, policies, tools, seminars, and publications.
WarezFAQ - Articles and FAQ for alt.binaries.warez.ibm-pc.
Also contains tutorials on posting and downloading files.
Piracy Report - Three-part series by David Cuciz, interviews with enforcement
agencies and a software pirate, world-wide statistics and the fight to bring software
piracy under control. (June 9, 2000)
Hacking - Wardriving
Arizona War Driving And Wireless Security
- Arizona Wardrivers Forum News and Events.
BC Wireless - Hardware,
software and gear for wardriving.
Black Alchemy - Software
for generating thousands of counterfeit 802.11b access points.
Fleeman Anderson & Bird Corp - Wireless
antennas, amplifiers, coax, and wardriving accessories.
HD Communications Corp. - Offers equipment
and kits for wardrivers including network cards, antennas and cables.
SDV W-lan - Mapped WarDriving results
from BeNeLux, includes discussion forum.
- The who, what and why's of and about wardriving along with links for software
StumbVerter - Imports Netstumbler and
converted Kismet logs, and generate AP location maps using MapPoint 2002 with map
WarDrive.net - Offers information about Wardriving
and Wireless Networking.
WarDrivers - Discussion forum about WarDrivers,
software, hardware and wardriving techniques.
WarDriving Decals - Wardriver stickers
for cars, laptops and folders.
Wardriving for Wireless Connections - Article from techtv about warchalkers
and wardrivers who are part of a global guerrilla campaign to mark free, wireless
wardriving is not a crime
- Legal aspects of WarDriving, definition, resources and t-shirt.
Wardriving.com - Wardriving news hub with
archives and links.
WarTyping.com - Site about interception of
radio signals transmitted by wireless keyboards.
Warviewing - Look for and monitor 2.4GHz
Wi-Fi-AWACS Project -
Project to develop a software suit for indoor and outdoor 3D location and tracking
Wi-Fi nodes, using distributed, mobile, low density grid of heterogeneous sensors.
WiGLE.net - Wireless Geographic Logging Database.
Worldwide database and mapping of hundreds of thousands of wireless networks.
Wireless Revolution - Colorado hotspot,
group information and discussion board.
Wireless Warrior - Directory of wireless
- Article detailing how a hacker was sentenced to nine years in prison for illegally
capturing financial details. He got into the company network via poorly secured
wireless network discovered by wardriving. (December 16, 2004)
Wardriving: you can look,
but don't touch - ZDNet AnchorDesk: Security Watch by Rob Vamosi (September
nab drive-by hackers - Consultant KPMG is using a honeypot wireless LAN
to lure wardrivers and measure the true level of this much-discussed security risk.
(October 9, 2002)