Security

FreeBSD jail

• http://en.wikipedia.org/wiki/FreeBSD_jail

Firewalls

• http://en.wikipedia.org/wiki/Uncomplicated_Firewall

Logging

http://www.fail2ban.org/wiki/index.php/Main_Page

Hardening

• https://wiki.archlinux.org/index.php/SELinux

Shells

• http://lshell.ghantoos.org/ - limited shell

HTTPS, SSL and TLS

• https://en.wikipedia.org/wiki/HTTPS

• https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
  • Living with HTTPS (19 Jul 2012)

• OWASP Top 10 for .NET developers part 9: Insufficient Transport Layer Protection - Touching on HTTPS, SSL and TLS

• SSL/TLS Deployment Best Practices - tutorial whitepaper

Encryption

• http://www.truecrypt.org/ - hard drive space

• http://www.keepassx.org/ - passwords

• http://safeharbor.export.gov/list.aspx - UK DPA safe harbours

UX

• Everything you ever wanted to know about building a secure password reset feature

Resources

• http://securitytube.net

Testing

Distros

• http://backbox.org/

Metasploit

• http://www.metasploit.com/
  • http://www.metasploit.com/modules/
  • http://www.metasploit.com/development/
  • http://dev.metasploit.com/redmine/projects/framework/issues?set_filter=1&tracker_id=1

• http://en.wikipedia.org/wiki/Metasploit_Project
  • http://en.wikibooks.org/wiki/Metasploit

• http://fastandeasyhacking.com/
  • http://fastandeasyhacking.com/manual
  • http://fastandeasyhacking.com/start
  • http://wiki.backbox.org/index.php/Armitage

Other

• w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.