Security
General
News
FreeBSD jail
Firewalls
csf/lfd
- http://blog.configserver.com/ - software update news
Passwords
Logging
http://www.fail2ban.org/wiki/index.php/Main_Page
Hardening
AppArmor
SELinux
Detection
Shells
- http://lshell.ghantoos.org/ - limited shell
Honeypot
HTTPS, SSL and TLS
- http://en.wikipedia.org/wiki/Server_Name_Indication - allows more than one domain per ip address, not supported my older browsers
- OWASP Top 10 for .NET developers part 9: Insufficient Transport Layer Protection - Touching on HTTPS, SSL and TLS
- SSL/TLS Deployment Best Practices - tutorial whitepaper
- https://www.ssllabs.com/projects/best-practices/
- https://www.tbray.org/ongoing/When/201x/2012/12/02/HTTPS - basic intro
Certificates
Services
- RapidSSL
- Verisign
- Comodo
Self-signed
Vulnerable to MITM as cracker can generate their own.
- How to Create A Self Signed Certificate - sslshopper.com
- How to create a self-signed SSL Certificate which can be used for testing purposes or internal usage
Cacert.org
Community group providing certs. Web of trust based assurance point system. Not carried by major browsers, just Linux distros.
StartCom
Free certs, one cert per domain, 1 year.
Tools
PFS
DNSSEC
- http://jpmens.net/2011/02/16/ssl-certificate-validation-and-dnssec/
- http://blog.huque.com/2012/10/dnssec-and-certificates.html
- http://blogs.cisco.com/security/top-of-mind-problems-with-ssl-solved-with-dnssec/
Articles
Future
HTML
Scripting
Vulnerability
VPN
OpenVPN
IPsec
Encryption
File system
- http://www.truecrypt.org/ - hard drive space
Other
- http://www.keepassx.org/ - passwords
- http://www.schneier.com/solitaire.html
- http://security.stackexchange.com/questions/25375/why-not-use-larger-cipher-keys
Legal
- http://safeharbor.export.gov/list.aspx - UK DPA safe harbours
UX
Resources
Testing
Metasploit
Other
- w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.