Security

General

• http://sla.ckers.org/forum

FreeBSD jail

• http://en.wikipedia.org/wiki/FreeBSD_jail

Firewalls

• https://help.ubuntu.com/community/UFW
  • http://en.wikipedia.org/wiki/Uncomplicated_Firewall

• http://configserver.com/cp/csf.html

• http://www.shorewall.net/

Passwords

• https://github.com/raymontag/keepassc

Logging

http://www.fail2ban.org/wiki/index.php/Main_Page

Hardening

• https://wiki.archlinux.org/index.php/SELinux

Shells

• http://lshell.ghantoos.org/ - limited shell

HTTPS, SSL and TLS

• https://en.wikipedia.org/wiki/HTTPS

• https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
  • Living with HTTPS (19 Jul 2012)

• OWASP Top 10 for .NET developers part 9: Insufficient Transport Layer Protection - Touching on HTTPS, SSL and TLS

• SSL/TLS Deployment Best Practices - tutorial whitepaper

• http://blog.filepicker.io/post/29422604907/improved-https-performance-with-early-ssl-termination

Encryption

• http://www.truecrypt.org/ - hard drive space

• http://www.keepassx.org/ - passwords

• http://safeharbor.export.gov/list.aspx - UK DPA safe harbours

UX

• Everything you ever wanted to know about building a secure password reset feature

Resources

• http://securitytube.net

Testing

Distros

• http://backbox.org/

Metasploit

• http://www.metasploit.com/
  • http://www.metasploit.com/modules/
  • http://www.metasploit.com/development/
  • http://dev.metasploit.com/redmine/projects/framework/issues?set_filter=1&tracker_id=1

• http://en.wikipedia.org/wiki/Metasploit_Project
  • http://en.wikibooks.org/wiki/Metasploit

• http://fastandeasyhacking.com/
  • http://fastandeasyhacking.com/manual
  • http://fastandeasyhacking.com/start
  • http://wiki.backbox.org/index.php/Armitage

Other

• w3af is a Web Application Attack and Audit Framework. The project's goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend.

Misc

• http://www.datagenetics.com/blog/september32012/index.html