Good Information Security Resources
The month of Apple Bugs is just about over with, and the Month of Kernel bugs is over with, but still the zero day tracker keeps on plugging along and giving out some interesting information that is of a lot of use.
Zone H still keeps tracks of when systems get defaced, P2P Net (although unknown for how much longer) keeps track of DRM, and a host of other specialist separated systems keep track of what is happening in information security.
While we all have those things that we use on a regular basis, some are the best places to get good information.
Statistics are compiled by just about everyone, all the AV vendors keep track of what the vulnerabilities are, but McAfee has the most user friendly set of AV stats, and regular reports that you don’t have to pay for to find out what is happening in the world of Anti virus that is pretty much so devoid of marketing spin. http://us.mcafee.com/virusInfo/default.asp
Web Site defacements, Zone H wins this one, they are the only people left that keep track of all the web sites that are defaced. Its excellent news, knowledge, and some tools that really put a nice package of information together for folks that want to know about web site defacements and how they work. The humor part is that even zone h is just as easily defaced. You can see it at http://www.zone-h.org/ today.
Eye Zero Day Tracker has some interesting information on what vulnerabilities are still out there that have no patches, and could be exploited. From a statistical viewpoint, keeping tabs on the number of days of exposure is excellent for those folks who want to know how long it takes to really patch something. They can be found at http://research.eeye.com/html/alerts/zeroday/index.html
Month of Bugs – while its dubious to be putting out exploit information into the wild, the frustration that security researchers can have when trying to get some companies to update or patch their code can be difficult. Attention seeking behavior aside, the month of bugs is an excellent resource to work out risk and threats to a network. http://projects.info-pull.com/moab/
General Security Statistics – one of the interesting things about statistics is that their data is usually dubious. So finding good statistics that do not look like they are biased is something that when you find it, you keep on going back. Alladin has some of the best information security statistics that I have seen in a while. They can be found at http://www.esafe.com/home/csrt/statistics/statistics_2005.asp as well as a good general threat alert page at http://www.esafe.com/home/csrt/valerts.asp
Keynotes Internet health report can be found at http://www.internetpulse.net/Main.aspx?Metric=PL and is another one of those really good tools to have at your disposal. Is the line slow today because of a network issue or because of bubba and his backhoe? This is the place to find out what the cause is.
Internet Storm Center at http://isc.sans.org is a general information page, that rarely goes above green, but is still interesting as well. The best part is the port metrics and trending that they get from DShield.
Just some more good places to go to pick up some info on what’s happening in information security.
I am in no way representative or compensated by anyone for this article. There are some tools that are just too good to pass up, and in information security knowing is the battle (with apologies to GI Joe).
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.