Computer and Network Security

IT Education | Career | Online & Offline Training | Certification | PM/SW Engineering | SDLC BookShelf | Webmastering | eCommerce
IT Security | Orgs & Associations | For Consultants | For Women | Volunteer/Donate | Wares | Site Map

Esta página en Español

The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization through which more than 100K+ system administrators, security professionals, and network administrators share the lessons they are learning and find solutions for security challenges they face. SANS now offers online training towards security certification, along with their instructor-based training. If you are involved in IT security, please visit SANS.org and be aware of what's going on "out here". SANS offers the Global Incident Analysis Center (GIAC) security certifications.

A sample from the SANS Institute - How to Eliminate the Ten Most Critical Internet Security Threats

SANS GIAC Certification: Security Essentials Toolkit (GSEC)

This book is the first in the series of SANS Press books that cover SANS' popular Global Information Assurance Certification (GIAC) Certification program. SANS GIAC Certification: Security Essentials Toolkit (GSEC) prepares you for the GIAC Security Essentials Certification (GSEC), the most popular among several GIAC certifications. This book shows security engineers how to configure, deploy, and troubleshoot the preferred tools of the trade.

GSEC Security Essentials Toolkit

Other security certifications available include the Certified Information Systems Security Professional (CISSP books) through the International Information Systems Security Consortium, and the Certified Network Security Administrator or Engineer through ICSA.net.

The Center for Internet Security (CIS) is a not-for-profit cooperative enterprise that helps organizations reduce the risk of business and e-commerce disruptions resulting from inadequate security configurations.

For the first time ever, a large group of user organizations, information security professionals and auditors have agreed on security configuration specifications that represent a prudent level of due care, and are working together to define consensus best-practice security configurations for computers connected to the Internet.

Determine how your systems measure up to these widely accepted security benchmarks. I challenge you!

In accordance with the CIS not-for-profit mission, the Benchmarks and Scoring Tools are available free.

Advance Your Formal Education in Security with these online programs:

Keiser University

ITT Technical Institute Online

Colorado Technical University

Do you write code? The way you program can cause security vulnerabilities. Follow these guidelines for developing Java code and the Microsoft .Net framework that will greatly reduce security holes.

Vulnerability as a Function of Software Quality, a research paper that I wrote as a requirement for the GSEC certification through the SANS Institute. One of the major points is the fact that denial of service (DOS) conditions can easily occur if unexpected data is input into the software, causing the software to crash or worse, allowing priviledged access into the box. Meet Fuzz, as in the The Fuzz Testing of Application Reliability program available from Bart and company through the University of Wisconsin, Madison site.

Too busy to check BugTraq or read your vendor's security advisories regularly? Don't have time to keep up with it all?

SecuritySpace Security Audits examines your network for unwanted open ports and potential security vulnerabilities. When a new vulnerability is discovered, they promptly include the new test, so that you can re-test your system to remain secured. Schedule a recurring monthly/weekly audit for your server, making sure that you are tested with the latest, most comprehensive suite of vulnerability tests around. Recurring audits - a constant safeguard for security! Join their free mailing list. Free trial security audit.

Advanced Security Audits

Unlimited audits against unlimited IPs. No hidden sign-up fees, no long term commitments required, no software to download or install, use our top rated vulnerability scanner to examine an unlimited number of IP addresses. Fix problems and retest at your leisure. Always available 24x7.

Remember, every computer hooked into a network, especially the Internet, should at least have a firewall