Internet

Featuring articles and web links on Internet and network security for the Unix and Windows platforms.

Criticisms of Intel's Processor Serial Number (PSN) feature on its Pentium III chips. Argues that the PSN endangers internet users' privacy.

Hailstorm Enterprise Solution has two product lines for Security Quality Assurance: Hailstorm Web and Hailstorm Protocol Modeler. Overview of products, services, and companies profile.

No 1 e catalogue exchange center, Trading information exchange center, Global Security Information Key implement.

A mediator service for business transactions.

Information security consultancy offering training, assessments, managed and unmanaged security and privacy services.

Includes securing your server, protecting confidential documents on your site, safe CGI programming, client security, and privacy.

This paper describes how many small business claim to be offering a secure order form, when in fact, they really are not. The paper shows how the insecurity occurs, and offers a few solutions to the problem.

Demonstrations of security risks and advice for safe use of a web browser.

Book that covers how to hack web applications, and how to secure against the attacks detailed. Author profiles, links to tools referenced in the book and reviews.

History eraser with free popup blocker and IP spam killer as a security tool for common internet users.

An independent resource for assistance in P3P Implementation for Web sites. Includes tools, implementation guides, links, and FAQs. Created and maintained by the Internet Education Foundation.

A P3P generator that utilizes a wizard interface to create a P3P privacy policy your web site - allowing cookies to function in Internet Explorer. This is a paid service.

Network security scanning software for detecting, auditing, and fixing network security exploits and vulnerabilities.

Network-based, discovery and vulnerability database assessment scanner.

Check open ports on vulnerabilities.

Acts like a fuzzer, injecting payloads to see if a script is vulnerable.

Scans your ports and tells you which are open, closed, blocked etc.

Host based PCI DSS auditing tool for scanning desktop and server file systems for unprotected stored payment card data across a wide variety of file formats.

Discovers HTTP load balancers. May be useful for testing load balancer configurations and for web application auditing purposes.

Search for SCAP (CVE, CCE, CPE, OVAL, XCCDF, CWE) content

AJAX utility to test the port forwarding configuration on your router. The site shows your external IP address and has the ability to identify open ports on your connection.

Free online cross site scripting scanner.

Advisory published jointly by the CERT Coordination Center, DoD-CERT, the DoD Joint Task Force for Computer Network Defense (JTF-CND), the Federal Computer Incident Response Capability (FedCIRC), and the National Infrastructure Protection Center (NIPC).

The World Wide Web Consortium reaches cross-industry agreement on an XML-based language for expressing Web site privacy policies.