Computer Security Tips

I’m including links here to external sites that produce computer security and vulnerability advisories.

Canadian Centre for Cyber Security

Cybersecurity & Infrastructure Security Agency:

Latest CVE Advisories:

(feed from cvefeed.io)

National Vulnerability Database

Helpful information:

Web pages I’ve created to assist people in keeping their systems secure. I hope these continue to help people.

  • Securing Passwords: (created 2000-10-13) A discussion of issues surrounding the perceived security of re-usable passwords.
  • Securing Unix and Linux Systems: (created 2000-09-20) So you want to set up a Unix server, but you’d like to do it securely? Here’s a list of hopefully useful pointers to get you moving in the right direction.

Historical incidents:

Although these are no longer current issues, they’re still interesting. These contain source code to incidents that affected people around the world:

  • I LOVE YOU: (released 2000-05-04) Similar to Melissa (above), this email-borne worm-style virus carries multiple payloads. Formatted and commented source-code.
  • Very Funny: (released 2000-05-04) Essentially a copy of the I LOVE YOU worm, with different file names.
  • Very Funny (diff): See the differences between I LOVE YOU and Very Funny.

Links to Remote Documents:

  • Secure Programming: A document by Oliver Friedrichs, of the secprog mailing list.
  • Secure Programs HOWTO: David Wheeler’s HOWTO on secure programming. David Wheeler also has a secure programs introduction page.
  • The Stanford SRP Authentication Project: by integrating secure password authentication into widely used protocols instead of adding security as an afterthought, SRP improves network security from the ground up.
  • PERL Guide and Resources: A collection of reference material and resources aimed at PERL programmers.