SecuraBit before it Bytes

Security Analyst Links

Excellent links to help you succeed as a network security analyst:

IP Whois sites:

http://ws.arin.net/whois - American Registry for Internet Numbers

http://www.apnic.net/search/index.html - Asian Pacific Registry for Internet Numbers

http://www.db.ripe.net/whois/ - Europe, the Middle East and parts of Central Asia Registry for Internet Numbers

http://centralops.net/co/ - Use this site sparingly if all others fail as they will block DoD addresses if accessing it too often.

http://digitalninjitsu.com/ - This site is pretty much all of the other whois sites in a nutshell, minus the DoD sites.

http://www.senderbase.org/senderbase_queries/main - The biggest and best traffic monitoring network used to collect all sorts of network stats and other vital information.

http://samspade.org/ - Another all inclusive whois site that encompasses all of the above mentioned sites.

Port number assignments:

http://www.iana.org/assignments/port-numbers - List all of the well known ports

Commonly used acronyms:

https://www.infosec.navy.mil/training/cbt/active_defense_v1.0/includes/common.pdf

Sites used to lookup known vulnerabilities:

http://www.symantec.com/avcenter/attack_sigs/ - Symantec attack signatures

http://nvd.nist.gov/nvd.cfm - Link to the National Vulnerability Database

http://www.securityfocus.com/bid - Another site used to search vulnerabilities specific to OS or vendor.

http://us.mcafee.com/virusInfo/default.asp - McAfee virus information

http://secunia.com/ - Another great website to lookup virus information

Random Security sites to use while performing open source research:

http://securitywizardry.com/radar.htm - Computer Network Defense Operational Dashboard

http://www.viruslist.com/en/weblog - Analyst’s diary used to research spam, known hacking groups, and viruses.

http://www.internettrafficreport.com/main.htm - Internet traffic report used to monitor the flow of data around the world.

http://isc.sans.org – SANS Internet storm center, used to gauge the status of the Internet as a whole when dealing with malware or major virus outbreaks via the web.

http://www.milw0rm.com/ - Site used to gather the actual shellcode used to exploit vulnerabilities.

http://nickciske.com/tools/hex.php - HEX translator

http://www.isecom.org/osstmm/ - Open Source Security Testing Methodology Manual

http://www.linuxdocs.org/ - Everything you need to know about using Linux.

http://www.ee.surrey.ac.uk/Teaching/Unix/index.html - UNIX tutorial for the avid beginner.

I will be adding to this list as this is just the start of my links page!

Filed in General by Jay | May 8, 2008 |

Viewing 2 Comments

Michael 2 months ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

Thanks Jay! I couldn't remember the link for the "Computer Network Defense Operational Dashboard" and found it - and a bunch of other interesting stuff - here! Keep up the Great work!

reply edit reblog flag

http://www.michaelsreference.com

Jay 2 months ago 1 point
Please login to rate.

Do you already have an account? Log in and claim this comment.

No problem, I tend to use this as my own personal repository of links as well.

reply edit reblog flag

http://www.securabit.com

Trackbacks

blog comments powered by Disqus

SecuraBit is powered by Wordpress | WordPress Theme Design | Logo design by Darren Kitchen | Proudly hosted by Divergent Networks