Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn

 

Tuesday, July 29, 2014

 
  New Resources
Travel Tips for Data Security
Free Security/Privacy Training Resources
Penn+Box
Two-step verification
Combating Malware
SafeDNS
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
 
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Spam
Phishing
Wireless Networking
Encryption & digital signatures
 
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
 
  More in-depth information for
Local support providers
System administrators
 
  Security initiatives
Critical host compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
 
  Related links
Electronic privacy
PennKey
Viruses
Worms, trojans, backdoors

How To Stay Informed About Computing Security Alerts and Issues

Keeping up with what's happening in the world of information and computing security is a never-ending process, especially for those who are responsible for the operation and administration of large, multi-user server systems and/or handle programming and development of software applications that use or are accessible from the Internet. There are literally thousands of viruses, worms, trojans and other forms of computer attacks that are still active, in some cases years after their first appearance. And, of course, new ones appear almost on a daily basis. Knowing where to look for information is a vital part of keeping your system(s) protected.

Publicly Accessible Websites

There are many excellent websites that deal with security in a variety of ways. The following are a few of the more authoritative and popular ones:

Computer Emergency Response Team (CERT) - www.cert.org

This Federally-funded operation is based at Carnegie-Mellon University in Pittsburgh, and is a primary source of up-to-date, accurate information and assessment of current and recent computing security alerts.

SANS Institute (SysAdmin, Audit, Network, Security) - www.sans.org

Like CERT, the SANS site contains information on current and recent security alerts, and many other resources, including a "reading room" where visitors can research white papers on a multitude of security-related topics. SANS is also one of the leading providers of top-quality security training courses.

Internet Storm Center - www.incidents.org

This is actually a major sub-site of SANS. It displays in graphic and text format the current trends and frequencies for the computing exploits and attacks that are currently most prevalent around the world, with links to information detailing how to detect, prevent and recover from them.

SecurityFocus - www.securityfocus.com

A complete "e-zine" devoted to articles, columns, op-eds, alerts and reader feedback dealing with virtually all information security-related topics.

The Register - www.theregister.com

Hosted in the UK, the Register covers computing in general, including security, and often with a typically British skeptical and irreverent eye. Their motto: "Biting the hand that feeds IT." Be sure to allot at least a full day to catch up on the complete "Bastard Operator From Hell" series, a.k.a. "BOFH".

Penn-hosted E-mail Discussion Lists ("listservs")

Penn Information Security sponsors and operatesl a listserv that is available to system administrators for discussion of security issues:

  • security-sig (Security Special Interest Group)

Subscriptions to this lists isrestricted to Penn e-mail addresses only. . If you wish to join this list, you must subscribe from your Penn address. To do so, send e-mail to the following address:

listserv@lists.upenn.edu

You may leave the 'Subject:' line blank if desired. In the body of the message, write:

subscribe security-sig youraddress@yourhost Your Name

e.g., "subscribe security-sig jsmith@myhost.upenn.edu John Smith"

You will receive notification via e-mail when your subscription has been approved, along with a message containing basic listserv instructions.

 

Last updated: Tuesday, January 2, 2007

top

Information Systems and Computing
University of Pennsylvania
Comments & Questions


Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania