Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn


Sunday, March 18, 2018

  New Resources
Security Logging Service
Travel Tips for Data Security
Free Security/Privacy Training Resources
Two-step verification
Combating Malware
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Wireless Networking
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
  More in-depth information for
Local support providers
System administrators
  Security initiatives
Critical Component compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
  Related links
Electronic privacy
Worms, trojans, backdoors

How To Stay Informed About Computing Security Alerts and Issues

Keeping up with what's happening in the world of information and computing security is a never-ending process, especially for those who are responsible for the operation and administration of large, multi-user server systems and/or handle programming and development of software applications that use or are accessible from the Internet. There are literally thousands of viruses, worms, trojans and other forms of computer attacks that are still active, in some cases years after their first appearance. And, of course, new ones appear almost on a daily basis. Knowing where to look for information is a vital part of keeping your system(s) protected.

Publicly Accessible Websites

There are many excellent websites that deal with security in a variety of ways. The following are a few of the more authoritative and popular ones:

Computer Emergency Response Team (CERT) -

This Federally-funded operation is based at Carnegie-Mellon University in Pittsburgh, and is a primary source of up-to-date, accurate information and assessment of current and recent computing security alerts.

SANS Institute (SysAdmin, Audit, Network, Security) -

Like CERT, the SANS site contains information on current and recent security alerts, and many other resources, including a "reading room" where visitors can research white papers on a multitude of security-related topics. SANS is also one of the leading providers of top-quality security training courses.

Internet Storm Center -

This is actually a major sub-site of SANS. It displays in graphic and text format the current trends and frequencies for the computing exploits and attacks that are currently most prevalent around the world, with links to information detailing how to detect, prevent and recover from them.

SecurityFocus -

A complete "e-zine" devoted to articles, columns, op-eds, alerts and reader feedback dealing with virtually all information security-related topics.

The Register -

Hosted in the UK, the Register covers computing in general, including security, and often with a typically British skeptical and irreverent eye. Their motto: "Biting the hand that feeds IT." Be sure to allot at least a full day to catch up on the complete "Bastard Operator From Hell" series, a.k.a. "BOFH".

Penn-hosted E-mail Discussion Lists ("listservs")

Penn Information Security sponsors and operatesl a listserv that is available to system administrators for discussion of security issues:

  • security-sig (Security Special Interest Group)

Subscriptions to this lists isrestricted to Penn e-mail addresses only. . If you wish to join this list, you must subscribe from your Penn address. To do so, send e-mail to the following address:

You may leave the 'Subject:' line blank if desired. In the body of the message, write:

subscribe security-sig youraddress@yourhost Your Name

e.g., "subscribe security-sig John Smith"

You will receive notification via e-mail when your subscription has been approved, along with a message containing basic listserv instructions.


Last updated: Tuesday, January 2, 2007

Information Systems and Computing
University of Pennsylvania
Comments & Questions

Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania