This site has security updates as well as tools and tips. Here, you can find security updates for any Microsoft products
you may be using. On the left side of the page, you will find links that take you to different sections such as information for home security, news for IT professionals, and much more. When you click on “Home Users”, for instance, you will be taken to a page that has information and tips pertaining to home security.
CERT
www.cert.org
CERT is a project maintained by Carnegie Mellon University to study Internet security vulnerabilities, research long-term changes in networked systems, and develop information to improve IT security. Look for two sections called “Security Alerts” and “Current Activity”, which provide information on security threats and particular trends. Most of the news here is aimed at people at the level of system administrator, but some of them it can be used by home users as well. If you wish to know what’s happening in IT security, this is a good site to visit. There are even statistics pertaining to virus / worm infections and vulnerabilities.
CERT has separate Web sites and working teams for different geographic areas, including India.
NASSCOM
www.nasscom.inThe Web site of NASSCOM (National Association of Software and Services Companies) contains information on several aspects of IT and outsourcing in the Indian context. There is a section dedicat- ed to security and cyber offences under the “Resource Center” link. Click on “Be-Secure Newsline” under the Resource Center link on the homepage. There isn’t a whole lot of content, but it’s got to do with the scenario in India.
CERT-In
CERT-IN is the Indian Computer Emergency Response Team, which is meant to respond to computer security incidents as and when they occur. CERT-In operates with authority delegated by the Department of Information Technology, and the Ministry of Communications and Information Technology of the Government of India. It also aims to assist members of the Indian IT communi- ty in implementing proactive measures to reduce the risks of com- puter security incidents. The site features white papers and pre- sentations apart from security alerts. Clicking on the link to the left called “Vulnerability Notes” takes you to a list of vulnerabili- ties ordered by date.
The “Press” link takes you to a section that contains news released to the media by CERT-In.
Center for Internet Security
www.cisecurity.orgThe Center for Internet Security (CIS) is a non-profit enterprise whose mission is to help organisations reduce the risk of business and e-commerce disruptions resulting from inadequate technical security controls. This site, again, is meant for system administra- tors in a business, but if you are interested in security issues, you can pick up some information here. Part of the focus of this Web site
is the security benchmarking tool, which can be downloaded free of cost to test the security policies in a network or even a home system. Under the link called “Other Resources”, you’ll find several articles in PDF format, but these largely pertain to the US govern- mental laws on IT security—just in case you’re interested.
ITsecurity.com
www.itsecurity.com
This is an all-in-one Web site that features information for both home users as well as system or network administrators. The site features a dictionary of security terms, a blog, a library that con- tains articles and white papers, security hardware vendor infor- mation, and more. You can also subscribe to a newsletter.
Secunia
http://secunia.com
Secunia is a Danish computer security service provider. They are best known for tracking vulnerabilities in software and operating systems. Secunia, on its site, says it monitors vulnerabilities in
software such as Internet Explorer, Firefox, Opera, and... the list of software and operating systems in the Secunia database currently includes 11,361 items! If you use a certain software, in all proba- bility, you will find it in Secunia's database.
Information is added to the database daily, through software suggestions from customers and vulnerability reports affecting new software.
You'll need to check out the page to see the sheer amount of useful information there. And most of what you need to know is right there on the index page - highlights, and the latest advi- sories. The “highlights” section is usually one of the first places on the Web where critical security information crops up on the Web.
Sophos
www.sophos.com
Sophos is a security firm that makes anti-virus software and such. But their Web site holds more than just information about their products - the latest security threats are listed, as are the latest “news, events and awards.” There's a “hot topic” on the index page,
where you can get in-depth information on a topic; there's also a “have your say” section. If you're really paranoid, you can subscribe to an RSS feed that delivers the latest security-related news and developments.
Kaspersky Lab
www.kaspersky.comThe “viruslist” on this site calls itself the “largest encyclopedia of malware.” There's a “virus watch” section, where, like at
some of the other sites we've mentioned, you can find a list of the latest viruses. Another must-visit for those concerned about security, partly because at Kaspersky Linux Security, you can find anti-virus and anti-spam products for protecting your Linux systems.
SecurityFocus
www.securityfocus.com
SecurityFocus is probably the most comprehensive and trusted source of security information on the Internet. It is a vendor-neu- tral site that provides objective, timely and comprehensive securi- ty information to “all members of the security community, from end users, security hobbyists and network administrators to secu- rity consultants, IT Managers, CIOs and CSOs.”
Here is another site you'll have to look at to get an idea of how much information is available out there. The index page features news, columnists, newest vulnerabilities, a search bar, the latest security-related incidents, and much more. You can subscribe to newsletters as well.
10.2 Online Virus / Trojan Scans
All viruses are bad. Some are worse, and can render your anti-virus software useless. Let’s say you haven’t updated your anti-virus software, and a new virus that disables anti-virus programs strikes. It would not let you install another anti-virus either. This is where online virus scans come in handy. Many anti-virus mak- ers have an online virus scan facility. In case of an emergency, you can use the following links: