Information Technology Assessment Center

Helpful resources...

• University of Virginia Information Technology Security Risk Management Program

• HIPAA Regulations

• OCTAVE Risk Analysis

• Center for Education and Research in Information Assurance and Security

• The International Information Systems Security Certification Consortium

• SANS

• NIST Security Resource Center

• Generally Accepted Principles and Practices for Securing Information Technology

• Computer Incident Handling and Response

• http://permanent.access.gpo.gov/websites/www.fedcirc.gov/tools.html

• Microsoft Security Best Practices

• NIST Vulnerability Database

• 10 Tips for Creating a Network Security Policy 

• http://www.pxserver.com/WinAudit.htm

• http://www.sysinternals.com

• http://www.insecure.org/tools.html

• http://www.microsoft.com/windowsserversystem/updateservices/default.mspx

• http://www.emco.is/networkmalwarecleaner/features.html

• http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/netstat.mspx

• http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/superscan.htm

• http://www.openwall.com/john/

• http://www.belarc.com/free_download.html

• http://www.solarwinds.net/Toolsets.htm

Recommended Sites

Visit the following sites for security updates and information

• SECURITY TRAINING AND SECURITY INFORMATION- http://www.sans.org/

• MICROSOFT- www.microsoft.com/technet/security/default.mspx

• DISTRIBUTED INTRUSION DETECTION SYSTEM- www.dshield.org

• PORTS USED BY VIRUSES, AND OTHER MALICIOUS CODES- www.doshelp.com/Ports/Trojan_Ports.htm

• DEFACED WEBSITES- www.liquidmatrix.org

• OPEN WEB APPLICATION SECURITY PROJECT- www.owasp.org

• SECURITY INFORMATION AND TOOLS- www.sysinternals.com,  http://freshmeat.net/