       HUGE Security Resource - version 5000 - 03/06/12

- previously known as: HUGE List of Security Blogs: Unix, Linux, Windows,
  part 1, 2, 3, and 4. (see the bottom of this version for links to previous
  versions under the former title)

##### Changes since last post (version 5000, previously known as "part 4"):
# 1. New revisions/posts will be by date and version number, not by "date"/"part"
# 2. New security blog links
# 3. Inclusion of more sites than "blogs", useful security related links
# 4. Established a numbering process per new section, starting with #5000
#    no particular reason for beginning at this number, random choice.
# 5. Changed the name of this publication from:
#    "HUGE List of Security Blogs: Unix, Linux, Windows - part #"
#    to: HUGE Security Resource version # - release date
################################################################
# Sections, version 6, 03/06/2012
# 
# 5000: Wikipedia (all links here found within Wikipedia)
# 5001: Suggested Books
# 5002: Articles, Guides, How To's
# 5003: Antivirus LiveCDs - boot and scan your system for malware
# 5004: Random Links
# 5005: Security Blogs
# 5006: Security Forums (Web based Discussion Forums)
# 5007: Security Magazines & Zines
# n/a : Copy/paste inclusion of previous release
################################################################

** 5000: Wikipedia:

Acoustic cryptanalysis
- https://en.wikipedia.org/wiki/Acoustic_cryptanalysis

Advanced persistent threat
- https://en.wikipedia.org/wiki/Advanced_Persistent_Threat

ARP spoofing
- https://en.wikipedia.org/wiki/ARP_poisoning

ARP Watch
- https://en.wikipedia.org/wiki/Arpwatch

Category:Confidence_tricks
- http://en.wikipedia.org/wiki/Category:Confidence_tricks

Category: Cryptographic_attacks
- https://en.wikipedia.org/wiki/Category:Cryptographic_attacks

Category: Signals_intelligence
- https://en.wikipedia.org/wiki/Category:Signals_intelligence

Category: Surveillance
- https://en.wikipedia.org/wiki/Category:Surveillance

Chaffing and winnowing (cryptographic technique)
- https://en.wikipedia.org/wiki/Chaffing_and_winnowing

Cold boot attack
- https://en.wikipedia.org/wiki/Cold_boot_attack

CyanogenMod
- https://en.wikipedia.org/wiki/CyanogenMod

Deep packet inspection
- https://en.wikipedia.org/wiki/Deep_packet_inspection

DNS cache poisoning
- https://en.wikipedia.org/wiki/DNS_poisoning

Echelon (signals intelligence)
- https://en.wikipedia.org/wiki/ECHELON

Electromagnetic interference
- https://en.wikipedia.org/wiki/Electromagnetic_interference

Electromagnetic radiation and health
- https://en.wikipedia.org/wiki/Electromagnetic_radiation_and_health

Electromagnetic shielding
- https://en.wikipedia.org/wiki/Electromagnetic_shielding

EMF meter
- https://secure.wikimedia.org/wikipedia/en/wiki/EMF_Meter

Frequency counter
- https://en.wikipedia.org/wiki/Frequency_counter

High-frequency direction finding (electronics)
- https://en.wikipedia.org/wiki/HF/DF

I2P
- https://en.wikipedia.org/wiki/I2P

Laser microphone
- https://en.wikipedia.org/wiki/Laser_microphone

Linux malware
- https://en.wikipedia.org/wiki/Linux_malware

Nonverbal communication
- https://en.wikipedia.org/wiki/Nonverbal_communication

Operation RAFTER
"RAFTER was a code name for the MI5 radio receiver detection technique, mostly used against clandestine Soviet agents and monitoring of domestic radio transmissions by foreign embassy personnel from the 1950s on."
- https://en.wikipedia.org/wiki/Operation_RAFTER

Spycatcher: The Candid Autobiography of a Senior Intelligence Officer (also Spycatcher), is a book written by Peter Wright, former MI5 officer and Assistant Director, and co-author Paul Greengrass. It was published first in Australia. Its allegations proved scandalous on publication, but more so because the British Government attempted to ban it, ensuring its profit and notoriety.
- https://en.wikipedia.org/wiki/Spycatcher

Palantir Technologies, Inc., headquartered in Palo Alto, California, with offices in Tysons Corner, Virginia, New York City and Covent Garden, London, is a software company that produces the Palantir Government and Palantir Finance platforms. Palantir offers a Java-based platform for analyzing, integrating, and visualizing data of all kinds, including structured, unstructured, relational, temporal, and geospatial.
- https://en.wikipedia.org/wiki/Palantir_Technologies

Paralanguage refers to the non-verbal elements of communication used to modify meaning and convey emotion. Paralanguage may be expressed consciously or unconsciously, and it includes the pitch, volume, and, in some cases, intonation of speech. Sometimes the definition is restricted to vocally-produced sounds. The study is known as paralinguistics.
- https://en.wikipedia.org/wiki/Paralanguage

Power analysis
- https://en.wikipedia.org/wiki/Power_analysis

Project MINARET was a sister project to Project SHAMROCK operated by the NSA, which, after intercepting electronic communications that contained the names of predesignated US citizens, passed them to other government law enforcement and intelligence organizations.Intercepted messages were disseminated to the FBI, CIA, Secret Service, Bureau of Narcotics and Dangerous Drugs (BNDD), and the Department of Defense.
- https://en.wikipedia.org/wiki/Project_MINARET

Project SHAMROCK, considered to be the sister project for Project MINARET, was an espionage exercise, started in August 1945 that involved the accumulation of all telegraphic data entering into or exiting from the United States. The Armed Forces Security Agency (AFSA)and its successor NSA were given direct access to daily microfilm copies of all incoming, outgoing, and transiting telegraphs via the Western Union and its associates RCA and ITT. 
- https://en.wikipedia.org/wiki/Project_Shamrock

Radio direction finder
- https://en.wikipedia.org/wiki/Radio_direction_finder

Scrambler - In telecommunications, a scrambler is a device that transposes or inverts signals or otherwise encodes a message at the transmitter to make the message unintelligible at a receiver not equipped with an appropriately set descrambling device. 
- https://en.wikipedia.org/wiki/Scrambler

Secure communication
- https://en.wikipedia.org/wiki/Secure_Communication

Situation awareness
- https://en.wikipedia.org/wiki/Situation_awareness

Sysctl
- https://en.wikipedia.org/wiki/Sysctl

ThinThread is the name of a project that the United States National Security Agency engaged in during the 1990s, according to a May 17, 2006 article in the Baltimore Sun. The program involved wiretapping and sophisticated analysis of the resulting data, but according to the article, the program was discontinued after the September 11, 2001 attacks due to the changes in priorities and the consolidation of U.S. intelligence authority.
- https://en.wikipedia.org/wiki/ThinThread

Timing attack
- https://en.wikipedia.org/wiki/Timing_attack

Tradecraft is skill acquired through experience in a (typically clandestine) trade. Within the intelligence community this means the techniques used in modern espionage and generally, the activity of intelligence. This includes general topics or techniques (dead drops, for example), or the specific techniques of a nation or organization (the particular form of encryption used by the NSA, for example).
- https://en.wikipedia.org/wiki/Tradecraft

Trailblazer Project
Trailblazer was a United States National Security Agency (NSA) program intended to analyze data carried on communications networks like the internet. It was able to track communication methods such as cell phones and e-mail. It ran over budget, failed to accomplish several goals, and was cancelled.
- https://en.wikipedia.org/wiki/Trailblazer_Project

OpenBSD Journal
- https://en.wikipedia.org/wiki/OpenBSD_Journal

â€˜Openbsdâ€™ Articles at Kevin Hatfieldâ€™s Blog
Articles tagged with 'Openbsd' at Kevin Hatfield's Blog
- http://www.kevinhatfield.org/?tag=openbsd

Jon Hart's Blog: OpenBSD on Soekris -- A Cheater's Guide
- http://blog.spoofed.org/2007/12/openbsd-on-soekris-cheaters-guide.html

Syscall Hijacking: OpenBSD - memset's blog
- https://memset.wordpress.com/2011/11/26/syscall-hijacking-openbsd/

Billâ€™s Security Blog - OpenBSD
- http://www.wrgross.com/blogs/security/category/openbsd/

OpenBSD | Wow! eBook - Blog
- http://www.wowebook.me/tag/openbsd/
----------------------------------------

** 5001: Suggested Books:

- LOAK & CORKSCREW: Where CIA Meets Hollywood
- Radio Frequency Interference: How to Find It and Fix It
- SAS Survival Handbook, Revised Edition: For Any Climate, in Any Situation 
- Spycatcher - by Peter Wright

----------------------------------------

** 5002: Articles, Guides, How To's

Owned Over Amateur Radio (Remote kernel exploitation) (PDF)
- http://vulnfactory.org/research/defcon-remote.pdf

Even Nastier: Traditional RootKits | So, What Do Traditional RootKits Do? | InformIT
When attackers get root access on a machine, a RootKit allows them to maintain that access by implementing a back door and hiding evidence of system compromise. Ed Skoudis shows how to avoid being RootKitted in this article.
- http://www.informit.com/articles/article.aspx?p=23463&rll=1

Anonymous Blogging with Wordpress & Tor - Global Voices Advocacy
- http://advocacy.globalvoicesonline.org/projects/guide/

Attacks on Package Managers
- http://www.cs.arizona.edu/stork/packagemanagersecurity/faq.html

0wning Vista from the boot; BIOS rootkit(s)
Federico Biancuzzi interviews Nitin and Vipin Kumar, authors of VBootkit, a rootkit that is able to load from Windows Vista boot-sectors.
- http://www.securityfocus.com/columnists/442/2

20 Linux Server Hardening Security Tips
Top 20 Linux hardening tutorial and tips to secure the default installation of RHEL / CentOS / Fedora / Debian Linux servers.
- http://www.cyberciti.biz/tips/linux-security.html

Linux System Monitoring Tools Every SysAdmin Should Know
Top 20 Linux Server Performance Monitoring Tools To Solve Server Bottlenecks Issues related to CPU, Memory, Disk, and networking subsystems.
- http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html

NSA Releases 17 Cryptologic Articles
- http://cryptome.org/0006/nsa-17-docs.htm

Black ops: how HBGary wrote backdoors for the government
The attacks last week by Anonymous on security firm HBGary have yanked back the curtain on the dark world of government-sponsored malware. Where does the US military get its custom rootkits? It buys them and the 0-day exploits that deliver them;from private security firms.
- http://arstechnica.com/tech-policy/news/2011/02/black-ops-how-hbgary-wrote-backdoors-and-rootkits-for-the-government.ars/

CIA 175 Spying Technology Partners
- http://cryptome.org/0005/cia-iqt-spies.htm

Detecting and Removing Malicious Code | Symantec Connect Community
by Matthew Tanase Detecting and Removing Malicious Code by Matthew Tanase last updated July 22, 2002 Introduction Has it happened yet? The phone call, the e-mail, the page, or maybe you discovered it yourself.
- http://www.symantec.com/connect/articles/detecting-and-removing-malicious-code

Detecting Rootkits And Kernel-level Compromises In Linux | Symantec Connect Community
by Mariusz Burdach, This article is intended to outline useful ways of detecting hidden modifications to a Linux kernel.
- http://www.symantec.com/connect/articles/detecting-rootkits-and-kernel-level-compromises-linux

Encryption with KGpg
- http://doc.opensuse.org/documentation/html/openSUSE_113/opensuse-apps/cha.crypto.html

Encryption with Passwords and Encryption Keys
- http://doc.opensuse.org/documentation/html/openSUSE_113/opensuse-apps/cha.gnome.crypto.html

FileIntegrityAIDE - Community Ubuntu Documentation
- https://help.ubuntu.com/community/FileIntegrityAIDE

Find Hidden Processes and Ports [ Linux / Unix / Windows ]
Explains how to find out hidden TCP / UDP ports and processes under Linux, Unix, and Windows operating systems.
- http://www.cyberciti.biz/tips/linux-unix-windows-find-hidden-processes-tcp-udp-ports.html

Hacker Tools and their Signatures, Part Three: Rootkits | Symantec Connect Community
by Toby Miller Hacker Tools and their Signatures, Part Three: Rootkits by Toby Miller
This is the third installment of a series devoted to examining hacker tools and their signatures. In this installment we will be looking at some of the signatures related to the KOH rootkit.
- http://www.symantec.com/connect/articles/hacker-tools-and-their-signatures-part-three-rootkits

Host Integrity Monitoring: Best Practices for Deployment | Symantec Connect Community
by Brian Wotring Introduction There are now a number of commercial and open source solutions that can be used to effectively monitor the integrity of host environments.
- http://www.symantec.com/connect/articles/host-integrity-monitoring-best-practices-deployment

HowTo: AIDE: Advanced Intrusion Detection Environment
- http://www.debuntu.org/intrusion-detection-with-aide

How to: Detect ARP Spoofing under UNIX or Linux
Find out if there's a man in the middle posing as your server.
- http://www.cyberciti.biz/faq/how-to-detect-arp-spoofing-under-unix-or-linux/

How to disable loading of unnecessary kernel modules | Linux Poison
- http://linuxpoison.blogspot.com/2009/06/how-to-disable-loading-of-unnecessary.html

How to keep a detailed audit trail of whatâ€™s being done on your Linux systems
Howto log user activity using process accounting Process under Linux. Accounting allows you to keep detailed logs of every command a user runs, including CPU time and memory used.
- http://www.cyberciti.biz/tips/howto-log-user-activity-using-process-accounting.html

Howto: Linux add remove a Linux kernel modules / drivers
- http://www.cyberciti.biz/faq/add-remove-list-linux-kernel-modules/

Installing Tripwire on Ubuntu
- http://netwizards.co.uk/installing-tripwire-on-ubuntu/

Installing Ubuntu 10.10 with full disk encryption
- http://joernfranz.net/2011/01/20/installing-ubuntu-10-10-with-full-disk-encryption/

IP Spoofing: An Introduction | Symantec Connect Community
by Matthew Tanase IP Spoofing: An Introduction by Matthew Tanase
Criminals have long employed the tactic of masking their true identity, from disguises to aliases to caller-id blocking.
- http://www.symantec.com/connect/articles/ip-spoofing-introduction

Lest We Remember: Cold Boot Attacks on Encryption Keys Â» Center for Information Technology Policy at Princeton
- http://citp.princeton.edu/research/memory/

Linux Kernel Rootkits
- http://www.la-samhna.de/library/rootkits/index.html

Linux on-the-fly kernel patching without LKM
Phrack staff website.
- http://www.phrack.com/issues.html?issue=58&id=7#article

Manage Passwords, Encryption Keys, and More with Seahorse
Jack Wallen takes a look at Seahorse, a GUI tool for the Linux desktop to manage encryption keys, SSH keys, and passwords.
- https://www.linux.com/learn/tutorials/456149-manage-passwords-encryption-keys-and-more-with-seahorse

Mebromi: the first BIOS rootkit in the wild Â« Webroot Threat Blog
- http://blog.webroot.com/2011/09/13/mebromi-the-first-bios-rootkit-in-the-wild/

Modest Spec or Barebones Installation of Ubuntu
- http://www.psychocats.net/ubuntu/minimal

Article+PDF: Rootkits - Rootkits on a PCI Card?
- http://securitywatch.eweek.com/rootkits/rootkits_on_a_pci_card.html

Researchers: Rootkits headed for BIOS
UPDATE: Insider attacks and industrial espionage could become more stealthy by hiding code in the core system functions stored on the motherboard, researchers say.
- http://www.securityfocus.com/news/11372?ref=rss

Security - The Wireshark Wiki
- http://wiki.wireshark.org/Security

Setting Tripwire
How to Set up Tripwire, RedHat Linux
- http://www.alwanza.com/howTo/linux/tripwire.html

Industrial-strength Linux lockdown, Part 1
For technical and non-technical users alike, maintaining a large installed base of Linux machines can be a harrowing experience for an administrator. Technical users take advantage of Linux's extreme configurability to change everything to their liking, while non-technical users running amok within their own file systems. This tutorial is the first in a two-part series that shows you how and why to lock those machines down to streamline the associated support and administration processes. In this tutorial, you learn how to remove the interpreters from the installation base system.
- https://www.ibm.com/developerworks/linux/tutorials/l-lockdown1/

Industrial-strength Linux lockdown, Part 2
This tutorial, the second in a two-part series on locking your Linux machines down to streamline the associated support and administration processes, shows how to configure the Linux kernel to execute only signed binaries.
- https://www.ibm.com/developerworks/linux/tutorials/l-lockdown2/index.html

Snooping on Text by Listening to the Keyboard
- https://www.schneier.com/blog/archives/2005/09/snooping_on_tex.html

Articles and PDFs: Perception Warfare or War, Perceptual Conflict, Perception Space, Perception Operations, Perception Battlespace, P-Space
- http://www.au.af.mil/info-ops/perception.htm

The Mind Has No Firewall
- http://pastebin.com/JdkqxBAa

Tor + Polipo 5 Minute Install Guide Ubuntu 11.04/11.10
- https://dangertux.wordpress.com/tutorials/tor-polipo-5-minute-install-guide-ubuntu-11-0411-10/

Ubuntu how to faillog
- http://blog.bodhizazen.net/linux/ubuntu-how-to-faillog/

EncryptedPrivateDirectory - Ubuntu
- https://help.ubuntu.com/community/EncryptedPrivateDirectory

FTP Attack Case Study Part I: The Analysis
- http://www.linuxsecurity.com/content/view/117644/49/

GnuPrivacyGuardHowto / Ubuntu
- https://help.ubuntu.com/community/GnuPrivacyGuardHowto

Grsecurity/Appendix/Grsecurity and PaX Configuration Options
- https://secure.wikimedia.org/wikibooks/en/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options

Hacking Linux Exposed / The Hacking Linux Exposed Companion Website.
- http://www.hackinglinuxexposed.com/articles/

How to install Ubuntu 11.04 on an encrypted LVM file system
Ubuntu is one of many Linux distributions with support for LVM, the Linux Logical Volume Manager. LVM is a disk partitioning scheme that brings a level of flexibility to disk management that is not possible with the traditional method. With LVM, you can, if necessary, increase the size of a partition online, that is, while...
- http://www.linuxbsdos.com/2011/05/10/how-to-install-ubuntu-11-04-on-an-encrypted-lvm-file-system/

Linux Home Networking - Tutorials and Forums
Linux tutorials and forums covering many topics needed for certification exams and university courses. PDF text books also available.
- http://www.linuxhomenetworking.com/

Linux Assembly - information on assembly programming under UNIX-like operating systems (Linux/BSD/BeOS/etc) Linux Assembly: Linux/UNIX assembly language programming portal
- http://asm.sourceforge.net/

LinuxLogFiles / Ubuntu
- https://help.ubuntu.com/community/LinuxLogFiles

Logwatch / Ubuntu
- https://help.ubuntu.com/community/Logwatch

LPI 101 and 102 training manuals - Linux (PDF)
- http://www.ledge.co.za/software/lpinotes/

Monitoring your filesystem for unauthorised change / debian-administration.org
Tips for a Debian GNU/Linux System Administrator.
- http://www.debian-administration.org/articles/49

PLT redirection through shared object injection into a running process - CodeProjectÂ®
The first part of a two-part article which will illustrate how to redirect the PLT of a process through the injection of a shared object into its address space.; Author: Quake2th
- http://www.codeproject.com/KB/cpp/shared_object_injection_1.aspx#brief_elf_str_code1

StricterDefaults / Ubuntu
- https://help.ubuntu.com/community/StricterDefaults

The ELF Virus Writing HOWTO (Linux)
- http://virus.bartolich.at/virus-writing-HOWTO/_html/index.html

Wireless Ethernet Devices For Amateur Radio (AX.25 over Ethernet) (ftp/PDF)
- ftp://ftp.tapr.org/software_lib/ether/Ham_Ethernet_GBPPR.pdf

Why I hate Microsoft - A personal, lengthy, but highly articulate outburst
- http://www.vanwensveen.nl/rants/microsoft/IhateMS.html

2011 CWE/SANS Top 25 Most Dangerous Software Errors
- http://cwe.mitre.org/top25/
----------------------------------------

** 5003: Antivirus LiveCDs - boot and scan your system for malware

AVG Rescue LiveCD
Recover your data after your PC has been infected. Download AVG Rescue CD and start data recovery process. Free recovery software.
- http://www.avg.com/us-en/avg-rescue-cd-download

F-Secure Rescue CD / LiveCD
- http://www.f-secure.com/en/web/labs_global/removal/rescue-cd

Kaspersky Rescue Disk / LiveCD
- http://support.kaspersky.com/viruses/rescuedisk?level=2

Microsoft Standalone System Sweeper Beta | LiveCD
- https://connect.microsoft.com/systemsweeper

Windows Defender LiveCD
- http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
----------------------------------------

** 5004: Random Links

rose-exploit - Remote kernel exploit for ROSE amateur radio (code)
"This is an exploit for CVE-2011-1493, a remote stack overflow in the Linux implementation of the ROSE amateur radio protocol. THIS IS PROOF OF CONCEPT.It should work very reliably on the kernel I tested (Ubuntu Server 10.04), but I make no promises about other kernels. Obviously, any hard-coded addresses and offsets (in payload.h) must be adjusted for the targeted kernel."
- https://github.com/djrbliss/rose-exploit

Switzerland Network Testing Tool
# Is your ISP interfering with your BitTorrent connections? Cutting off your VOIP calls? Undermining the principles of network neutrality? In order to answer those questions, concerned Internet users need tools to test their Internet connections and gather evidence about ISP interference practices. After all, if it weren't for the testing efforts of Rob Topolski, the Associated Press, and EFF, Comcast would still be stone-walling about their now-infamous BitTorrent blocking efforts.
# Developed by the Electronic Frontier Foundation, Switzerland is an open source software tool for testing the integrity of data communications over networks, ISPs and firewalls. It will spot IP packets which are forged or modified between clients, inform you, and give you copies of the modified packets.
- https://www.eff.org/pages/switzerland-network-testing-tool

Ask Ubuntu - Ubuntu Q&A
- http://askubuntu.com/

OMG! Ubuntu! | Everything Ubuntu. Daily.
- http://www.omgubuntu.co.uk/

Trapkit.de
- http://trapkit.de/

InfoWorld.com
- https://www.infoworld.com/

RootzWiki is a community of Android enthusiasts, developers, themers, and experts. RootzWiki is formed by the community for the community. We pride ourselves on giving back to the people who make Android great: you. We regularly give phones to developers using a portion of the funds created by the advertisements you see here at RootzWiki. We do this to help ensure the Android world keeps on spinning. We love seeing all the amazing things that come from the community. You make this platform great. You make our phones great. We want to be your number one source for Android information, community, and, of course, free devices for developers.
- http://rootzwiki.com/

Beta Beat - tech blog
- http://www.betabeat.com/

BIOS Implementation Test Suite
- http://biosbits.org/

Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points.
- http://blackalchemy.to/project/fakeap/

bodhizazen's Ubuntu Blog
- http://blog.bodhizazen.net/

BorderFire Report - Reporting The Invasion of America
- http://borderfirereport.net/

BrickHouse Security | Home Security Camera Systems | GPS Surveillance
BrickHouse Security is the Global Leader in Home Security, Cameras for Covert Video Surveillance & GPS Tracking. Government-Grade Home Security, Wireless Cameras, & Spy GPS Products are Now Available To The Public
- http://www.brickhousesecurity.com/

Linux Man Pages
- http://linuxmanpages.com/

coreboot / BIOS related
- http://www.coreboot.org/

SeaBIOS @ coreboot
- http://www.coreboot.org/SeaBIOS

SeaBIOS
- http://www.seabios.org/SeaBIOS

Detecting Kernel Rootkits
- http://la-samhna.de/library/rootkits/detect.html

DNSCrypt
- https://www.opendns.com/technology/dnscrypt/

Dedoimedo offers detailed, step-by-step tutorials on a wide range of computer-related topics, including operating system installation guides and reviews, security tips and tricks, virtualization, general computing, and more, all accompanied by screenshots and tons of examples. There's something for everyone, from newbies to experts.
- http://dedoimedo.com/

I2P Anonymous Network
- http://www.i2p2.de/

Lynis - Security and system auditing tool for Linux
- http://www.rootkit.nl/projects/lynis.html

MI5 - The Security Service
The Security Service (MI5) is a British intelligence agency working to protect the UK's national security against threats such as terrorism and espionage.
- https://www.mi5.gov.uk/

Microsoft Safety Scanner
Do you think your PC has a virus? The Microsoft Safety Scanner is a free downloadable security tool that provides on-demand scanning and helps remove viruses, spyware, and other malicious software. It works with your existing antivirus software. Note: The Microsoft Safety Scanner expires 10 days after being downloaded. To rerun a scan with the latest anti-malware definitions, download and run the Microsoft Safety Scanner again.
Remove spyware, malware, viruses and other malicious software with this free Microsoft Safety Scanner for your PC.
- https://www.microsoft.com/security/scanner/en-us/default.aspx

msramdmp:
McGrew Security RAM Dumper Creating bootable USB drives for capturing the contents of memory
- http://www.mcgrewsecurity.com/tools/msramdmp/

nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format
Linux blog by Vivek - Includes news, help, tutorials, programming, tips and how-to guides for Linux, UNIX, and BSD.
- http://www.cyberciti.biz/

onPoint Tactical LLC - Legendary Skills for Today's Professional
onPoint Tactical offers superior training for military, law enforcement, and select professionals & civilians who require advanced outdoor skill sets to survive and thrive in today's demanding world.
- http://onpointtactical.com/

Prey Project: Open source anti-theft solution for your laptop, phone and tablet
Prey is a lightweight tracking software that helps you find, lock and recover your stuff if it's stolen or goes missing. For Mac, Windows, Linux, iPhone, iPad & Android.
- http://preyproject.com/

Qubes is an open source operating system designed to provide strong security for desktop computing. Qubes is based on Xen, X Window System, and Linux, and can run most Linux applications and utilize most of the Linux drivers. In the future it might also run Windows apps. by Joanna Rutkowska
- http://qubes-os.org/

Source Code Security Analyzers - SAMATE
- http://samate.nist.gov/index.php/Source_Code_Security_Analyzers.html

sslsniff
- http://www.thoughtcrime.org/software/sslsniff/

Taiwan spy agency denies magnetic attack
- http://pastebin.com/KNtCVkpN

TLD is an award-winning, real-time algorithm for tracking of unknown objects in video streams. The object of interest is defined by a bounding box in a single frame. TLD simultaneously Tracks the object, Learns its appearance and Detects it whenever it appears in the video. The result is a real-time tracking that typically improves over time. Due to its learning abilities, TLD has been advertised under name Predator
- http://info.ee.surrey.ac.uk/Personal/Z.Kalal/tld.html

Top Secret America | washingtonpost.com
Washington Post reporters Dana Priest and William M. Arkin's investigation of the government's response to 9/11. Top Secret America explores what they found.
- http://projects.washingtonpost.com/top-secret-america/

Tor Mail - free e-mail (not related to the Official Tor Project, requires Tor to access)
- Intro: http://tormail.net/
- Hidden Service: http://jhiwjjlqpyawmpjx.onion/

TRESOR Runs Encryption Securely Outside RAM | IT-Sicherheitsinfrastrukturen (Informatik 1)
- http://www1.informatik.uni-erlangen.de/tresor

Vigilant Citizen
- http://vigilantcitizen.com/

Vigilant Citizen Forums
- http://vigilantcitizen.com/vcboards/

VX32 Virtual Extension Environment
- http://pdos.csail.mit.edu/~baford/vm/

Mind Justice. A nonprofit 501(c)3 human rights group working for the rights and protections of mental integrity and freedom from new technologies and weapons which target the mind and nervous system. Formed to stop nonconsensual experimentation by the U.S. and other governments. Includes victims advocacy, research, legislative, legal and international remedies and public education.
- http://mindjustice.org/

bashoneliners.com, a place for practical or just pure awesome bash one-liners or shell script tips and tricks for GNU Linux, UNIX or BSD systems.
- http://www.bashoneliners.com/

Search Engine Land is a news and information site covering search engine marketing, searching issues and the search engine industry.
- http://searchengineland.com/

winsupersite.com / Microsoft Windows News
- http://www.winsupersite.com/
-- http://www.winsupersite.com/blogcontent/supersite-blog-39

----------------------------------------

** 5005: Security Blogs

SANS Computer Security News/Newsletters
- https://www.sans.org/newsletters/
-- https://www.sans.org/newsletters/#newsbites
-- https://www.sans.org/newsletters/#risk
-- https://www.sans.org/newsletters/#ouch

ReversingLabs has been founded with the goal to provide the best file analysis tools and the best software protection tools.  Our expertise in building superior software reversing tools, gives ReversingLabs a unique background for creating superior software protection tools. Reverse Engineering is an Art where the most complex protection schemas are the least publicly available. Our tools enable the security industry, governments and research institutions to rapidly and effectively reduce the spread of malware.
- http://blog.reversinglabs.com/

blog.zx2c4.com - The technical writings and blog of Jason A. Donenfeld, aka ZX2C4: Nerdling Sapple. Articles about coding, technology, programming, open source, kde, linux, kernel hacking, C, javascript, bash, and a modicum of other topics.
- http://blog.zx2c4.com/

Infosanity's Blog - Offensive and Defensive IT Security
- http://blog.infosanity.co.uk/

AppRiver Blog
- http://blogs.appriver.com/blog/appriver
-- http://blogs.appriver.com/

BrickHouse Security Blog (See Section 5004, company selling security products)
- http://blog.brickhousesecurity.com/

Dan Kaminsky's Blog (Or: The Blog Formerly Known As DoxPara Research)
- http://dankaminsky.com/

eweek.com - Security News
Network IT security hardware purchases can be costly...be sure to do your research with eWeek and get the Security you need. The latest IT security news, insight, analysis and product reviews covering network security, Anti Spam and Anti Virus. Coverage includes topics such as Network Access Control (NAC), botnets, phishing, wireless network security hardware, computer network security, data security, malware and the latest security trends.
- http://www.eweek.com/c/s/Security/

Mozilla Foundation Security Advisories
- https://www.mozilla.org/security/announce/

Security News @ Softpedia
- http://news.softpedia.com/cat/Security/

SurvivalBlog.com
- http://www.survivalblog.com/

The Security Ray - TSR | Hacking News| Security News| Hacker News| Tech News
The Ultimate Source Of Underground Hacking And Security News.All kinds of hacking news,tech news,security news,hackers news,hackers interview,hackers activities,security bug,vulnerability news,security patched news,exploit news,linux news is here.The full Cyber Space tech news security and hacking news is here
- http://www.security-ray.com/

The SSD Project | EFF Surveillance Self-Defense Project
- https://ssd.eff.org/

Webroot Threat Blog
- http://blog.webroot.com/

Network Tutorials, Server Tutorials, School For IT | SKULLBOX.NET
- http://www.skullbox.net/index.php

TheHiddenEvil.com - This website is devoted to explaining a global program of torture, murder & persecution which the webmaster calls the Hidden Evil. It includes a vast network of plain-clothed citizen informants, which is used for public stalking, & the use of Directed Energy Weapons on targeted individuals. All core factions of the community are involved, & everyone, from seniors to children, participates in Gang Stalking. Governments have used these groups in some form since the Roman Empire. The Hidden Evil is an example of this pattern repeating itself. (Book and Blog)
- http://thehiddenevil.com/

trapkit.de blog
- http://tk-blog.blogspot.com/

Denny's Blog
- http://polarwave.blogspot.com/

Captain Freedom's Blog - Blog about OpenBSD, network security, and cryptography
- http://www.capnfreedom.com/

shellguardians.com - When a shell is not enough
- http://www.shellguardians.com/

OpenDNS Blog - News & Notes from the OpenDNS team
- https://blog.opendns.com/

Trusteer Blog
- http://www.trusteer.com/blog
----------------------------------------

** 5006: Security Forums (Web based Discussion Forums)

Comodo.com forums
- http://forums.comodo.com/

Defense Forum - Military Defence Technology Air Force Army Navy
Global defence forum on topics for military aviation, air force, army, navy, missiles, defense technology, space and nuclear forces as well as post military pictures and videos. Discuss world security issues in areas such as war on terror, piracy and nuclear weapons threats.
- http://www.defencetalk.com/forums/

survivalistboards.com - Survival forum gear reviews self sufficiency disaster emergency preparedness primitive skills wilderness survival
- http://www.survivalistboards.com/
----------------------------------------

** 5007 : Security Magazines & Zines

SECUREVIEW is an electronic publication from Kaspersky Lab that provides information about all aspects of the IT security industry.
- http://secureviewmag.com/

HITB Quarterly Magazine / hackinthebox.org
- http://magazine.hackinthebox.org/

O'Reilly Commons - Free Linux Books
- http://commons.oreilly.com/wiki/index.php/O%27Reilly_Commons

ClubHACK - ClubHack decided to come up with its own 1st  Indian "Hacking" Magazine called CHmag
- http://chmag.in/
-- http://chmag.in/issue/all

Ubuntu Pocket Guide and Reference (PDF)
- http://ubuntupocketguide.com/index_main.html

----------------------------------------

This is the end of HUGE Security Resource - version 5000 - 03/06/12

We post this publication first at pastebin.com. Please stay tuned
for the next version of HUGE Security Resource. It's not the best
of names for a publication, but we're lazy, and this is free for
you. 
----------------------------------------
As the top of this version's post explains, the name of this updated
guide is now the above, but for reference we're displaying the previous
versions with the previous name:

(old) HUGE List of Security Blogs: Unix, Linux, Windows:

PART   #  URL                            Release Date
------ -  ---------------------------- - -------------
- part 1: http://pastebin.com/FwjBMJib - Dec 30th,2011
- part 2: http://pastebin.com/R9gpVemL - Jan 3rd, 2012
- part 3: http://pastebin.com/vgj3qKDW - Jan 3rd, 2012
- part 4: http://pastebin.com/F1JcZHLz - Jan 5th, 2012
------ -  ---------------------------- - -------------

             Thanks for reading!

Consideration #1: Are crossword puzzles and similar puzzles
published in print simply devices to alter the brain by
inserting carefully prepared words, phrases, and
numbers into your thought processes in order to trigger
or establish some type of action, or... connection.. to
something?

Consideration #2: What if all secret agencies were of one
accord spiritually, like in the paintings of dogs playing
poker, just using humanity to play out one big game of
destruction and domination with humans as the visible and
spiritual puppets?
===============================================================
Previous version, part 4:

(old) HUGE List of Security Blogs: Unix, Linux, Windows - Part 4

==> HUGE List of Security Blogs (Unix/Linux/Windows)        <==
==> all packed with superb information & updated frequently <==
          --> <Updated> [01/05/2012] <==

http://blogs.adobe.com/psirt/
http://anti-virus-rants.blogspot.com/
http://asert.arbornetworks.com/
http://blog.avast.com/
http://www.blackbag.nl/
http://www.bunniestudios.com/wordpress/
http://cansecwest.com/
http://carnal0wnage.attackresearch.com/
http://www.cerias.purdue.edu/site/blog
http://cerias.purdue.edu/site/blog/author/spaf
http://blogs.cisco.com/security
http://blog.clamav.net/
http://blog.commandlinekungfu.com/
http://computer.forensikblog.de/en/
http://www.cryptogon.com/
http://www.cryptome.org/
http://www.cutawaysecurity.com/blog/
http://cyb3rcrim3.blogspot.com/
http://garwarner.blogspot.com/
http://cyberspeak.libsyn.com/
http://ddanchev.blogspot.com/
http://darknet.org.uk/
http://darkreading.com/
http://www.thedarkvisitor.com/
http://blog.didierstevens.com/
http://digfor.blogspot.com/
http://edsmiley.com/
http://emergentchaos.com/
http://blog.emsisoft.com/
http://blog.eset.com/ 
http://fasthorizon.blogspot.com/
http://www.financialcryptography.com/
http://blog.fireeye.com/research
http://www.forensickb.com/
http://fraudwar.blogspot.com/
http://www.f-secure.com/weblog
http://blog.oxff.net/
http://gleeda.blogspot.com/
http://googleonlinesecurity.blogspot.com/
http://www.sophos.com/blogs/gc
http://grandstreamdreams.blogspot.com/
http://www.hackaday.com/
http://ha.ckers.org/blog
http://www.hexblog.com/
http://holisticinfosec.blogspot.com/
http://honeyblog.org/
http://www.h-online.com/security/
http://blogs.iss.net/
http://invisiblethings.org/
http://theinvisiblethings.blogspot.com/
http://jeremiahgrossman.blogspot.com/
http://krebsonsecurity.com/
http://www.l0t3k.org/en/
http://blog.layeredsec.com/
http://www.lightbluetouchpaper.org/
http://blog.trendmicro.com/
http://www.malwaredomainlist.com/
http://chargen.matasano.com/
http://www.avertlabs.com/research/blog/
http://blog.metasploit.com/
http://blogs.technet.com/mmpc/default.aspx
http://securityincite.com/blog/mike-rothman
http://www.milw0rm.com/
http://blog.mandiant.com/
http://www.offensivecomputing.net/
http://www.offensive-security.com/blog/
http://www.openrce.org/articles/
http://www.packetstormsecurity.org/
http://philosecurity.org/
http://praetorianprefect.com/
http://www.prevx.com/blog.asp
http://pseudo-flaw.net/log/
http://www.rationalsurvivability.com/blog/
http://rdist.root.org/
http://blogs.sans.org/
https://blogs.sans.org/computer-forensics/
http://www.schneier.com/blog
http://blog.zoller.lu/
http://www.fas.org/blog/secrecy/
http://www.secsocial.com/blog/
http://secunia.com/advisories/
http://www.securelist.com/en/weblog
http://blogs.securiteam.com/
http://blog.security4all.be/
http://securosis.com/blog
http://www.shmoocon.org/
http://www.shmoo.com/news/
http://blog.snort.org/
http://blog.stopbadware.org/
http://sunbeltblog.blogspot.com/
http://www.symantec.com/business/security_response/weblog/
http://taosecurity.blogspot.com/
http://www.teamfurry.com/wordpress/
http://blogs.technet.com/msrc/
http://blog.threatexpert.com/
http://threatpost.com/
http://blog.tsa.gov/
http://blog.uncommonsensesecurity.com/
http://volatility.tumblr.com/
http://securitylabs.websense.com/
http://windowsir.blogspot.com/
http://www.wired.com/threatlevel/
http://blogs.zdnet.com/security/
http://blog.zynamics.com/
http://www.afcea.org/signal/signalscape/
http://dhs-daily-report.blogspot.com/
https://blog.torproject.org/
http://www.securitywire.com/
http://pauldotcom.com/
http://www.exploit-db.com/
http://www.networkworld.com/topics/security.html
http://www.acunetix.com/blog/
http://www.allspammedup.com/
http://www.gfi.com/blog/
http://www.infosecblog.org/
http://www.techrepublic.com/blog/security
http://www.theemailadmin.com/
http://www.theregister.co.uk/security/
http://seclists.org/
http://www.afcea.org/signal/signalscape/
http://www.woodmann.com/forum/blog.php 
http://www.nsa.gov/
http://blogs.technet.com/b/sysinternals/
http://www.securityweek.com/
http://superantispyware.com/blog/
http://www.securitytracker.com/
http://spyblog.org.uk/
http://www.net-security.org/
http://news.cnet.com/security
http://www.fas.org/blog/ssp/

Project/Wiki:
Freedom Box: http://wiki.debian.org/freedombox 

http://blogs.pcmag.com/securitywatch/
http://labs.m86security.com/
http://www.irongeek.com/ 

http://rijmenants.blogspot.com/
Cipher Machines & Cryptology / Intelligence / Security
"Cipher machines & cryptology, history of Signals Intelligence and Communications Security, espionage and intelligence services, from WW2, over the Cold World era, to date."

http://blog.webroot.com/
http://crypto.stanford.edu/
https://ssd.eff.org/ 
http://publicintelligence.net/
http://www.wikileaks.org/
http://www.itstactical.com/ 
http://www.forensicswiki.org/
http://p4r4n0id.com/
http://cryptocomb.org/
http://anonymous.livelyblog.com/
https://trac.torproject.org/projects/tor/wiki
http://www.security-ray.com/
http://ticklethewire.com/
http://vulnfactory.org/blog/
https://psal.cs.drexel.edu/index.php/Main_Page
http://www.pgpboard.com/
https://yorkporc.wordpress.com/
http://www.catonmat.net/
http://www.heinz.cmu.edu/~acquisti/shb/participants.htm
http://www.cyberciti.biz/
http://www.omgubuntu.co.uk/
http://www.ledge.co.za/software/lpinotes/
http://inciweb.org/
https://www.ibm.com/developerworks/linux/
https://www.ibm.com/developerworks/topics/
https://www.ibm.com/developerworks/
https://www.ibm.com/developerworks/aix/library/
http://www.neowin.net/forum/topic/934274-freeware-alternative-list/
http://www.hackinglinuxexposed.com/articles/
http://dankaminsky.com/
http://blog.bodhizazen.net/
http://askubuntu.com/

-==> New Links below! 01/05/2012 <==-

http://computer-forensics.sans.org/blog
https://365.rsaconference.com/blogs/rsa-conference-blog
https://365.rsaconference.com/blogs/critical-infrastructure
https://365.rsaconference.com/blogs/ira-winkler
https://365.rsaconference.com/blogs/ediscovery
https://365.rsaconference.com/blogs/securityreading
https://365.rsaconference.com/blogs/fred-stock
http://securityblog.verizonbusiness.com/
http://www.flyingpenguin.com/
https://blog.whitehatsec.com/
http://robert.penz.name/
https://fightinginsecurity.wordpress.com/
http://www.cristoncox.com/
http://www.paranoidprose.com/
http://dvlabs.tippingpoint.com/blog/

"For those who are interested in mobile/wireless in general, and wireless LANs in particular, this page provides resource links about 802.11 and related security and mobility topics"
-- Lisa Phifer, Core Competence, Inc. 
http://www.corecom.com/html/wlan.html

http://www.wmarkbrooks.com/
https://www.veracode.com/blog/
http://devcentral.f5.com/weblogs/macvittie/Default.aspx
http://chuvakin.blogspot.com/
http://gigaom.com/cloud/
http://lastwatchdog.com/
http://www.cryptosmith.com/
http://blogs.verisign.com/innovation/
https://chainmailcheck.wordpress.com/
http://superconductor.voltage.com/
http://www.educatedguesswork.org/
https://techbuddha.wordpress.com/
http://www.scmagazine.com/the-data-breach-blog/section/1263/
https://www.brandenwilliams.com/blog/
http://infosecplace.com/blog/
http://www.thetechherald.com/security
http://www.clerkendweller.com/
http://blog.tenablesecurity.com/
http://coffeetocode.net/
http://technicalinfodotnet.blogspot.com/
http://www.teamshatter.com/
http://www.stratumsecurity.com/blog/
http://www.cgisecurity.com/
http://blog.spywareguide.com/
https://amtso.wordpress.com/
http://blog.spiderlabs.com/
https://gregness.wordpress.com/
http://daveshackleford.com/
https://marienfeldt.wordpress.com/
http://blog.rootshell.be/
http://www.thesecuritysamurai.com/
http://community.websense.com/blogs/securitylabs/default.aspx
http://securitybraindump.blogspot.com/
http://dsecrg.blogspot.com/
http://blog.c22.cc/
http://securityandrisk.blogspot.com/
http://www.social-engineer.org/framework/Social_Engineering_Framework
http://blog.gerhards.net/
http://www.paranoidprose.com/
http://www.sensepost.com/blog/
https://pinvoke.wordpress.com/
http://www.liquidmatrix.org/blog/
http://www.standalone-sysadmin.com/blog/
http://infolookup.securegossip.com/
http://blog.watchfire.com/wfblog/
http://www.frontlinesentinel.com/
http://elie.im/blog/
http://maliciousattacker.blogspot.com/

Most Powerful Voices in Security Who are the Top 25?
The Rest of the Top 100 -
* 100 security guru's listed with their Twitter pages
and personal/blog sites: (Sep. 8, 2011) Posted here as one
link rather than posting around 100 Twitter personal pages.
http://www.sys-con.com/node/1974029

- Publications:
http://bsdmag.org/
http://hakin9.org/
http://magazine.hackinthebox.org/
http://www.uninformed.org/
https://www.net-security.org/insecuremag.php

- Forums:
http://www.wilderssecurity.com/
http://www.wilderssecurity.com/showthread.php?t=242949
http://hardforum.com/showthread.php?t=781545
http://www.binrev.com/forums/
http://hak5.org/forums/