FIRST Security Reference Index
Also maintained by FIRST: the FIRST Best Practice Guide Library
The below list features common reference points for security best practices. This is not meant to be a definitive list but rather a way to present best practice web sites that have been helpful to the FIRST community.
Note: The Security Reference Index is based on references submitted by FIRST members.
FIRST members are strongly encouraged to click here if they know of possible additions to this page.
Caida Presentations
http://www.caida.org/outreach/presentations/
CERT Coordination Center
http://www.cert.org/nav/index_green.html
http://www.cert.org/octave/
http://www.cert.org/csirts/
Center for Internet Security Benchmarking tools
http://www.cisecurity.org/
Cisco's Safe Documentation
http://www.cisco.com/en/US/netsol/.../networking_solutions_package.html
Team Cymru Document List
http://www.cymru.com/Documents/index.html
Federal Agency Security Practices
http://csrc.nist.gov/fasp/
First
http://www.first.org/resources/guides
JANET
A Suggested Charter for System and Network Administrators
NSA Guides
http://www.nsa.gov/snac/
OWASP Guide to Building Secure Web Applications
http://www.owasp.org/documentation/guide/guide_downloads.html
Oreilly's Onlamp
http://www.onlamp.com/security/
Internet Security Alliance Common Sense Guides
http://www.isalliance.org
Microsoft Security Guidance Center
http://www.microsoft.com/security/guidance
Same site in Brazilian/Portuguese, French, German, Italian, Japanese, Korean,
Simplified Chinese, Spanish and Traditional Chinese
http://www.microsoft.com/security/guidance/worldwide
Microsoft TechNet Security Guidance
http://www.microsoft.com/technet/security/guidance/default.mspx
Nanog's Security Curriculum
http://www.nanog.org/ispsecurity.html
RFC 2350 - Expectations for Computer Security Incident Response
http://www.faqs.org/rfcs/rfc2350.html
RFC 2196 - Site Security Handbook
http://www.faqs.org/rfcs/rfc2196.html
RFC 2827 - Network Ingress Filtering
http://www.faqs.org/rfcs/rfc2827.html
RFC 2504 - Users' Security Handbook
http://www.faqs.org/rfcs/rfc2504.html
SANS Reading Room
http://www.sans.org/rr/
Sun blueprints
http://www.sun.com/blueprints/browsesubject.html
Sun System Administration Best practice
http://www.sun.com/bigadmin/features/articles/bestpractices.html
Acknowledgement
This is a collaborative effort from the FIRST community - moderated by Gavin Reid. Thanks for all the great suggestion and feedback.