Solved

Active mailing lists / forums for IT security vulnerabilities discussion

Posted on 2014-01-12
3
397 Views
Last Modified: 2014-01-17
I often need to assess vulnerabilities relating to
a) OS (Windows, Redhat Linux & a bit of Solaris x86) &
b) MS Products (Sharepoint, IIS, clustering, .Net Framework, HL7, SQL etc),
c) VMWare products (cloud environment, ESXi, vCenter, vCloud  Director, vShield etc) & 

their relevance/risk level/applicability & the patches/fixes/workarounds needed
in our cloud.  I have to complete the assessments within 3-6 hours.

What are some of the active mailing lists & forums that cover
these topics  that I can raise clarifications & get good & fast
responses?  

Pls indicate those where the responses are publicly viewable & those
that are not.

I may raise clarifications relating to malicious Content issues (iVPN-1
NGX R62),  cross-site scripting, Tipping Point IPS/IDS scanning/
signatures, antivirus (TrendMicro that does deep scans) & various
PenTests / scanning.
0
Comment
Question by:sunhux
3 Comments
 

Author Comment

by:sunhux
ID: 39776408
including DOS, DDOS/Botnet, application blacklisting/greylisting, SYN flooding,
Trojan as well
0
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 150 total points
ID: 39777621
One large security forum is governmentsecurity.org.   Go to the site below:

http://www.governmentsecurity.org/forum/

Also, go to ZDNet and sign up for a selection of newsletters. They often cover security issues and keeps readers apprised of security patches coming up.

Less so, but still valuable is Information Week Daily.

.... Thinkpads_User
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 350 total points
ID: 39777666
Seclists http://seclists.org/
exploit-db.com http://www.exploit-db.com/
https://isc.sans.edu/diary.html
http://secunia.com/resources/reports/

These are most of the resources I check daily or have a subscription to. Slashdot, ArsTechnica and many AV blogs are useful as well
http://nakedsecurity.sophos.com/
http://krebsonsecurity.com/
http://www.wired.com/threatlevel/
http://www.darkreading.com/
http://arstechnica.com/
-rich
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Palo Alto Networks - find the sec zone 3 65
Guest Wireless in a Business Environment 6 97
ASP server side get value 15 38
SAP HANA vulnerability threat report. 2 26
Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question