Resources - websites
Analisis forense
Documentos, publicaciones
- A poor-man Tripwire-like system on Windows 9x-NT
- Agile Risk Management LLC - Research
- Análisis de LOGS. Elementos Básicos
- Cisco Router Forensics
- Computer Forensics
- Defeating Forensic Analysis on Unix
- Digital Evidence- Standards and Principles
- Evidence and the Internet
- Filesystems HOWTO
- Fingerprinting Port 80 Attacks, part I
- Fingerprinting Port 80 Attacks, part II
- Forensic Chain-of-Evidence Model
- Forensic Computing & Analysis
- Forensics and the GSM mobile telephone system
- IDS Logs in Forensics Investigations - An Analysis of a Compromised Honeypot
- International Journal of Digital Evidence (IJDE)
- Intruder Discovery - Tracking and Compromise Analysis
- Lecture Notes for Computer Forensics
- Lessons Learned Repository for Computer Forensics (A)
- Linux Data Hiding and Recovery
- Maintaining System Integrity During Forensics
- MFP- The Mobile Forensic Platform
- Practical Approaches to Recovering Encrypted Digital Evidence
- Recovering and Examining Computer Forensic Evidence
- rfc3227 - Guidelines for Evidence Collection and Archiving
- Searching and Seizing Computers and Obtaining Electronic Evidence in CI
- Secure Deletion of Data from Magnetic and Solid-State Memory
- Technology Pathways LLC - Computer Forensics, Digital Discovery, Audits, Lockdown, ProDiscover DFT
- Technology Pathways LLC - Computer Forensics
- Windows File Caching
Empresas
- Computer Forensics Inc.
- Control Risks Group
- CyberSecurity Institute
- Dark Arc Limited - Computer Forensic Investigations (Cracking Cybercrime)
- Evidence Matters Ltd.
- EvidentData - Computer Forensic Investigation and Support
- Inforenz Limited
- LC Technology International
- Mares and Company, LLC
- NTI New Technologies - Computer Forensics
- Paraben Computer Forensic Software
- Technical Security & Intelligence
- True North Research Home Page
- WetStone Technologies, Inc.
Formación
- Advanced Linux Forensics
- Carnegie Mellon SEI - Fundamentals of Incident Handling, and Advanced Incident Handling for Technical Staff
- Next Generation Data Forensics Using Linux
- ReDvolutiontm Technologies, LLC - Incident Response and Forensics
- SANSFIRE Track8 - LevelThree System Forensics, Investigation, and Response
Grupos de discusión, listas de correo
- Foro de Forensic Focus
- Foro de Linux forensics
- SecurityFocus - Forensics in Spanish Mailing List (Forensics-es)
- SecurityFocus - Forensics Mailing List (Forensics)
- Somoslopeor.com - Lista sobre Analisis Forense en castellano
Organismos, grupos
- Computer Forensics Tool Testing (CFTT)
- DFRWS Home Page
- Forensic Focus
- High Technology Crime Investigation (HTCIA) International
- National Software Reference Library (NSRL)
- NCIS Safekids!
Productos
Anti-forensics
- BestCrypt and BCWipe
- Cloak
- Conjunto de utilidades
- CryptoMite
- Cypherix - Cryptainer and SecureIT
- Darik's Boot and Nuke (DBAN)
- Darik's Boot and Nuke
- declasfy
- Disk Zapper
- ERASER - Secure Data Removal Tool
- Evidence Eliminator
- fwipe
- Grind
- Invisible Secrets
- official overwrite homepage
- Secure Delete (Object Media Free Software)
- secure delete (Project details)
- srm - secure file deletion
- Steganos
- Sysinternals Freeware - SDelete
- Tracks Eraser Pro
- Wipe
Hardware
- Guidance Software Inc. - Fastbloc
- ICS-IQ
- Paraben PDA Toolbox
- XQoS network analysis suite
Software
Bases de datos de 'hashes'
- HashKeeper
- KnownGoods Database
- RootkID
Recuperación de datos
- Advanced Zip Repair - Repair corrupt Zip and SFX files
- CD and Floppy Disk Recovery Software By Jufsoft (Badcopy & DocRepair)
- Data Recovery Software and File Recovery tools
- EasyRecovery DataRecovery - Ontrack Data Recovery Products
- File Recover - Data recover tool for Windows
- File Scavenger - File undelete and disk data recovery tool for NTFS volumes on Windows
- FINALDATA, Data Recovery Software
- GetDataBack - Data Recovery Software for Windows
- IsoBuster, Ultimate CD-DVD Recovery tool
- Passware Password Recovery Kit
- PCinspector Data Recovery
- Recover4all - Undeleting files under Windows
- Restorer2000 - Undelete data from FAT.NTFS file systems.
- UNERASER. Data Recovery Software. Undelete Utility NTFS FAT32
Toolkits
- Computer Forensics - DIBS USA Inc.
- Forensic Acquisition Utilities
- Forensic Toolkit
- Guidance Software Inc. - EnCase
- Knoppix STD
- KNOPPIX
- Penguin Sleuth Kit Bootable CD
- Portable Linux Auditing CD
- SMART
- Snarl
Utilidades y herramientas
- AnaDisk Diskette Analysis Tool
- Autoclave - Secure Disk Deletion
- Autopsy Forensic Browser
- ByteBack III
- CD-DVD Diagnostic
- chkrootkit
- Digital Detective
- dtSearch
- ERASER - Secure Data Removal Tool
- F.I.R.E. Forensic and Incident Response Environment Bootable CD
- Fdutils
- FILExt - The File Extension Source
- FLAG - Forensic and Log Analysis GUI
- Foremost
- Foundstone, Inc.(r) - Forensics tools
- Free Secure File - Disk Deletion Tools
- gpart
- Hackman
- hasher.pl
- Hex Workshop
- History Reader for IE 5.x and 6.x
- IDA Pro Disassembler
- InstallWatch
- KaZAlyser
- mac-robber
- md5deep
- Mount Image Pro. Mount EnCase,DD images
- NTI Software Tools
- Offline NT pw & reg-editor, bootdisk
- OllyDbg v1.09
- Omniquad Detective
- Open Source Digital Forensics Analysis Tools
- Paraben Computer Forensic Software
- Parted - GNU Project
- PDWipe
- PMDump
- Power Controls
- PyFlag- Python Forensic and Log Analysis GUI
- RDA - Remote Data Acquisition utility
- SomarSoft Utilities
- Sysinternals - PsTools
- TCTUTILs (TCT add-on)
- The Programmer's File Format Collection
- The Sleuth Kit
- Windows Secret Explorer
- WinHex Hex Editor, Disk Editor, RAM Editor
Técnicas y metodología
- Digital (Computer) Forensics Tool Testing Images
- Electronic Crime Scene Investigation, A Guide for First Responders
- Incident Response, Computer Forensic Analysis, and Electronic Investigations
- LogAnalysis.Org
- Scan of the month 15
- Scan of the month 24
- Scan of the month 26
- Scan of the month 29
- Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations (July 2002)
- The Forensic Challenge
- US Department of Energy's First Responder's Manual
Varios
- @stake Forensic Research Tools
- Alphabetical List of Computer Forensics Products
- carrier Digital Forensics
- CERIAS - Digital Forensics Resources
- Computer Forensic Analysis
- Computer Forensics, Cybercrime and Steganography Resources
- E-Evidence Information Center - Home
- Law Enforcement Reference Links
- TUCOFS - The Ultimate Collection of Forensic Software
- Zeno's Forensic Science Site
Documentos
- GIAC Global Information Assurance Certification - Listing of Certified Students
- SANS InfoSec Reading Room - Security White Papers
- SecurityFocus ONLINE Library Archive
- Seguridad de Computadoras Domesticas
- Strange Attractors and TCP-IP Sequence Number Analysis - One Year Later
- [lcamtuf.coredump.cx]
Fingerprinting
- Insecure.org - nmap
- Sys-Security.com
- [the new p0f]
IDS
Anti-IDS
- A look at whisker's anti-IDS tactics
- Anti-IDS tools and tactics
- Defeating Sniffers and Intrusion Detection Systems
- fragroute - IDS evasion tool
- Ptacek, Thomas H. and T. Newsham. Insertions, Evasion, and Denial of Service; Eluding Network Intrusion Detection
- SANS Intrusion Detection FAQ How does Fragroute evade NIDS detection
Documentos
- ACSAC 2001 (www.acsac.org) Implementing the Intrusion Detection Exchange Protocol
- Bace, Rebecca, Peter Mell. ICSA Labs. An Introduction to Intrusion Detection And Assessment.
- Bace, Rebecca. NIST Special Publication on Intrusion Detection Systems. 1999.
- Enterasys Intrusion Detection White Papers
- Kruegel, Christopher, Thomas Toth and Engin Kirda. Service Specific Anomaly Detection for Network Intrusion Detection. Symposium on Applied Computing (SAC), ACM Digital Library, Spain, March 2002.
- Lee, Wenke, Sal. Stolfo, and Kui Mok. A Data Mining Framework for Building Intrusion Detection Models. Proceedings of the 1999 IEEE Symposium on Security and Privacy, Oakland, CA, May 1999.
- Ranum, Marcus J. ICSA Labs IDSC. False Positives, a User's Guide to Making Sense of IDS Alarms. Febrero, 2003.
Empresas
- Bindview Development
- Counterpane Systems
- EnGarde Systems
- Enterasys Networks
- Internet Security Systems
- Intrusion Detection Cybersafe
- Network Associates
- RSA Security Inc.
- Sourcefire - Network Security
- TENABLE - Vulnerability Management and Intrusion Detection
- TruSecure Corporation
Escáners de vulnerabilidad
- Cerberus' Internet Scanner
- eEye Digital Security - Retina
- Nessus PHP Interface
- Nessus
- Nikto
- SAINT
- CORE IMPACT
Grupos de discusión, listas de correo
- SecurityFocus - IDS Mailing List (Focus-ids)
Honeypots
Grupos de discusión, listas de correo
- SecurityFocus - Honeypots Mailing List (Honeypots)
- Honeynet in Spanish (HIS)
- Honeypots, Intrusion Detection, Incident Response
- Honeypots, Tracking Hackers
- Tactical Honeypot Deployment Project
- The Honeynet Project
Utilidades, herramientas
- Honey-Potter
Organizaciones
- Common Intrusion Detection Framework (CIDF)
- Intrusion Detection Systems Consortium (IDSC)
- Intrusion Detection Working Group (IDWG)
Productos, desarrollo
- Agnitum - Outpost Firewall
- AIDE - Advanced Intrusion Detection Environment
- Analysis Console for Intrusion Databases (ACID)
- BlackICE
- Bro
- Engage Security - IDScenter
- Enterasys - Dragon Intrusion Detection System
- Firewall Tester
- Foundstone, Inc.(R) - ID Tools
- FTimes
- GFI LANGuard SELM
- GFI LanGuard SIM
- IDSwakeup
- ImSafe
- Integrit File Verification System
- Intrusion Inc. - NIDS
- Ionx - Data Sentinel
- NIDES
- NIDSbench
- OSIRIS
- Portcullis Computer Security Ltd. - Dragon Intrusion Detection System
- Prelude
- Psionic Tools (hostsentry,logcheck,logsentry,portsentry)
- Snort GUI for Lamerz [sguil]
- Snort
- SRI International
- Symantec - Manhunt
- Tiger - The UNIX Security audit and intrusion detection tool
- Tripwire - Comercial
- Tripwire - Open Source
- Trustcorps - TRUSHIELD
- Veracity
- VisualZone Report Utility for ZoneAlarm and ZoneAlarm Pro
- FCheck
Varios
- IDS FAQ
- Intrusion Detection Links
- Intrusion Detection System
- Intrusion Detection Systems List and Bibliography
- Michael Sobirey's Intrusion Detection Systems page
- SANS InfoSec Reading Room - Intrusion Detection
- SANS Institute Intrusion Detection FAQ
- SecurityFocus IDS
- Talisker's Intrusion Detection System List
- Web personal de Wenke Lee
Normativa legal y entidades oficiales
- Abogados Portaley.com
- Bufete Almeida
- CPN - Brigada de Investigacion Tecnologica
- Delitos Informaticos
- Derecho de Internet - El Derecho de la Red de redes
- Guardia Civil - Grupo de Delitos Telematicos
Organizaciones - Empresas
- Advanced Computing Systems Association
- Association for Computing Machinery
- Computer Security Institute
- Information Systems Audit and Control Association (ISACA)
- Institute of Electrical and Electronic Engineers (IEEE)
- International Association for Computer Information Systems (IACIS)
- International Information Systems Security Association (ISSA)
- International Information Systems Security Certification Consortium (ISCC)
- Internet Engineering Task Force (IETF)
- Internet Society
- San Diego Data Cabling
Portales de seguridad
- Antionline
- Center for Education and Research in Information Assurance and Security, Purdue University
- EnGarde System's Secure Zone
- Hacking and Hackers - Computer Security Programs Downloading Search Engines Portal News
- National Institute of Standards and Technology Computer Security Resource Clearinghouse
- System Administration, Networking, and Security Institute (SANS)
- Gray-World.net Team
Vulnerabilidades
- @RISK Online - nessQuick
- @stake, Inc.
- CERT Coordination Center, Carnegie Mellon University
- Common Vulnerabilites and Exposures (CVE)
- Computer Security News Daily
- CriptoRed
- DShield - Distributed Intrusion Detection System
- esCERT
- Internet Security Systems's Xforce vulnerability database
- IrisCERT
- NT-Bugtraq
- Security Focus (Bugtraq, IDS, y otros foros de discusion)