Patching resources

Microsoft never sends notices about security updates until after the company has published information about the notices on its Web site. If you are ever in doubt about the authenticity of a Microsoft Security Bulletin notice, check TechNet to see if the bulletin is listed there (if it is not, you have reason to be suspicious).

Security information resources

The following list represents some of the best resources available for learning about computer security and implementing solutions for developing secure environments.

Web sites

Microsoft's Security Web site is Microsoft's front page for linking to all the information about Microsoft security topics. The page shows the current security activity as well as the most current articles.

Microsoft's Security Bulletin Search; select the product/technology and service pack you are running to view the security bulletins that are available for your system.

Microsoft's Security Bulletin Notification Service is a free e-mail notification service that Microsoft uses to send information to customers about the security of Microsoft products. The goal of this service is to provide customers with accurate information that they can use to inform and protect themselves from malicious attacks.

Report Microsoft Security Vulnerabilities; the Microsoft Security Response Center investigates all reports of security vulnerabilities affecting Microsoft products. If you think you have found a security vulnerability that affects a Microsoft product, contact the company.

Microsoft's Virus Alerts lists current Microsoft Product Support Security Response Team virus alerts, with the most recent alerts listed at the top. For technical details, impact, prevention and recovery information, you click the link for the virus alert you are interested in. You can call (866) PC SAFETY for free virus and security patch related support in the United States and Canada, from Microsoft.

Secunia, a leading provider of IT-security services, provides information for multi-platform security.

Cert.org is a center of Internet security expertise. CERT is located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.

Reporting security incidents to government authorities The FBI encourages the public to report any suspected violations of United States federal law. Never think that your security incident is insignificant. Your incident might be part of a larger attack or the beginning of a larger attack. You can find your local FBI Field Division information here.

Security training

Microsoft Security Training

SANS Institute

MIS Training Institute

Antivirus applications

Command AntiVirus is available in useful 30-day trial versions for Windows, Linux, Netware, DOS, Exchange and Lotus Notes

eSafe is antivirus software for Windows 95/98/NT/2000/XP

InVircible detects viruses, worms, Trojan Horses, hacking tools, backdoors and so on without needing a virus-pattern database

Solo detects and removes viruses; the system integrity checker protects against Internet worms, backdoor programs, malicious VB and Java scripts

McAfee offers 30-day antivirus software evaluation versions

NOD32 is available in 25-day antivirus evaluation versions; the program is smaller than 2MB in size, contains an active virus monitor, POP3 scanner and on-demand scanner

Protector PLUS offers 30-day antivirus software evaluation versions for Windows, DOS and NetWare

QuickHeal offers 30-day antivirus software evaluation versions

Kaspersky provides useful trial versions for Linux, DOS and Windows that offer real-time protection against Trojan Horses, backdoors, logic bombs, macro viruses and so on

Norman has antivirus and firewall trial versions for Windows, Linux, Novell and OS/2

Norton Anti Virus offers trial versions

Panda Software provides antivirus software trial versions

Sophos offers antivirus software trial versions

Free antivirus applications

AnalogX protects against script viruses (those viruses that use, for example, Visual Basic Script or Java Script) and gives a warning when scripts are executed

Antidote Super Lite version is a freeware lite version of the commercial Antidote program; this version utilizes the same virus database as the commercial version

Anti-vir is free antivirus software for Windows that detects and removes more than 50,000 viruses; free support

Avast! offers an antivirus program for Windows 9x/Me/NT/2000/XP; the home edition is free for noncommercial users

AVG Free edition is a free antivirus program for Windows

BitDefender provides freeware virus scanners for Linux, MS Dos, Palm, Windows CE, ICQ and Messenger

Bootminderprevents infection from boot-viruses through floppies

Clamb av is a GPL antivirus toolkit for UNIX; the main purpose of this software is the integration with mail servers (attachment scanning); the package provides a flexible and scalable multi-threaded daemon, a command-line scanner and a tool for automatic updating via the Internet

FProt is free antivirus software for Linux, FreeBSD and DOS (personal use); there is an evaluation version for Windows

HandyBits is free for personal use; after performing an auto-search for installed virus scanners, this tool will scan your files using all found installed virus scanners, which is useful functionality -- some antiviral programs are good for only one type of virus

VCatch is a free virus scanner for Windows that includes e-mail protection and protection while browsing the Web

Online virus scanners

If you need to scan a system without loading antivirus software or you need remote workers to verify their systems' security, use an online virus scanner

BitDefender

Command on Demand

Kaspersky

Panda Software

PCPitStop

RAV

Symantec Security Check

Trend Micro

Spyware/adware detection and removal applications

AdAware

Spybot Search and Destroy

E-mail discussion lists

PatchManagement.org's list is the industry's first discussion list dedicated to discussing security patch management topics. This list discusses the how-to's and why's of security patch management across a broad spectrum of OSs, applications and network devices. This list is meant as an aid to network and systems administrators and security professionals who are responsible for maintaining the security posture of their hosts and applications.

myITforum's AntiVirus list is an unmoderated list that promotes community discussions for antivirus products for support and review and current virus reports. The list also has a companion Web forum.

NTBugTraq is a mailing list for the discussion of security exploits and security bugs in NT, Win2K and Windows XP plus related applications; NTBugTraq is heavily moderated.

SecurityFocus' BugTraq is a mailing list denoting security exploits and bugs covering multi-platform environments and OSs.

Microsoft security newsgroups

You can get help and answer the questions posed by others in the following Microsoft security newsgroups.

General Security; News Reader version

Security HfNetChk; News Reader version

Security MBSA; News Reader version

Security Toolkit; News Reader version

Security Virus; News Reader version

If you're concerned with your privacy when posting to newsgroups, employ the following suggestions:

Use a modified email address -- Use a different version of your e-mail address that others will understand but that spam tools can't automatically pick up and add to their mailing lists. For example, if your actual email address is emailname@account.com, use emailname(removethis)@account.com as your modified email address.

Use a secondary email account -- Set up and use an e-mail account through providers such as Hotmail or Yahoo that is separate from your primary account. Use this account for posting to discussion groups.