WSM Reference Guide - WatchGuard Technologies

Mailing ListsMailing Listswg-users@watchguard.comWatchGuard sponsors a listserv for our customers. For more information, see the TechnicalSupport chapter in the User Guide.firewall-wizards@nfr.netFirewall gurus from around the world discuss and answer all types of questions.Full DisclosureWhen Symantec bought Security Focus and its lists, suspicious security expersts and networkadministrators fled. Where did they go? Largely to FullDisclosure. Pros: Cannot be biased by anyvendor because it's completely unmoderated. First choice for posting latest discoveries bysome big-name researchers. Black-hat hackers like to harass this list, inadvertently providinguseful perspective on the "script kiddie" mindset. Con: Because it's unmoderated, this highvolumelist will drown you in 20 irrelevant flame-war e-mails for every on-topic comment. Net:You get what you pay for, and this list is free. Try it briefly to familiarize yourself with it, but useOutlook rules to divert Full Disclosure e-mails to a folder you can read at leisure.VulnWatch and VulnDiscussThese lists are, respectively, moderated and unmoderated. Pro: You can not only get securityadvisories from vendors, you can also see what the rest of the IT community thinks and feelsabout them. Con: Fairly large volume of highly technical alerts difficult for newcomers tounderstand. Net: While you wouldn't want this as your only source of security news, it providesa solid source for confirmation and alternate opinions on security trends.SecuniaPro: This list notifies on every vulnerability under the sun. Con: Secunia mostly reproducesvendor releases, without analysis or suggested remediation for IT beginners. And did I mentionthey report on everything under the sun? If you don't know Linux/Unix, you won't understand alot of the bulletins. Net: High volume, but all on topic (unlike FullDisclosure). Try it to see if it'sfor you.General IT and Security Web SitesFirst, a note to any intrepid beginner who is reading this: not all of these sites are sponsored by goodguys. Some of them post malicious code that hackers use. Do not download or execute anything you donot fully understand.WatchGuard Frequently Asked Questionswww.watchguard.com (Click Support, Log into LiveSecurityService, click Knowledge Base, clickFAQs)www.cerias.purdue.edu/The Center for Education and Research in Information Assurance and Security (CERIAS) iscurrently viewed as one of the world’s largest centers for research and education in areas ofinformation security that are crucial to the protection of critical computing and communicationinfrastructure. CERIAS is unique among such national centers in its multidisciplinary approachto the problems, ranging from purely technical issues (e.g., intrusion detection, networksecurity, etc.) to ethical, legal, educational, communicational, linguistic, and economic issues,and the subtle interactions and dependencies among them.Reference Guide 77