Computer Admin, Security and Programming Links

Home ~ Not So Geeky Links

Security, Programming, Geeky Links

Ross Anderson's Security Engineering book now free online. "If you're even thinking of doing any security engineering, you need to read this book" --Bruce Schneier

webcast.Berkeley.edu/courses ~ MIT's OpenCourseWare ~ eBookSpyder ~ Syntax across languages

TrID - File Identifier utility identifies file types from their binary signatures. (Win32 and Linux/x86)

Intel Microcode Update Utility for Linux patches CPU bugs ~ Intel microcode reliability update for Windows.

Secunia Software Inspector and Secunia PSI (Personal Software Inspector; stand-alone for Windows; scans more programs) scans for insecure versions and missing security updates.

FAQ: Alternate Data Streams in NTFS and LADS (List Alternate Data Streams) utility. ~ Alternate Data Streams in the \Queue Directory (C:\NTFS_0ec25fe701c4120a00000001.EML:PROPERTIES-LIVE) ~ ADS Spy view or delete Alternate Data Streams (ADS) on Windows 2000/XP

TestDriven.NET Visual Studio add-in (homepage has links to NCover, NCoverExplorer, Reflector, TypeMock, dotTrace, NUnit, MbUnit, ZaneBug, MSBee & Team System; TestDrive even works in Microsoft's free Visual Studio Express Edition via Properties window.)

Anti-Spyware / Malware / Adware : Orbitech Hazard Shield ~ Tenebril's SpyCatcher Express ~ Spybot Search & Destroy (alternate link) ~ LavasoftUSA's Ad-aware (alternate link#1) (alternate link#2).
Webroot Spy Sweeper ~ PC Tools' Spyware Doctor (pay to remove detected malware) ~ Spyware Terminator ~ ZeroSpyware
Bazooka Adware and Spyware Scanner (free) ~ SynergeticSoft Spyware and Adware Removal (5 day trial; $30).
PestPatrol (free PestScan) ~ Anonymyzer's Spyware Killer (featured at ZoneLabs) ~ McAfee AntiSpyware (free 5-day version after registration).
HijackThis (HJT) continually updated to detect and remove new hijacks. Sumbit reports to the auto webform at hjt.networktechs.com or forums for analysis.
Trend Micro Anti-Spyware and CWShredder (formerly maintained by Merijn.org of HiJackThis fame; maintained by InterMute starting October 19, 2004 and then Trend Micro acquired Intermute).
Andrew Aronoff's Silent Runners to list executibles in all ASEP's (auto-start entry points) and his CoolWebSearch (CWS) Removal Procedure.
DiamondCS Autostart Viewer ~ Sysinternals Autoruns ~ Windows Startup Inspector and Startup Application knowledge Base ~ WhatsRunning.net ~ Pacs-Portal Startup Applications ~ Sysinfo.org Search CLSID (BHO) or Pacman list. ~ Uniblue Systems WinTasks Process Library and Process Scanner.
A huge list of rogue/suspect "spyware removal" programs to avoid.
Benjamin Edelman's New and Notable spyware company news

Anti-Virus : AV-Test.org test A/V, anti-spyware and personal fireware software. ~ AV Comparatives ~ AntiVirus Performance Statistics ~ Virus Buletin VB100 award ~ ICSA Labs
GFI Email Security Testing Zone sends specified detection tests to your email address.
Virustotal upload a file to have it scanned by 30+ virus engines. ~ Jotti scans with 15 virus engines ~ Threat Expert click "Submit Sample"
Clam AntiVirus (submit samples) and their ClamAV for Windows (may require pthreads-win32 .dll) (if no longer maintained, see ClamAV for Windows from hideout.ath.cx) ~ ClamAV/SOSDG For Windows (includes and runs within Cygwin)
CA's eTrust EZ Antivirus free for 1 year. ~ F-Secure Anti-Virus free for 6 months.
Web-based online scanners: Trend Micro's HouseCall ActiveX web-based scanner (Java version) ~ Symantec Security Check ~ McAfee freescan ~ Panda ActiveScan
Not free: GFI MailSecurity for Exchange/SMTP. ~ Trend Micro Internet Gateway Products and Email/Groupware Products. ~ Symantec ~ McAfee (AKA NAI, Network Associates). ~ Sybari (Microsoft acquired February 2005). ~ NOD32 Antivirus System "the world leader of the Virus Bulletin 100% Awards having won more awards (23) than any competing product." ~ NORMAN ~ BitDefender (BitDefender for ISA 2004 "worked flawlessly"-Peter Lawton).
Trend Micro Damage Cleanup Engine/Template ~ Network Associates/McAfee AVERT Stinger ~ Symantec (Norton A/V) Security Response Removal Tools.
Symantec's Norton Removal Tool

Content Filters : mod_dnsbl apache module ~ Websense Web, E-mail and/or Instant Messaging filtering for a firewall (such as WatchGuard) or Servers. (Websense acquired SurfControl October 2007) ~ ContentWatch ContectProtect ~ Secure Computing's SmartFilter (Oct 2003: merged with N2H2's Bess and Sentian. Jan 2006: merged with CyberGuard's Webwasher URL Filter) and Webwasher SCM Suite (URL filter, A/V, anti-spam, SSL scanner, etc.)
Client-side Proxies : Proxomitron web filtering proxy server or the open-source "clone" Proximodo ~ Internet JunkBuster Proxy and Guidescope
Website proxies (to bypass local firewall restrictions) : Box of Prox.

DNS Poisoning / Anti-Pharming : NGSEC's AntiPharming denies users (even Administrator) to write to the Hosts file or change DNS settings; monitors DNS replies (TCP and UDP) and compares results with multiple secure name servers.
Ketil Froyn's DNS Poisoning via trusting unsecure response DNS cache poisoining.
Microsoft's Description of the DNS Server Secure Cache Against Pollution setting and How to prevent DNS cache pollution.
NGS Gunter Ollman's The Pharming Guide Understanding & Preventing DNS-Related Attacks by Phishers (PDF)

KeyLogger Detectors : KL-Detector or SnoopFree Privacy Shield (both free) or PrivacyKeyboard ($60) offer strong protection against software and hardware keyloggers; no spyware database to update and no scanning time necessary.

Anti-trojan Programs : TrojanHunter highly rated. ~ AVG Anti-Spyware (formerly ewido security suite) ~ BOClean ~ Online-Armor.

Malware Behavior-based Blocker : Panda Software TruPrevent. ~ StarForce Safe’n’Sec ~ Prevx1 (free for home use) or the old Prevx 2.1 freeware.
DiamondCS Process Guard "the only program available that can actually prevent the installation and infection of all known rootkit stealth trojans." (v3.2)

Rootkits : Review: Six Rootkit Detectors Protect Your System
(Rename the following executibles with random names before running them in case the installed rootkits detect default names)
McAfee Rootkit Detective ~ Microsoft Research Strider GhostBuster Rootkit Detection. (Compares all-file list inside infected Windows with the list from a clean WinPE CD to detect diffences: hidden spyware files and the size increases of keylogger data files)
Antirootkit.com's List of Rootkit Detection & Removal Software ~ Sysinternals RootkitRevealer can also find an installed ROOTKIT such as YYT_HAC or Hacker Defender or NTIllusion (Phrack 62) which requires only a non-Administrator, limited user account. ~ Joanna Rutkowska's invisiblethings.org scanning utilities ~ F-Secure BlackLight Rootkit Elimination Technology. ~ Xfocus Team IceSword anti-rookit tool. ~ GMER (freeware; Poland; similar to RootkitRevealer and Sysinternals Process Explorer) ~ DarkSpy Anti-Rootkit ~ iDEFENSE Labs HookExplorer ~ BitDefender RootkitUncover.
FAQ: Alternate Data Streams in NTFS
Rootkits : Subverting the Windows Kernel (Paperback) by Greg Hoglund and Jamie Butler.

Microsoft Windows Security : 1-866-PC-Safety to reach Microsoft's Product Support Services in the U.S. (other countries) No charge for support calls associated with security updates.
Microsoft Update (replaces Windows Update but doesn't include Office Update). IE with Administrator rights and ActiveX still required. ~ How to read the Windowsupdate.log file.
TheHotfixShare.net share hotfixes.
How to install multiple Windows updates or hotfixes with only one reboot.
How to prevent re-prompting "Do you want to restart now or later?" after installing an Automatic Update on Windows XP. (Email me if you know how to do this on Windows 2000.)
Windows XP installation guide Creating a custom install CD ~ RyanVM's MSFN Files Page single download for XP Post-SP2 updates.
WinUpdatesList displays the list of all Windows updates and files updated by hotfixes; list can be copied to clipboard.
Profile and Subscription Center Manage how Microsoft communicates with you and select from available notifications, newsletters and alerts. ~ Microsoft Baseline Security Analyzer (MBSA v2.0.1) and Extended Security Update Inventory Tool and Security Guidance Kit v1.0.
HappyTech.net's Microsoft Security Bulletin Checklists
Game XP optimize the performance of Windowx XP for gaming speed.
PivX PreEmpt (replaces their Qwik-Fix) Critical fixes and preventative maintenance for Internet Explorer to protect against future security vulnerabilites.
Javacool Software's Spyware Blaster, Doc Scrubber, MRU-Blaster, Spyware Guard, Windows Media Player Scripting Fix, etc.
Black Viper's Windows Services to safely set to Manual or Disabled.
Frank's lists of Windows 2000 Services to Disable and Windows XP SP2 Services to Disable.
SpeedyVista.com for Windows Vista services.
WinPatrol highly rated.
MVPs.org - Blocking dangerous websites with a Hosts file (linux update script) and hpguru's Hosts file (also for Mac OS) and Peter Lowe's YoYo AdServers HOSTS and Mike's Ad Blocking Hosts file. Auto-update from multiple sources, delete dupes, enable/disble: HostsMan for Windows.
Spyware Guide sets the Registry killbit for all bad ActiveX controls.
Eric L. Howes Privacy and Security Page IE-SPYAD, AGNIS, etc.
Mobo's Window clinic
deepFreeze to restore Windows to a preset Windows configuration during each reboot. Good for classroom labs. Compare with Microsoft's SteadyState for Windows XP
Windows XP Network Diagnostic Tool ~ Counterexploitation LSPFix Repairs Winsock 2 settings caused by buggy or improperly-removed Layered Service Provider software that result in loss of Internet access. ~ Dial-a-fix (DAF) repairs common Windows issues such as Windows Update, SSL, Microsoft Installer, etc.
sudowin sudo for Windows (SANS whitepaper states this is better than suDown (though it doesn't require .NET Framework), MakeMeAdmin, WinSUDO and SUperior SU.)
AMUST 1-Defender 2.0 free; allows users with administrative rights to run IE, Outlook, and Messenger with Least Privileged User Account (LUA).
Thierry Zoller's Secure-it (download from here) (Also Sniff-em, Purge-it and Harden-it) Secure/harden Windows. Includes MSDN's DropMyRights to run IE and OE without Administrator privileges. See also MakeMeAdmin.
Desktop Standard's PolicyMaker Application Security to specify specific (legacy) applications that can run with administrator rights while signed in to Windows with a Limited/Restricted User Account. Try it if the following doesn't work: Add the User's account to have full control of the program's installation folder (usually located under Program Files) and/or to the program's branch in the Registry.
Windows XP: Run secpol.msc as Administrator, browse to Security Settings\Local Policies\Security Options\System objects, change default owner to Administrators group. Install new software only with Adminstrator account and use it with a User account.
But if the Administrator account is hidden from the logon screen: Regedit HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon\SpecialAcconts\UserList and create (or edit) a new DWORD with a Value Name of Administrator and value data of 1 (hexadecimal).
To disable the automatic "hidden shares" (for example, c$, d$, admin$, and IPC$): Regedit HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters\ and create (or edit) a new DWORD with a Value Name of AutoShareWks and value data of 0 (hexadecimal) and do the same for AutoShareServer. (Note: ignore the LanmanWorkstation branch; it's a network redirector; only the LanmanServer branch is used for creating/disabling shares.)
How to use the RestrictAnonymous registry value in Windows 2000. (Note: Not necessary for Windows XP SP2; instead consider changing the Security Option "Network access: Shares that can be accessed anonymously" by deleting all entries.)
Misc. Win2K/XP Registry hacks

Windows XP :
Turn on "Data Execution Protection" for all programs and services: Control Panel -> System -> Advanced [Tab] -> Performance Settings -> Data Execution Protection [Tab] -> Turn on DEP for all programs and services except those I select -> OK
To enable system wide: place /noexecute=OptOut at the end of the "multi" OS line within boot.ini (OptOut means DEP is enabled for all processes, but Administrators can manually create a list of specific applications which do not have DEP applied) ~ See Microsoft's How to Configure Memory Protection in Windows XP SP2.
Doug Knox Windows XP Security Console ~ Kelly's Korner - Troubleshooting Windows XP
Microsoft Shared Computer Toolkit for Windows XP to manage and protect shared/classroom/kiosk computers.

3rd Party Tech Support / Knowledge Bases : Tek-Tips Forums ~ Experts Exchange ~ EventID.net ~ Protonic free fast technical support. ~ PC Help Forum ~ Tech Support Guy (HelpOnTheNet).
DLL-files.com find the most common files that may be missing or corrupted on a Windows computer. (DLL files)
ProcessLibrary.com Find the latest information about spywares, adwares, trojans, viruses, system processes and common applications.
Henri Leboeuf's Errors Messages learn more about an exact message from Windows or Internet Explorer.
MalekTips "Free Computer and Technology Help ... over 2,400 Tips."
Open Source Support Solutions Search for support providers and request bids. ~ freenode.net Primary Groups (IRC)

Firewall Blocking/Directing / IP Port and Packet Analyzers :
IANA and Wikipedia's List of TCP and UDP port numbers
NNSquad Network Measurement Agent (NNMA) attempts to detect reset (RST) packets that may have been injected into a TCP connection by any entity not located at the connection endpoints. ~ ModSecurity HTTP traffic monitoring and embeddable web application firewall.
OpenBSD's PF (includes ALTQ for bandwidth management; also ported to FreeBSD) ~ Peter N. M. Hansteen's Firewalling with PF The most up to date published versions of the Firewalling with PF manuscript. ~ Monitoring PF firewalls for health and performance ~ PF: Firewall Management free chapters of upcoming cancelled book.
IP Filter and FAQ. Used by the BSD's and Solaris.
pfSense firewall derived from the m0n0wall using OpenBSD's ported Packet Filter, FreeBSD 6.1 ALTQ (HFSC)
FreeBSD Handbook Firewalls PF, IPFILTER, and IPFW (AKA ipfirewall; supports divert packets).
Linux: IPCop and Smoothwall ~ Shorewall high-level tool for configuring Netfilter.
Firwall Builder object-oriented GUI and a set of policy compilers for various firewall platforms; policy/rule editing using drag-and-drop operations.
dummynet a flexible tool originally designed for testing networking protocols, and since then (mis)used for bandwidth management.
AIRlok A 1U server with OpenBSD, security chip, unified GUI to manage features. ~ Armorlogic Profense OpenBSD firewall layer configured to speed up valid traffic and filter out invalid URL's, variables, requests, etc., to your web server.
Firewall Failover with pfsync and CARP (OpenBSD)
Fortinet's FortiGate ASIC-accelerated antivirus firewall (Fortinet was founded in 2000 by Ken Xie, founder of NetScreen which later sold to Juniper for $3.5 billion. Accused of using Linux kernel in FortiOS without credit; GPL violation upheld with injunction in Germany.)
WatchGuard hardware firewalls such as the Firebox X series. (To increase http speed, open policy manager, press CRTL+ALT+SPACE to open the config file, and add options.proxies.http.bufsize : 75000 )
ServGate EdgeForce Unified Threat Management (UTM) Platforms.
DShield.org Internet Storm Center Status, Attacker IP address lookups, etc. "If you use a firewall, please submit your logs to the DShield database." (instructions for auto-reporting)
Sygate Personal Firewall 5.6.2808 bought and discontinued by Symantec November 2005 ~ ZoneAlarm Security Suite (uses CA's A/V and antispam from MailFrontier which was acquired by SonicWALL in February 2006) and reduced prices on PestPatrol, SpamNet, etc. (free after rebates) ~ Panda Platinum Internet Security 2006 version highly rated.
PortsLock firewall integrates with the Windows user authentication system and handles user-level permissions to TCP/IP connections (think user-specific IPsec configuration).
Steve Gibson's ShieldsUP free online firewall port penetration test. ~ TestMyFirewall.com
Microsoft's PortQry version 2.0 and Port Reporter ~ DiamondCS Free utilities such as Port Explorer.
StopListening for Windows 2000/XP will close all open/listening TCP and UDP ports.
Link Logger Link Logger is the premier Windows logging tool for the Linksys, Netgear, and ZyXEL routers and firewalls. See also thier Scans and Resources pages.
Fail2Ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address.
Narus Semantic Traffic Analyzer used jointly by AT&T and the NSA; also used by ISP's to charge each other for VoIP calls (runs on Linux; see Wired News article)
Multiple-port knocking Netfilter/IPtables only implementation (instead of Knockd). Compare with CipherDyne's fwknop (FireWall KNock OPerator) requires only a single encrypted packet to communicate desired access through a Netfilter policy and/or complete commands to execute on the target system. ~ How to safely connect from anywhere to your closed Linux firewall using knockd.

Port Scanners : Angry IP Scanner for Windows. ~ Foundstone's SuperScan.

Loggers and Log Analyzers : ABLogFile real time log view for Windows with highlighting and .wav notifications ~ syslog ~ syslog-ng supports TCP. ~ rsyslog support for syslog/tcp, writing to MySQL databases fully configurable log file formats (including high-precision time stamps) and soon RFC 3195 support. ~ Kiwi Syslog Daemon for Windows.
BareTail and BareGrep Linux tail and grep for Windows; refreshes the view of log files as they grow; use regular expressions to search through files.
WebLog Expert ~ Sawmill Configurable log analyzer recognizes many formats. ~ Analog "The most popular logfile analyser in the world" ~ splunk> easily navigate all data recorded by your IT systems ~ AWStats free graphical report generator of web, streaming, FTP or mail server stats from Apache, IIS, WebStar, etc. (Written in Perl; GPL licensed) (Wikipedia) ~ Monitoring systems with munin (graphs) ~ HowToForge's Server Monitoring With munin And monit ~ Cacti network graphing using RRDtool's data storage and graphing functionality using MySQL and PHP frontend.
Isoqlog MTA log to HTML usage stats.
Tobi Oetiker's MRTG - Multi Router Traffic Grapher ~ Paessler PRTG Traffic Grapher.

IPS / Intrusion Detection/Prevention/Protection Systems / Host Integrity Monitoring : Zenoss Core Enterprise IT Monitoring ~ osirus Host Integrity Monitor. ~ Nagios host and service monitor designed to inform you of network problems.
OSSEC HIDS - Open Source HIDS Host-based Intrusion Detection System.
Privateeye take action based on combined abuse thresholds recorded by Snort, HoneyNet, IPS, etc.
Determina Vulnerability Protection Suite (VPS) ~ eEye's suite of vulnerability management solutions such as Retina and Iris and Blink ~ Nmap (Network Mapper) free security scanner.
Snort and rules at Bleeding Edge Threats (formerly Bleeding-Edge Snort) ~ A How-To Guide for running snort_inline on FreeBSD. ~ Wireshark (formerly Ethereal) ~ Nessus (v3 faster but closed source) ~ Packetyzer (native Windows GUI based on Ethereal) ~ WinDump and WinPcap ~ tcpdump/libpcap ~ Prelude Hybrid IDS project ~ Ettercap Suite for man in the middle attacks, sniffing, content filtering, active/passive protocol dissection, etc. ~ p0f passive OS fingerprinting tool.
Winfingerprint open source network scanner for Windows.
Hardware: 3Com's TippingPoint IPS (SC Magazine "Best Buy of 2004").
Qualys vulnerability management process/solutions in addition to intrusion detection systems. Tools and Trials: FreeMap, FreeScan, SANS 20 and QualysGuard.
LURHQ Managed Security Services.

Security Articles / Vulnerability Websites / Online Magazines / WebLogs / Podcasts : O3 Magazine The Open Source Enterprise Data Networking Magazine ~ OSNews ~ ITJungle ~ Infosec Writers ~ WindowSecurity.com ~ SecWiz ~ LabMice TechTarget.
NTBugTraq ~ Secunia ~ Full-Disclosure ~ SANS Internet Storm Center - Diary Archive ~ MITRE's CVE - Common Vulnerabilities and Exposures List and OVAL - Open Vulnerability and Assessment Language ~ OSVDB Open Source Vulnerability Database.
The NSA Operating Systems Guides.
TWiT This Week in Tech podcast.
Windows Secrets Newsletter - Windows update tips and WinFind search engine. ~ SC Magazine For IT Security Professionals.
USENIX Association, their ;login: magazine, and the SAGE Special Interest Group.
LOPSA The League of Professional System Administrators.
UNIX REVIEW monthly online mag since 2000. (Unix/Linux)
TechNet's Server and Domain Isolation Using IPsec and Group Policy.
WindowsITPro's A Secure Wireless Network Is Possible and Wired 802.1x Security Go wireless to protect your wired network. ~ SecurityFocus: Cracking WEP: Dead Again ~ NetStumbler Verify Wireless LAN setup and coverage, detect rogue access points, WarDriving, etc.
Aaron Margosis' Weblog The Non-Admin blog - running with least privilege on the desktop.

Wi-Fi / Wireless Access :
Microsoft's Securing Wireless LANs with PEAP and Passwords and The Cable Guy - Wi-Fi Protected Access 2 Data Encryption and Integrity (August 2005) and The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services Information Element (WPS IE) update for Windows XP w/SP2
Brian Livingston's Wi-Finally: wireless security that actually works.
Core Copetence Wireless LAN (Wi-Fi) Resources (Lisa Phifer's Wireless CORner) and Wi-Fi Security Tools.

Microsoft Exchange Server :
Exchange Server All-In-One Tools Download (ExAllTools.EXE 06.05.7408 9/21/2004) and individual Downloads for Exchange.
Microsoft Identity Integration (MIIS)
Upgrading Exchange Server 5.5 to Exchange 2003 in a Medium-Sized Organization.
Management Pack Configuration Wizard GUI to configure Exchange 2000/2003 Management Pack, including test mailboxes, message tracking and monitoring services. (Ex2K/2K3)
Prevent SMTP relaying with Microsoft Exchange Server.
Microsoft Exchange Server Best Practices Analyzer Tool v2.9.0.1 12/8/2005 (Win2K/2K3/XP)
Exchange Server 2003 Outlook Profile Update after moving mailboxes across Exchange organizations or administrative groups.
How to turn off ESMTP verbs in Exchange 2000 Server and in Exchange Server 2003
Using Exchange as a Backup MX Server for Another Domain
Slipstick (all) ~ MSExchange.org (all) ~ Evan Dodds Weblog (Ex2K/2K3)
DumpsterAlwaysOn Recover items that are not transferred to Outlook's Deleted Items folder. (Ex5.5/2K) ~ Suppress NDR's. (Ex5.5)
Turn off 8-bit MIME (8BITMIME) in Win2k/2003 Server (required when it smart hosts to Ex5.5) ~ Changing the TCP Port Used for SMTP Mail (Ex5.x) ~ Monitor IMS, MTA and x400 queues. (Ex5.5)
The Ed Crowley Server Move Method (Ex5.5)
Exchange IMF (Intelligent Message Filter) uses Microsoft's SmartScreen spam filtering. IMF Update v2 is part of Microsoft Exchange Server 2003 SP2. ~ IMF Archive Manager.
SMTP relay behavior in Windows 2000, Windows XP, and Exchange Server.
How to optimize memory usage in Exchange Server 2003.
Exchange email archiving: GFI MailArchiver ~ CommVault's QiNetix DataArchiver ~ IBM's DB2 CommonStore ~ C2C Archive One ~ Symantec Veritas Enterprise Vault ~ Quest Archive Manager.
Exchange email non-rewritable/non-erasable archiving: EMC Centera ~ HP StorageWorks RISS (Reference Information Storage System).

SMTP : RFC 2821 Simple Mail Transfer Protocol (replaces RFC 821) and RFC 2822 Internet Message Format (replaces RFC 822) ~ RFC 2544 SMTP Service Extension for Authentication ~ RFC 2487 SMTP Service Extension for Secure SMTP over TLS (Transport Layer Security) ~ Internet Mail Architecture Internet Draft (Dave Crocker).

Anti-Spam : Why Sender Callout Verification, Sender Verify, Callbacks, SAV is abusive.
Al Iverson's Spam Resource and DNSBL Resource and DNSBL Statistics ~ Spam is that Which We Don't Do ~ Challenge/Response Systems (why C/R is bad) and Justin Mason's An anti-challenge-response Xmas linkfest
How to get email headers Instructions to open headers for various email clients and services like Outlook, Hotmail, Yahoo, AOL, Eudora, Lotus, etc.
SPAM-L LISTSERV mailing list dedicated to "Spam prevention and Discussion" by mail admins. ~ SPAM-L Archives.
Declude's Free tools
IANA's Root-Zone Whois Information - Index by TLD Code ccTLD country codes and corresponding country names. See also ISO 3166 Code lists.
The DNSBL countries.nerd.dk and their 127.0.n.n country code results can be used to detect which country with a single DNS TXT lookup to reversedIPaddressOctets.zz.countries.nerd.dk
MAAWG Messaging Anti-Abuse Working Group (AOL, Cloudmark, Google, Comcast, Earthlink, Yahoo, etc.)
Karmasphere and their VisiBL visual reputation service with input from CBL, PhishTank, SpamCop, SURBL, URIBL, etc.
Spamikaze uses spamtraps and other data to automatically build a DNSBL (GPL'd).
Vamsoft ORF - Open Relay Filter ($100/per year for upgrades) binds to a Microsoft smtpsvc (e.g. IIS SMTP 5 or 6 transport level) allowing filtering such as: A/MX record check, inclusive/exclusive white/blacklists for email addresses and IP addresses, cacheable DNS blacklists (SpamCop, Spamhaus, NJABL, PSBL, SORBS, etc.), Tarpitting, maintains a duration-customizable triplet Greylist database (blocks p&d/spambots/zombies), broken sender FQDN, regex customizable HELO domain blacklisting (e.g., blacklisting non-bracketed IP addresses used as HELO/EHLO), SPF1 record lookups--all performed at either the "Before Arrival" filtering point (before delivery of message header/body/attachments) and/or the "On Arrival" filtering point (when the message DATA/body/attachments arrive). It also has customizable On Arrival-only actions (Drop/pretend protocol failure, Redirect, Tag) based on regular expressions, lookups of body website links against SURBL and URIBL, and external agents such as ClamAV.
Spam Filter ISP similar to ORF but costs $600 and the Norman A/V plug-in costs $400/yr.
MailScanner open source; a must-see intro.
Bruce Gingery's Turnaway mini SMTP daemon to tell unwanted connections to "go away"
Symantec Brightmail Antispam 17 filtering technologies including spam signatures, heuristics, reputation filters, and language identification.
SpamGourmet free accounts such as sometag.x.user@spamgourmet.com where x is the number of messages you want to receive (upto 20) and user is your spamgourmet username.
InBoxer (Outlook only) ~ Spam Bully ~ SpamFilter ~ SPAMfighter free; over 4 million PC's report on spam ~ Cloudmark Desktop (formerly SafetyBar and SpamNet)
MailWasher Server open-source, multi-platform, individual white/blacklists. (Server version doesn't appear to have the stupid spamming/bounce "feature" of the non-Enterprise Mail Washer.
Anti-Spam SMTP Proxy Server (ASSP) whitelists, Bayesian, and basic anti-virus filtering; Perl; GPL. Compare with amavisd-new and qpsmtpd.
CMS Praetor spam filter / content security / antivirus (feature list)
OpenBSD's spamd (man page)
dspam open-source statistical anti-spam filter with Bayesian Noise Reduction, Markovian discrimination, etc.
SpamBayes open-source trainable statistical scoring Python app with optional Outlook plugin.
IronPort's SenderBase Email Reputation Service (research senders, identify legitimate sources of email, etc.) ~ TrustedSource.org ~ dnswl.org DNS Whitelist of known legitimate email servers ~ Return Path's Sender Score Certified (formerly Bonded Sender; IronPort is no longer in partnership with Return Path as of April 2006)
BoderWare Security Network IP address reputation lookup and email notification service.
Declude "List of All Known DNS-based Spam Databases"
MailPolice domain lookup blocklist and email filtering services
Commtouch Recurrent Pattern Detection Technology (RPD) (requires IE5.5+ and uses ActiveX plug-in for Outlook; used in many OEM appliances such as WatchGuard's SpamScreen).
SpamCop IP blacklist database to check incoming mail attempts. Please report daily to them any spam not already blacklisted. ~ How To Automate Spamcop Submissions ~ WWW::Mechanize::SpamCop ~ OLSpamCop's SpamGrabber free SpamCop submission toolbar for Outlook. (Compare with SpamSource; other tools listed on SpamCop's FAQ)
HostedScripts Anti-Spam Link to this page of random email addresses to send email harvesting bots to a loop-o-junk.
Vipul's Razor - statistical and signature-based spam confidence test based on reputation of submitters of spam samples to their network.
DCC Distributed Checksum Clearinghouse.
The SpamBouncer spam filter that runs under Procmail.
Bayesian filtering: SpamBayes ~ POPFile ~ K9 (active forum)
Bogofilter advanced Bayesian filgering; uses wordlist stored in BerkelyDB
The Apache SpamAssassin Project open source spam filter. ~ InstallingOnWindows ~ SpamAssassin for Win32 ~ WinSpamC - spamC for Windows AKA spamc32 ~ SARE (SpamAssassin Rules Emporium) ~ Perceptron rule-weighting algorithm instead of a GeneticAlgorithm ~ WebRedirectPlugin for SpamAssassin; fetches web pages linked to in messages and provides their contents in a pseudo-header that can be used in custom header rules. ~ Mail::SpamAssassin::Plugin::Shortcircuit Shortcircuiting a test will force all other pending rules to be skipped if that test is hit. ~ OcrPlugin ~ FuzzyOcr ~ ImageInfo ~ TextOCR for spamassassin 3.1+
EximConfig configuration and ACL files preferably used in conjunction with SpamAssassin and the SA-Exim patch (Exim SpamAssassin at SMTP time).
Backscatterers.org (powered by UCEProtect) and Backscatterers.com listings ~ SpamLinks.net Preventing Backscatter See also Bouncing messages do no good, Spam Filter Server Addons, etc.
PMilter Pure Perl implementation of the Milter protocol used by Sendmail, including drop-in replacement for the Sendmail::Milter interface. ~ uses Sendmail::PMilter which uses the SpamAssassin libraries with merely the 20_uri_tests.cf rules file (relatively light) to strip the URI's from a message and check them against multi.surbl.org and black.uribl.com and reject any messages that contains blacklisted URI's ~ SnertSoft milter-link.
Postfix: policyd-weight policy daemon for postfix. Score DNSBLs (RBL/RHSBL), HELO, MAIL FROM, Client IP Addresses before any queuing is done. ~ Postfix Monitoring With Mailgraph And pflogsumm (RRDtool frontend mailgraph by David Schweikert and pflogsumm by Jim Seymour) ~ Jim Seymour's suggestions/examples for Postfix anti-UCE configuration (Aka: Postfix Anti-UCE Cheat Sheet). ~ spam-stats.pl count and classify discard: and reject: lines in postfix mail logs.

Greylisting : Greylisting.org ~ Greylisting Whitepaper by Evan Harris. Compare with NoListing and FakeMX.org (SpamAssassin OtherTricks wiki) ~ Links to (Greylisting) Implementations and Information ~ Puremagic's greylisting/schema/whitelist_ip.txt. Compare with ORF's Greylisting IP Exceptions.
Greylisting for Postfix: Postgrey ~ SQLgrey ~ Gld ~ Gld howto Greylisting for Postfix on Debian and Gentoo ~ gps - greylist policy service for postfix.

URI / URL Deobfuscator / Link Extactor : Mail::SpamAssassin::Plugin::URIDNSBL SpamAssassin has extensive deobfuscation code. For speed, use an empty rules directory. ~ Mail::SpamAssassin::SpamCopURI ~ HTML::LinkExtractor ~ HTML::SimpleLinkExtor.

Anti-Phishing : PhishRegistry monitors the Internet for malicious copies of a website and provides weekly reports. ~ Anti-Phishing Working Group Report account password "Phishing" email scams to reportphishing@antiphishing[dot]org ~ PIRT Phishing Incident Reporting and Termination Squad (CastleCops and Sunbelt Software; send reports to pirt@castlecops[dot]com ) ~ DSL Reports Phish Tracker ~ PhishTank collaborative clearing house about phishing and malware.
Steve Basford's Sane Security phish.ndb and scam.ndb phishing and scam signatures for ClamAV. See also Malware Block List and MSRBL-SPAM.ndb and MSRBL-Images.hdb.

Regular Expressions / Regex : Chris Schmidt's Regex Creator / Evaluator ~ The Regex Coach (Windows, Linux/x86, FreeBSD) experiment with (Perl-compatible) regular expressions interactively. ~ Regular-Expressions.info ~ Txt2regex Regular Expression Wizard using built-in Bash commands.
~ RExT Regular Expressions Tester Firefox extension to test regular expressions.
Sender Policy Framework (formerly Sender Permitted From) / SPoofs Forgeries / SPF : SPF Setup Wizard Create DNS records specifying the permissible origins/sources of messages which use your email domain name so others can block spoofs/forgeries. Spammers tend to avoid forging domains that have published SPF1 records.
(Compare with defunct CSV - Certified Server Validation.)
Common objection: SPF breaks forwarding. Solutions: SRS: Sender Rewriting Scheme or Return Path Rewriting.
Microsoft's Sender ID Framework SPF Record Wizard ~ How to Add an SPF Record in Win2000 and 2003 Server DNS
Vamsoft's SPF Checker (and SPF Syntax Validator) ~ Kitterman.com's Python Based SPF Record Testing Tools.
libspf2 libraries for Sendmail, Postfix, Exim, MS Exchange, etc. to implement SPF checking.
List of Broken SPF Records and the major reasons.

Yahoo DomainKeys / DKIM : Yahoo! FAQ Which mail transfer agents (MTAs) support DomainKeys?

IP Calculators / Subnet Calculators / CIDR conversion : Chris Schmidt's Subnet Calculator ~ Online NetCalc ~ IP Workshop Pro ~ SolarWinds Subnet Calculator and TFTP server ~ Online Network Calculators ~ Famatech's Advanced IP Calculator ~ IP CIDR / VLSM Calculator ~ ijack.net IP Subnet Calculator ~ jodies.de IP Calculator ~ WildPackets IP Subnet Calculator for Windows.

IPv4 Address Space Management : phpIP Management ~ IPSpace.

IP Address Lookups / Whois / DNSRBL / Relay BlackLists :
jwhois and Jwhois for Windows.
IANA's INTERNET PROTOCOL V4 ADDRESS SPACE allocation page. ~ RIPE NCC Service Region ~ world map of the major IP Address Registries RIPE NCC, ARIN, APNIC, AfriNIC and LACNIC.
ARIN American Registry for Internet Numbers (IP Addresses) ~ Kloth.net for DIG and NSLOOKUP allowing you to specify nameserver. ~ DNS Stuff IP, domain and SPF record lookups, URL deobfuscator, etc. (see: How to Obscure Any URL) ~ MxToolbox includes free blacklist monitoring ~ DNS Report and email delivery test tool. ~ drbcheck Dr. Jorgen Mash's DNS Database list checker ~ robtex swiss army knife internet tool (Multi-RBL check, etc.) ~ OpenRBL DNSBL, Whois, Route ~ rwhois ~ rwhoisd.
CompleteWhois (good Bogon IPs for firewall blocking) ~ The Team Cymru Bogon Reference Page ~ The Spamhaus DROP "Don't Route Or Peer" List.
open-whois.org list of domains which are privately (or anonymously) registered, e.g. through services such as Domains By Proxy, or Moniker Privacy Protection.
The Day Old Bread List DNSRBL contains domains registered within the last five days (shouldn't send email yet).
CMS BL-Monitor "Free Visual Tool to Monitor DNS Blacklist Server Effectiveness and Responsiveness"
BW Whois command-line; lots of features. Example usage: BWwhois --shift 1 --stripdisclaimer 203.57.241.101 (See also Deobfuscation and Analysis tool by Shmuel (Seymour J.) Metz)
Network Solutions Enhanced WHOIS Directory Covers multiple WHOIS databases; search by domain name, nic handle, IP Address. Use VeriSign Whois Search for .com, .net, .edu., .cc., .tv., and .jobs ~ PIR (Public Interest Registry) .ORG WHOIS Search for .org ~ InterNIC Whois for .aero, .arpa, .biz, .cat, .com, .coop, .info, .int, .mobi, .museum, .name, .pro, and .travel.

Web Hosting and Domain Name Registration : WebHost Magazine Buyer's Guide ~ HostReview ~ FindMyHosting.com ~ 1&1 (cheapest) ~ LunarPages RedHat Enterprise Linux 3 on Dell PowerEdge 2850 servers (dual Xeon 3.2Ghz and 4GB RAM) and fast customer service. ~ Pair Networks web hosting on FreeBSD with Telnet/SSH access. ~ BraveNet.com free webhosting (50MB storage, 1.5GB monthly bandwidth and easy website builders). ~ Aplus.Net (makers of PDF2Web).
Pool.com "Our Deleting Domains service allows you to backorder domains for free! We will monitor expiring and deleting domains every day and will attempt to secure the domains you want as soon as they become available." If the domain is currently with Network Solutions, then also use SnapNames.
Instant Domain Search and DomainsBot to quickly find available domain names, slight variations, synonyms, etc.
Sedo huge domain market place.

DNS / Domain Name Servers / BIND / Dynamic DNS : Comparison of DNS server software ~ Unbound validating, recursive, and caching DNS resolver (C; BSD) ~ Traditional DNS Howto ~ RFC 1912 - Common DNS Operational and Configuration Errors ~ DNS for Rocket Scientists online book used as basis for Apress' Pro DNS and BIND. ~ DNSSec.net ~ ISC BIND ~ BIND9.net ~ Secure BIND Template ~ Two-in-one DNS server with BIND9 how to configure BIND9 DNS server to serve an internal network and an external network at the same time with different set of information using View. ~ DNS server setup on GNU/Linux NS theory and onfiguration guidelines on GNU/Linux and OpenBSD using BIND and NSD.
MyDNS free DNS server for UNIX; serves records from MySQL (HOWTO article: Running A MySQL-Based DNS Server: MyDNS) or PostgreSQL ~ PowerDNS also serves records from MySQL or PostgreSQL; used by Register.com, Schlund.de (1&1) and Tucows. See PowerDNS Express web based DNS management. ~ NicTool GPL'd web-based DNS managment. See also IPplan.
DNS.net (DNS RD) DNS Resources Directory (and their comparison page of Unix-based DNS).
Granite Canyon - The Public DNS ~ ZoneEdit ~ NeuStar Ultra Services (formerly UltraDNS.com) ~ OpenDNS ~ EveryDNS ~ EasyDNS ~ DynDNS ~ No-IP.com ~ TZO ~ DynIP ~ dnsExit.com ~ ODS Open Domain Server.
Microsoft's How to prevent DNS cache pollution for NT4, Win2K and Win2K3 Server.
DNS Resolver Queried IP Check Registry Hack to ensure Windows clients accept DNS query results only from the IP address of the queried DNS server.
D. J. Bernstein's djbdns DNS cache, server (see tinydns) and client used by Lycos, citysearch.com, pobox.com, 1.85 million .com's, directNIC, MyDomain/NamesDirect, Interland, Dotster, Easyspace, Namezero, and Netfirms. Like qmail, author offers unclaimed $500 security hole reward since at least 2001.
rbldnsd small and fast DNS daemon especially made to serve DNSBL zones inspired by Dan J. Bernstein's rbldns program found in the djbdns package. Windows port: Wrbldnsd - Rbldnsd for Windows.
Roller Networks secondary DNS, backup MX, SMTP redirection, SMTP filtering, etc. ($25 donation for advanced services such as Greylisting)

Windows Server Microsoft Windows Server 2000/2003 Operating System Management monitors processor, memory, disk health, availability, and key performance metrics (2000/XP client version) ~ Windows 2000 Resource Kit tools (Daniel Petri)

Windows 2003 Server Resource Kit Tools ~ Administration Tools Pack ~ Tools for Troubleshooting ~ Windows Server 2003 Security Guide

Network Scanner : GFI LANguard Network Security Scanner ~ NetScanTools Pro ~ SoftPerfect Network Scanner.

IE HTTP proxy/traffic examiner : Fiddler PowerToy.

IIS Web Server utilities :
Serving the Web : Nine Tips to Enhance IIS Security : Securing your IIS 6.0 installation
Microsoft Anti-Cross Site Scripting Library V1.5
ServerMask Web Server Anonymization and Obfuscation (IIS 4/5/6)
Microsoft's TechNet default resource page for Internet Information Services 6 (Win2K3 Server) See tools for Securing IIS, Migration from v5, Resource Kit, Server Performance Advisor, etc.
Securing IIS 5 and 5.1 (Win2K Server) ~ Securing IIS 6
IISShield (alternate link) free application layer firewall for IIS better than IIS Lockdown 2.1 and its built-in URLscan 2.0
UrlScan 2.5 compatible with IIS 6 (Win2K3)
Hackerbasher Diverts attacks to a dead end and records traffic in a single log.
Microsoft's SYN flooding attack protection feature (Win2k Registy hack)
Configuring FTP in Isolation Mode (Win2K3 IIS6)
Microsoft's Script Encoder and GreyMagic Online Script Decoder
N-Stalker's N-Stealth IIS and Apache website vulnerability scanner; free download.
eEye's SecureIIS

FTP Client / FTP Server : WinSCP freeware SFTP and SCP client for Windows ~ FileZilla FTP and SFTP and Server version. ~ SmartFTP ~ FTP Commander ~ CoreFTP ~ Pure-FTPd ~ ProFTPD Highly configurable GPL-licensed FTP server (not compiled for MS Windows, but runs in Cygwin). ~ vsftpd "Probably the most secure and fastest FTP server for UNIX-like systems." (used by ftp.redhat.com, ftp.openbsd.org and ftp.suse.com) ~ wget for Windows (stable; page links to newer version here).

File Download Manager / Website Copier : Free Download Manager Resume incomplete downloads and download pieces simultaneously to increase throughput. ~ HTTrack website copier for offline viewing and archiving (WinHTTrack for Windows and WebHTTrack for Linux/Unix/BSD).

SEO / Search Engine Optimization / SEM / Search Engine Marketing : SEOmoz Beginner's Guide to Search Engine Optimization and their Search Engine Ranking Factors.
High Rankings Advisor articles.

Website Utilities : .htaccess Editor online ~ WebGUI website platform; easy CMS (Perl; GPL'd) ~ myIPneighbors lists domains at an IP address
mon.itor.us Free web site monitoring ~ WebSitePulse remote monitoring service for web apps and round-trip email tests. Compare with Pingdom.
Gigaloader (formerly Megaloader) Server stress tester.
HTMLTrim highly customizable HTML/XHTML/XML pretty-printer and fixer for Windows that uses HTML Tidy.
CSS contents and browser compatibility chart.
CSS Optimizer ~ Clean CSS ~ Flumpcakes ~ Icey CSS Compressor
Browsershots submit a webpage to see what it looks like in dozens of browsers.
HTML Validators (CSE 3310, Netmechanic, Link Scan, Bobby (now directs to Watchfire's WebXACT), W3C, Dr. HTML, weblint, MOMspider and Webxref) ~ HiSoftware accessibility monitor site test ~ WAVE Accessibility Tool ~ UITest.com ~ OCAWA Accessibility audit of one page ~ Accessibility Valet Demonstrator.
Dead links / check links / link validators: Xenu's Link Sleuth (Windows) ~ Dead-Links.com or W3C Link Checker.
WebXACT free online service to test web pages for quality, accessibility, and privacy issues.
Nuetool's StripFile can remove comments and unnecessary data from GIF, JPEG and PNG image files and HTML.
FavIcon from Pics online creator ~ IconEdit32 create Favorite (Bookmark) icons that can include all valid combinations of size and color depths. ~ Compare with IconEdit Pro.
Gary Keith's browscap.ini (browser capabilities databases) "to create pages that are free from browser-specific design limitations, more consistent across all browsers, or highly specialized based on the visitor's capabilities."
Paros a proxy (written in Java) for web application security assessment. Data between client and server can be intercepted and modified.
Page Snooper retrieves and displays the HTML source code of a web site.
PageLock prevent viewing source or copying images.
ScanAlert Hacker site seal received after their security certification results in more customers.
Spam Proof eMail Address Generator creates a picture of your email address; specify font style and color. ~ The Hivelogic Enkoder keeps the email address clickable ~ Syronex Anti-Spam Tool javascript encoding with optional challenge ~ John Haller's Obfuscate Mailto 1.01 email address not clickable but remains visible if JavaScript disabled.
dmoz Mozilla's open directory project. Submit your site's URL and if listed after human vetting, many search engines will start crawling and indexing your site.
Google Analytics (formerly Urchin Web Analytics) "shows you how people found your site, how they explored it, and how you can enhance the visitor experience."
Foundstone's SiteDigger Searches Google's cache of a website to look for vulnerabilities, errors, configuration issues, proprietary information, etc.

Web Design / Content Management Systems / CMS : Drupal ~ Serendipity PHP Weblog/Blog software (BSD licensed) ~ TinyMCE Javascript HTML WYSIWYG editor control (LGPL) ~ SOLMETRA SPAW Editor web based in-browser WYSIWYG editor control.
10 CSS Tips from a Professional CSS Architect
CSS Cheat Sheet
Free open source web design templates: OpenWebDesign.org ~ OpenSourceTemplates.org ~ OpenDesigns.org ~ OSWD.org ~ FreeLayouts.com
thePeoplesToolbox sorted by user votes ~ Web Design from Scratch ~ Web Design Library "Designer's One-Stop Resource"
CMS Watch / The CMS Report a comprehensive overview of Web Content Management products and best practices.
CMS Matrix easiliy compare CMS tools.
Seth Gottlieb's "epic whitepaper" on Content Management Problems and Open Source Solutions.
Open Source Content Management Systems (CMS) in Java
TYPO3 "free Open Source content management system for enterprise purposes on the web and in intranets."
Adobe (formerly Macromedia) Dreamweaver and/or Contribute. ~ webEdition CMS for PHP, MySQL, XML, XHTML, etc. ~ GlobalSCAPE's PureCMS. ~ "Joomla! is one of the most powerful Open Source Content Management Systems on the planet."
Plone open source intranet/extranet/portal server, document publishing system, groupware tool; over 50 language translations; built using Zope.

Revision Control software (comparison) / SCM (souce content/control managment) / CVS / Concurrent Versions System / Version Control System / Subversion / SVN : Subversion aka SVN; command line interface. ~ Version Control with Subversion online book ~ TortoiseSVN SVN interface integrates with Windows Explorer and comon file dialogs ~ eSvn QT GUI for Subversion ~ RapidSVN GUI for Subversion written in C++ using the wxWidgets framework ~ WebSVN PHP based web interface of Subversion repositories ~ KDESvn subversion client for KDE ~ SyntEvo SmartCVS and SamrtSVN ~ Syncro SVN Client cross platform; full/productive SVN interface. ~ more at Tigris.org.
Git - Fast Version Control System (used for the Linux kernel). ~ FileHamster for Windows.
MediaWiki.org

Enterprise Content Managment / Records Management / Document Management : Interwoven ~ Hummingbird.

Web Browsers : Run IE6 or IE7 on Windows 2000/XP for testing: Virtual PC 2004 SP1 and Internet Explorer Application Compatibility VPC Image (IE6 and IE7) ~ free Virtual PC 2007 for Windows. ~ How to get IE 5.0, IE 5.5, IE 6.0 and IE 7.0 (release) running concurrently on Linux.. See also User Agent String Utility version 2 for IE7 to pretend/emulate IE6.
Mozilla's Firefox (FAQ) (latest Patches for various versions, Release Candidates, and Betas or the latest nightly builds).
Silent install Firefox by adding -ms after the .exe
FrontMotion Mozilla Firefox MSI and optional Administrative Template/lockdown support.
MozBackup creates backups of Mozilla Firefox, Mozilla Thunderbird, SeaMonkey, Mozilla Suite and Netscape profiles. Backup and restore bookmarks, mail, contacts, history, extensions, cache etc.
See the patching record timeline of publicly available "in the wild" vulnerabilities with IE compared to 0 exploit days with Firefox and Opera: A Year Of Bugs by Scanit NV.
Firefox Extensions: Update Scanner Monitors web pages for updates. Useful for websites that don't provide Atom or RSS feeds. ~ NoScript asks permission to run JavaScript and Java; remembers selections ~ CustomizeGoogle ~ FireFTP ~ Encrypt This! ~ Google Browser Sync ~ Foxmarks Bookmark Synchronizer ~ IE Tab Embedding Internet Explorer in tabs. ~ Advanced Dork right-click access to advanced Google operators (and Scroogle.org which scrapes Google results without using cookies or search records). ~ FormFox mouse over the final Submit button to reveal the destination and if it is https/secure/encrypted ~ Skype Web Toolbar converts telephone #'s to click-and-call #'s ~ Adblock Filterset.G Updater - Firefox Extension ~ ODFReader - Firefox Extension ~ VideoDownloader Download videos from Youtube, Google, Metacafe, iFilm, Dailymotion, embedded movies, mp3s, flash, quicktime, etc. ~ Mozilla Archive Format - Firefox Extension allows complete web pages to be saved in a single archive file. Uses RDF to save page meta-data. It also allows pages to be saved in a seperate MHTML compatible format for interoperability with IE systems. ~ Web Developer Firefox enstion adds a menu and a toolbar with various web developer tools. (Author's website) ~ Firebug web development ~ RefControl ~ LiveHTTPHeaders ~ EditCSS
John Haller's Portable Firefox, Thunderbird, OpenOffice, AbiWord, GAIM, etc. Run these apps from portable media (CD, USB thumbdrive, iPod, etc.)
Tab Mix or Tabbrowser Extensions or Tabbrowser Preferences. Tab Preview for Firefox 1.5 shows a small preview of tab/page contents while the mouse hovers over a tab.
XULPlanet XML User Interface Language. Not to be confused with the FOX Toolkit (Free Objects for X) a C++ based class library for building cross-platform GUI's.
Prevent Javascript from hiding Firefox's XUL tool/menu/status bars to making spoofing obvious: Slashdot.org post 1 and post 2
To enable Windows automatic authentication like IE does, eliminating the need to click on login confirmation buttons, enter about:config in the address bar and add http://sitename.com to network.automatic-ntlm-auth.trusted-uris (and possibly network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris for some sites).
Netcraft Find out what software websites are running, which have the longest uptimes, etc. Free download: anti-fraud and anti-phishing Netcraft Toolbar (IE and Firefox) Better than Corestreet's Spoofstick and the Earthlink Toolbar featuring ScamBlocker.
scanit browser security test (IE or Firefox; temporarily disable pop-up blocking for the site)
Opera web browser. Small, fast, standards compliant (e.g., passes Acid2 Browser Test). Free version no longer contains ads. Less than 4MB in size, yet hightly configurable GUI, saves Bookmark (Favorites) sessions, email client, etc. ~ Web Developer Toolbar & Menu for Opera ~ Opera W3-Dev Menu.
Evolt.org IE 6 standalone (run IE6 concurrent with IE7)

NewsReaders / RSS Readers / Podcasting : XanaNews for Windows. ~ NewsGator / FeedDemon's FeedStation (more secure than others because in addition to stripping out ActiveX, VB and OnLoad events like most reader/feeders, it restricts downloads to default media file-type extensions yet can be manually modified to include new safe extensions.) ~ Omea Reader ~ RSSOwl open-source; multi-platform ~ Bloglines personal, shareable online RSS blog page (part of Ask Jeeves) ~ BlogBridge free, open source (Windows XP, Mac OS X and Linux) ~ NewsGator Online (web based)

Web Proxy / Web Cache : memcached (used by Digg, Slashdot, and Facebook) ~ Microsoft's ISA Server 2004 (Internet Security and Acceleration Server) ~ Google's Web Accerator for broadband connections (Cable, DSL, T1, etc.)
PHProxy to bypass firewall and other proxy restrictions
Cotse.net Email, Anti-spam, Web hosting, Web proxies, etc.
Squid (Unix/Linux) and squidGuard combined filter, redirector and access controller plugin for Squid ~ Squid for Windows ~ Proxify.

Text Editors / HTML Editors / WordPad and Notepad replacements : Notepad2 ~ FCKeditor lightweight HTML text editor for webpages with Word-like features ~ ListXP opens files that WordPad thinks is in use/locked. ~ TextPipe Pro ~ HTML-Kit with over 440 free plugins. ~ Acme SAC from Rob Pike / Plan 9 / Inferno. ~ NOTEPAD++ based on SciTE. ~ EditPad Lite and Pro (Windows, Linux) ~ metapad small, fast, free. ~ EditPad Pro, PowerGREP, RegexBuddy ~ UltraEdit ~ EditPlus ~ JOE Joe's Own Editor (like Wordstar) ~ gedit the official text editor of the GNOME desktop environment. ~ Kate (KDE Advanced Text Editor) text editor for the KDE Desktop Environment. ~ jedit programmer's text editor (Mac OS X, OS/2, Unix, VMS, Windows) ~ JED Editor ~ Leo general data management environment, outlinging editor, project manager, etc. (Windows, Linux, Mac OS X) ~ Crimson Editor with line numbers, syntax highlighting, etc. ~ PSPad ~ Intype for Windows (similar to TextMate for Mac).
~ Codetch Gecko based (like Firefox) code editor. VIM and gVIM improved versions of the vi text editor distributed with most Unix systems. Wikipedia Vim. Cream for Gvim (see shortcuts).
Emacs. Wikipedia Emacs. ~ CEDET Collection of Emacs Development Environment Tools. ~ ECB Emacs Code Browser. ~ The Woodnotes Guide to Emacs for Writers (Also by Randal Wood: Easing the Pain of Coding Avalon Documents with jedit) ~ WhizzyTeX minor mode for Emacs or XEmacs, a bash shell-script daemon and some LaTeX macros. ~ Graph-TeX for drawing graphs. ~ MiKTex for Windows ~ LyX Document Processor ~ GNU TeXmacs ~ pdfTeX ~ TeXShop Mac OS X v. 10.4.3 or later ~ XeTeX Mac OS X 10.3 or later ~ CSV2LaTeX converter ~ LaTeX2HTML ~ AUCTeX extensible package for writing and formatting TeX files in GNU Emacs and XEmacs. ~ Configuring Unicode support in Emacs. ~ Zile small Emacs clone.
XEmacs Emacs with GUI support. "XEmacs has an active development community numbering in the hundreds, and runs on Windows 95 and NT, Linux and nearly every other version of Unix in existence."
HTMLAsText Batch convert HTML to text by removing tags and formatting output according to preferences.
Convert XLS Convert Excel to/from to many file types including CSV, XML, HTM, TXT, SLK, WKS, DBF, Lotus and others. GUI and command line batch conversion.
Nvu web editing environment based on the Mozilla platform and its Gecko layout engine. Binaries for Linux, Windows, Mac OS X and FreeBSD. (KompoZer Nvu's unoffical bug-fix release).
TSW WebCoder for Windows (v5 free).
Evrsoft First Page 2006 for HTML, XHTML, PHP, ASP, Cold Fusion, Javascript, CSS, SSI and Perl.
Hex editor: XVI32 or Hxd Freeware Hex Editor for Windows (self-contained executible; no installation Registry entries)
XML Marker edit XML files in color coded and expandable tree views.

Diff / Merge / Compare : WinMerge ~ KDiff3 compare with Meld ~ Guiffy ~ vimdiff (diff gvimdiff diff-mode) ~ ColorDiff

Microsoft XML : XML Notepad 2007 ~ MSXML (Microsoft XML Parser) 3.0 Software Development Kit (SDK) ~ Microsoft XML Parser 3.0 SP7 (10/13/2004) ~ Microsoft XML Core Services 4.0 SP2 (6/2/2003) (formerly called Microsoft XML Parser) and Hotifx for 4.0 SP2 (2/23/2004) ~ Microsoft Core XML Services (MSXML) 6.0 (11/7/2005) ~ Check also Microsoft's XML Downloads page and MSXML downloads sorted by release date.
Command Line Transformation Utility (msxsl.exe) ~ Log Parser 2.2 (2/11/2005) and The Unofficial Log Parser Support Site.
XMLStarlet Command Line XML Toolkit (Linux/Unix)

Microsoft Office : Office Update
Microsoft LookOut version 1.30 free Outlook addin from Microsoft to quickly search e-mail, contacts, calendar and filesystem (Google for lookout130.exe)
Express ClickYes Automatically clicks Yes to the Outlook dialog box indicating another program is trying to access your email address to send a message.
Outlook Thread Compressor for Outlook 2000 and higher. (Microsoft's Outlook Code Samples page contains a link to threadcompressor.exe which expands the individual Visual Basic project files).
Word Viewer 2003 (view Word 97 through 2003, Microsoft Works or WordPerfect docs) ~ Excel Viewer 2003 (view Excel 97 through 2003 spreadsheets) ~ PowerPoint Viewer 2003 (view PowerPoint 97 through 2003 presentations) ~ Visio 2002 Viewer (view Visio 5, 2000, or 2002 drawings/diagrams) ~ Visio 2003 Viewer (view Visio 5 through 2003 drawings/diagrams; requires Win2K, WinXP or 2K3 Server).
Microsoft Excel Excess Formatting Cleaner Add-in
ASAP Utilities 300+ Excel utilities ~ ExTools ~ MrExcel.com index of the articles and tips you will find at the "Big Three" Excel sites (200+ articles from MrExcel, 185 articles from Chip Pearson, 75+ articles from John Walkenbach) ~ My Excel Pages -- David McRitchie.
Office 2000 Resource Kit.
TechHit's EZDetach, MessageSave, AutoRead, etc. Add-ons and Custom Rule Actions for Outlook. ~ Personal Message Store (PST) Export Utility PMSEU exports Internet messages out of Outlook and preserves their headers ~ Pocketknife Peek to safely see an Outlook message header and HTML.

Tweaking / Tuning / Optimizing Microsoft Windows : JScreenFix fix stuck pixels and remove burn-in.
ClearType for WinXP Turn it on and tune it in. (Tuner requires IE/ActiveX)
LCD Calibration screens The LCD Resolution Trick. Black and white pixel matrix to display full-screen on an LCD monitor before pressing its calibration button to result in crisper text.
PowerToys for WinXP ~ Tweak UI 1.33 ~ Compare with Creative Element Power Tools and Fresh Devices' Fresh UI.
PC Wizard ~ TuneUp Utilities ~ iolo's System Mechanic.
WinXP SP2 Support Tools ~ Win2K3 Server SP1 32-bit Support Tools
DirectX 9.0c End-User Runtime for multimedia and games.
User Profile Hive Cleanup Service speeds up a slow Log Off or Shut Down (Win2K, Win2K3 and WinXP.)

Fax Servers : GFI FAXmaker for Exchange/SMTP ~ FaxBACK NET SatisFAXtion ~ Captaris RightFAX ~ FaxCore (uses .NET) ~ HylaFAX "The world's most advanced open source fax server" ~ Esker Fax for Unix/Linux/Exchange/Notes.

Windows Registry Backup / System State Backup / Monitor Installation Changes : System State backup using Windows Backup in Windows 2000: Start | Programs | Accessories | System Tools | Backup | Backup tab | checkmark System State. For Windows XP, install ValueAdd/Msft/Ntbackup/Ntbackup.msi from the Windows XP installation CD.
Epsilon Squared's InstallWatch and InstallRite. ~ 2BrightSparks' InstallSpy and FingerPrint to monitor changes to file sytem and registry.
ERUNT The Emergency Recovery Utility NT and NTREGOPT Registry Optimization for Windows NT/2000/2003/XP.
How to Use the Backup Utility to Back Up Files and Folders in Windows XP Home Edition
How To Use Backup to Back Up Files and Folders on Your Computer in Windows XP
How to back up, edit, and restore the registry in Windows XP and Windows Server 2003
How to recover from a corrupted registry that prevents Windows XP from starting

Disk Clone / Drive Image / Drive and File Backups : Mozy Remote Backup ~ DropBoks ~ Omnidrive ~ box.net ~ Freedrive ~ JustUpIt ~ Ewedrive ~ Data Deposit Box
DriveImage XML freeware for Windows XP/2003/Vista/WinPE CD. Acronis True Image (v11 best price; v8 free) ~ PC Inspector cone maxx by CONVAR (Windows; free) ~ Clonezilla GPL; uni and multicasting. ~ g4l hard disk and partition imaging and cloning tool. ~ g4u (free) ~ HDClone (free Boot CD) ~ r-tools Drive Image ~ Symantec Symantec Norton Save & Restore (improves and adds features to Ghost 10.0; previous Ghost version was merged/replaced with code from PowerQuest Drive Image) ~ Symantec GoBack (formerly Roxio's GoBack). ~ Symantec Backup Exec 10 (formerly Veritas Backup Exec 9)
NovaStor NovaBACKUP inexpensive; encyption option. ~ Computer Associates BrightStor ARCserve Backup (formerly Cheyenne Backup).
~ CleverSafe GPL'd; stores across 11 grid nodes, 5 of which may go bad before data loss. ~ BackupPC GPL'd; On WinXX the standard smb protocol is used to extract backup data (Linux/POSIX/BSD/Solaris) ~ Amanda and Zmanda ~ EMC Insignia Retrospect formerly Dantz Retrospect; PC Magazine Editor's Choice ~ SimpleTech StorageSync (Standard Edition is free). ~ 2BrightSparks' SyncBack freeware. ~ Genie Backup Manager ~ Bacula ~ Novosoft Handy Backup ~ BackupAssist ~ StoreGrid ~ Cobian Backup ~ SiteVAULT website backup.

Fast disk based file server backups : Dirvish (used at OSU's OSL) ~ duplicity (tar-format; GnuPG encrypted) ~ rsnapshot (Perl; uses rsync and hard links)

Hardware Monitor / Benchmarking / Diagnostics / Check Disk / CHKDSK / S.M.A.R.T. :
Memtest86 A stand-alone Memory Diagnostic. Compare with memtest86+ ~ Microsoft Windows Memory Diagnostic.
CPU-Z freeware that gathers information on some of the main devices of your system.
SIW-System Information for Windows
SiSoftware Sandra benchmarker. (eg., is the CPU really a 3.0Ghz Pentium 4 as claimed?)
Microsoft's Performance Monitor Wizard.
EVEREST Home Edition hardware diagnostics and memory benchmarking. Compare with AIDA32.
Alex van Kaam's Motherboard Monitor Heat/Temperature, Voltage and Fan RPM monitor for Windows.
Conky system monitor for Linux. See also htop interactive process viewer.
HDD Health uses Self Monitoring and Reporting Technology (S.M.A.R.T.) ~ Speedfan monitors voltages, fan speeds and temperatures, SMART, etc. ~ SimpleTech PassMark DiskCheckup Drive monitoring (Windows; free; non-resident) ~ Active SMART Hard drive diagnostic and failure prediction using SMART. (Windows; $25; memory resident).
Foundstone's free tools.
Alex van Kaam's Motherboard Monitor.
Lm-sensors Linux system hardware monitoring.

Boot CD / System Rescue CD : Bootdisk.com utilities ~ bootdisk.info / bootcd.info ~ Bart's Preinstalled Environment (BartPE) bootable live windows CD/DVD ~ SystemRescueCd ~ Trinity Rescue Kit password resets, edit registry, NTFS read/undelete/write(limited), 2 antivirus scanners, etc. (Mandrake / Mandriva) ~ Knoppix Live CD (Debian GNU/Linux) ~ Frenzy (FreeBSD) ~ Ultimate Boot CD Consolidate as many diagnostic tools as possible into one bootable CD ~ Windows Ultimate Boot CD.
USB boot: Tom's Hardware Windows In Your Pocket ~ WeetHet - Boot from USB Flash drive ~ Linux bootable USB key HOWTO ~ Boot KNOPPIX from an USB Memory Stick.

Disk Recovery / Drive Recovery / Data Recovery / Undelete :
Brian Kato's Restoration small; requires no installation ~ Recuva (from makers of CCleaner) ~ CDCheck ~ Roadkil's Unstoppable Copier ~ IsoBuster CD and DVD data recovery ~ TestDisk and PhotoRec GPL'd ~ PC INSPECTOR Free File Recovery, Smart Recovery (reconstruct lost data on memory media), e-maxx, clone maxx (free disk cloning), task manager and fs guard. Not free: Print HTML (ActiveX avoids print dialog boxes) and WatchIT (2-second drive restore PCI or USB device).
Smart Data Recovery supports FAT and NTFS.
Runtime Software GetDataBack
dd_rescue copy data from one file or block device to another. (Linux; GPL) and GNU ddrescue.
Steve Gibson's SpinRite 6.0 now supports NTFS and moves the drive's read head to approach and discern data in troubled spots from different angles and velocities.
Excel Rebuilder AKA Excel Workbook Rebuilder (from vbUsers.com) ~ cimaware Office/Access/Excel/WordFix ~ OfficeRecovery (AKA Recoveronix) product list including FreeUndelete, Exchange Server, Money, etc.
VirtualLab Data Recovery Software and iDriveRepair (BinaryBiz) ~ R-Studio Data Recovery Software (rtt; r-tools technology)
O&O DiskRecovery V3.0 ~ Ontrack Data Recovery (big-name, but expensive) ~ DriveSavers.

Wipe Free Disk Space : Jetico's BCWipe invoke either the US DoD 5200.28-STD standard or the Peter Gutmann wiping scheme to truly delete deleted files. (Windows, Linux and Unix)(The very popular Heidi Eraser hasn't been updated for awhile.) ~ DBAN: Darik's Boot and Nuke boot-up disk (Linux) for PC's to securely wipe everything from a hard disk (prevents data recovery). ~ Try File Shredder or Tolvanen's Eraser or AnalogX's SuperShredder or UltraShredder for single files.

Zip / Unzip File Compression / Exraction : 7-Zip very high compression ratio; free (GNU LGPL) ~ Universal Extractor ~ ZipGenius ~ IZarc free and easy ~ PowerArchiver ~ OutlookZIP 1.0 Outlook toolbar to Zip attachments. ~ WinZip ~ Universal Extractor

Batch Scripting Languages : ScriptLogic Desktop/Server Managment and KiXtart. ~ Windows Script 5.6 for Win2K and WinXP and Windows Server 2003.

Windows (program/package/application) Installers
dXLoader .net app which synchronizes/updates/installs files or programs over the network/Internet according to configurable schedule.
UPX the Ultimate Packer for eXecutables (Windows and Linux).
Mark's Sysinternals Blog: Single-image download and execution with no setup program.
Microsoft's Windows Installer XML (WiX) toolset builds Windows installation packages (eg., MSI and MSM) from XML source code. ~ How to use the Orca database editor to edit Windows Installer files (such as removing the unnecessary VersionNT > 500 restiction from Windows Defender so it installs on Windows 2000)
Microsoft's Windows Installer Redistributable