Favorite STH-like security site

[Patrick]

I am looking to add more security related content to STH. Does anyone have a favorite site or set of sites they read, similar to STH, on the topic? Alternatively does anyone want to start a STH/information security mini-site?

Regards,
Patrick

 

[Mike]

Any of the major distros security lists or even Reddit could be a good source for actual events.

 

[Jeggs101]

Any of the major distros security lists or even Reddit could be a good source for actual events.

I was thinking about that too. What are you looking for? I mean there are a few vectors to cover:
- Threats that are discovered - @Mike 's lists.
- Client hardware/ software
- Server hardware/ software incl. firewalls, UTMs and those devices

What are you trying to do? I'm confused.

 

[Mike]

Just an idea, something that I would like in particular are a bunch of comparisons on Linux security features in terms of their theoretical security, performance impact and ease of use. A lot of Linux deployments may use SElinux, Apparmor or the less used Grsecurity package. Which of their features make sense, with what (server) loads, which don't and cause unnecessary overhead.

Security considerations for your public facing web- or mailserver, SSL and CA options (even what you used for this site). Key management practices in home environments.
Self hosted cloudyness for the more paranoid or celebrity STH readers.
Secure remote backups / Secure backup strategies.
But all in all with a home focus. So no $20k SSL offload cards

 

[Chuckleb]

I like the idea of home focused.

 

[TangoWhiskey9]

Yea. I don't think you need to get crazy big, but I'm also one of the people that wants to see some hardware reviews on the SMB/ "home" options.

I'm ok with $1000 box, but $10000 for home is too much.

 

[Patrick]

All good points. Let me see how I can refine the concept.