Re: Security Search Engine

["Saqib Ali" <docbook.xml () gmail com>]

Hello Dathan,

Thanks for the feedback. I realize that filtering sites will require a
lot of work, but I think in the end it will be beneficial for all.

Note: I am looking for few other people to help me filtering out the
website, and updating the index. Please let me know if anyone is
interested. As always please keep sending your favorite URLs. I have
tons of URLs in my email box, and I will catch up with them (and reply
to the sender) over the weekend :)

Here are my current guidelines for site inclusion

1) I will NOT include any vendor site (e.g. Cisco, Microsoft, Bluecoat etc)
2) I will check the Netcraft ranking for each suggested URL that I receive.
The site has to rank in <50K to be included in the index. (e.g.
http://toolbar.netcraft.com/site_report?url=http://www.securityfocus.com)
3) I will also make sure that the site doesn't excessive amount of Ads. For
e.g. I will not include  http://www.securitynewsportal.com/index.shtml

As far the inclusion of vendor sites in concerned, I think if one is
searching for some specific information (e.g. install guide) for a
particular product they should probably go to the vendor website or
google it.

However if you researching about a technology, lets says IDS, you
really don't need to see the vendor sites. They will, offcourse, say
that their product is the best in the world. For e.g. search for "Full
Disk Encryption" on Google, and you will see that DriveCrypt and
WinMagic show up in the first 3 results. And they both claim to be
"best in the world" :) And I have tried both, and they are not the
best (to say the least)! ;-) Instead I would like to see what other
sites are saying about these products or "full disk encryption" in
general

I have received several emails supporting the decision to leaves the
vendor's websites out of the index. :-)

--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net





On 10/26/06, Dathan Bennett <dathan () shsu edu> wrote:
> Sounds like a good idea to me.  Of course, in order to provide a
> searchable list of sites that meet your criteria, you're going to have
> to visit each site and review them, which could be a time-prohibitive
> effort.
>
> I understand that you're intending to make a vendor-neutral list, but I
> think you should reconsider your stance on including vendors'
> websites in your index.  You could flag them and have them show up in a
> separate set of search results if you want.  But vendors often have a
> lot of information on their products that may be difficult to find
> elsewhere (or at least that may not be organized as nicely elsewhere),
> so I think you'd be doing your search engine a disservice to not include
> those sites.  Other vendor sites also offer whitepages, FAQs, HOWTO's,
> etc. for download, and it would be good to include those in your search
> index, for sure.  Your engine will be more effectively neutral, IMO, by
> including ALL sites germane to the topic, no matter how partisan or
> biased toward a particular product, rather than excluding all
> product-specific sites.
>
> ~Dathan
>
> Saqib Ali wrote:
> > Hello All,
> >
> > I am building a Search Engine exclusively for the Security and
> > eSecurity Community using Google's Coop program.
> >
> > I would like to NOT include any vendor site but just index sites that
> > are vendor neutral. Would this is be a good strategy or not?
> >
> > The URL for the search engine is
> > http://www.xml-dev.com
> >
> > Any suggestion, or new URLs are welcome.
> > Note: I won't include any security vendor website in the index for
> > right now.
> >
>
> ---------------------------------------------------------------------------
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The NSA has designated Norwich University a center of Academic Excellence
> in Information Security. Our program offers unparalleled Infosec management
> education and the case study affords you unmatched consulting experience.
> Using interactive e-Learning technology, you can earn this esteemed degree,
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------