One of the safest places to visit to pick up security-related software is CERIAS (used to be COAST), ftp://ftp.cerias.cs.purdue.edu/pub/tools/, a project of Purdue University. What makes this site safer than most is that they keep archives on CDROMs. This makes it very difficult for a remote attacker to replace security software with a trojanned version (as happened early in 1999 to Wietse Venema's old site). COAST had a Web server, but this has been replaced with the CERIAS Web site, which will at least point you to the same FTP site listed above, as well as providing information about the replacement for COAST.
CERT, the Computer Emergency Response Team for the US, also maintains an FTP server with some tools as well as a Web Server. You may find information papers here as well. There are other teams outside of the US with useful reposititories and information, such as AUSCERT (Australian CERT). Others do exist and will be added later.
There are also sites that maintain useful indexes to security software. Two of my favorite include the Nist Web site and the NIH Web site. These are indexes and short explanations of UNIX security tools.
The US Department of Energy's CIAC site (Computer Incident Advisory Council) has a FTP server with UNIX tools.
The Security Statisitics has some useful tools, particularly a tool for matching ports to services--or trojans that use that port address. SANS keeps has an interesting site as well Incidents.org , that presents a graphic of incident counts by port address.
VPNLabs includes useful reference material about VPNs, as well as pointers to reviews of VPN products, information about setting up the VPN software bundled with BSD, Linux, and Windows operating systems.
Bugtraq is a full-disclosure mail list monitored by Elias Levy (also known as Aleph1). You can join Bugtraq by visiting Security Focus. There are other mailing lists run from this site, as well as security resources, such as patch lists for Windows systems, exploits, and security software. Bugtraq often has news of new attacks long before you will learn of them from other sources, and does include the source code and directions for new attacks (that is what full-disclosure means.
Some programmers calling themselves The Shmoo Group has posted an updated list of resources for writing secure programming code, including C, Perl, and CGI scripts.
FIRST, the Forum of Incident Response Teams, provides a Web server with information about becoming a FIRST member.
You can get the entire list of port numbers as created by the Internet Assigned Number Authority IANA ftp://ftp.isi.edu/in-notes/iana/assignments/port-numbers). Note that this is about one-quarter of a megabyte. This site includes a much shorter list of interesting ports.
A list of ICMP types can be found on my site.
The CSI Firewall Search Engine includes information provided by vendors that can help you select firewalls products or free software to evaluate.
Some sites sponsered by "hackers" also contain useful information. In some cases, the "hackers" maintain these sites as a form of advertising for their security consulting businesses. The sites mentioned here are run by security consulting firms that choose to flaunt their hands-on experience with security. As far as trusting these sites, you can, as their businesses really on being trustworthy.
Note that I personally prefer the definition of hackers that existed before the connotation of hackers as 'people who break into systems' came into being. Hackers of old were interested in anything having to do with computers, and exploring other people's online systems, if they were left in an open state, was considered reasonable behaviour. For more on this subject, I recommend reading Steven Levy's book "Hackers". For other views on this subject, visit What is a Hacker? or Hacker Ethics.
Visit Hobbit's site for the source of netcat, as well as other interesting papers and tools. You must use an FTP client, as he has hacked his Web and FTP servers, and using your Web browser to download netcat won't "hack" it. Try ftp.avian.org, the /src/hacks directory, and download nc110.tgz for the UNIX version of a useful tool for probing your own networks, setting up dummy servers for testing, etc. You can also find L5, a simplified version of tripwire, here as well. I wrote a simplified man page for nc. Netcat has both good and evil uses.
You can also find netcat at the atstake Tools page. There are lots of over useful tools here, such as dcetest, for scanning Windows RPC services, and tools for debugging PalmOS, using a Palm as a war dialer, etc. The l0pht merged with atstake, so this is where you will find links to l0phtcrack as well. Foundstone, another security consulting company, also has tools at their site.Nomad Mobile Research Centre has FAQs on hacking both NT and Novell Netware, as well as some tools, such as the NetBIOS Auditing Tool, or NAT, which can be used to brute force password guessing against any Microsoft server that has port 139/tcp open. You can get a binary copy of Rhino9's ogre tool here as well.
Fyodor's scanning tool, nmap is probably the premier network scannning tool in existence today. It includes features of netcat, ptcp, strobe, and other tools into one neat package. Nmap includes stealthy scanning as well as TCP fingerprinting techniques.