There are a lot of good sites out there for UNIX security in general and GNU/Linux security specifically. It's very important to subscribe to one (or more) of the security mailing lists and keep current on security fixes. Most of these lists are very low volume, and very informative.
The LinuxSecurity.com web site has numerous Linux and open source security references written by the LinuxSecurity staff and people collectively around the world.
Linux Advisory Watch — A comprehensive newsletter that outlines the security vulnerabilities that have been announced throughout the week. It includes pointers to updated packages and descriptions of each vulnerability.
Linux Security Week — The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headlines.
Linux Security Discussion List — This mailing list is for general security-related questions and comments.
Linux Security Newsletters — Subscription information for all newsletters.
comp.os.linux.security FAQ — Frequently Asked Questions with answers for the comp.os.linux.security newsgroup.
Linux Security Documentation — A great starting point for information pertaining to Linux and Open Source security.
CERT is the Computer Emergency Response Team. They often send out alerts of current attacks and fixes. See cert.org for more information.
ZEDZ (formerly Replay) (zedz.net) has archives of many security programs. Since they are outside the US, they don't need to obey US crypto restrictions.
Matt Blaze is the author of CFS and a great security advocate. Matt's archive is available at att.com
tue.nl is a great security FTP site in the Netherlands. tue.nl
The Hacker FAQ is a FAQ about hackers: The Hacker FAQ
The COAST archive has a large number of UNIX security programs and information: COAST
Security Page: suse security
Rootshell.com is a great site for seeing what exploits are currently being used by crackers: rootshell
BUGTRAQ puts out advisories on security issues: BUGTRAQ archives
CERT, the Computer Emergency Response Team, puts out advisories on common attacks on UNIX platforms: CERT home
Dan Farmer is the author of SATAN and many other security tools. His home site has some interesting security survey information, as well as security tools: http://www.trouble.org/security
The GNU/Linux security WWW is a good site for GNU/Linux security information: Linux Security WWW
has a vulnerability engine that can tell you what vulnerabilities affect a specific platform.
CIAC sends out periodic security bulletins on common exploits: CIAC
A good starting point for GNU/Linux Pluggable Authentication modules can be found at kernel.org.
WWW Security FAQ, written by Lincoln Stein, is a great web security reference. Find it at w3.org
Mandrake Linux security list: you can be informed for each security fix by subscribing to oursecurity mailing-list.
Bugtraq: To subscribe to bugtraq, send mail to listserv@netspace.org containing the message body “subscribe bugtraq”. (See links above for archives.)
CIAC: Send e-mail to majordomo@tholia.llnl.gov. In the BODY (not subject) of the message put: “subscribe ciac-bulletin”
There are a number of good security books out there. This section lists a few of them. In addition to the security specific books, security is covered in a number of other books on system administration.
Building Internet Firewalls. 1st Edition September 1995. ISBN 1-56592-124-0.
Practical UNIX & Internet Security. 2nd Edition April 1996. ISBN 1-56592-148-8.
Computer Security Basics. 1st Edition July 1991. ISBN 0-937175-71-4.
Linux Network Administrator's Guide. 1st Edition January 1995. ISBN 1-56592-087-2.
PGP: Pretty Good Privacy. 1st Edition December 1994. ISBN 1-56592-098-8.
Computer Crime A Crimefighter's Handbook. 1st Edition August 1995. ISBN 1-56592-086-4.
Linux Security. New Riders. March 1999. ISBN 0735700354.
Maximum Linux Security: A Hacker's Guide to Protecting Your Linux Server And Network. July 1999. ISBN 0672313413.
Intrusion Detection. John Wiley and Sons. September 1998. ISBN 0471290009.
Fighting Computer Crime. John Wiley and Sons. September 1998. ISBN 0471163783.