< Prev 1 2 3 4 5 Next >
samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware.
lsh is an implementation of the SSH protocol version 2. It is under active development. Developer contributions are welcome from both inside and outside the US.
Big Brother is a combination of monitoring methods. Unlike SNMP where information is just collected and devices polled, Big Brother is designed in such a way that each local system broadcasts its own information to a central location. Simultaneously, Big Brother also polls all networked systems from a central location. This creates a highly efficient and redundant method for proactive network monitoring.
Steghide is steganography program which hides bits of a data file in some of the least significant bits of another file in such a way that the existence of the data file is not visible and cannot be proven. Steghide is designed to be portable and configurable and features hiding data in bmp, wav and au files, blowfish encryption, MD5 hashing of passphrases to blowfish keys, and pseudo-random distribution of hidden bits in the container data.
Secure Cryptographic Instant Messaging
The Project SCIM application allows you to send Encrypted Instant Messages to your friends and other contacts. The software is free for non-commercial users and contains a load of cool features.
FCHECK is a very stable PERL script written to generate and comparatively monitor a UNIX system against its baseline for any file alterations and report them through syslog, console, or any log monitoring interface. Monitoring events can be done in as little as one minute intervals if a system's drive space is small enough, making it very difficult to circumvent. This is a freely-available open-source alternative to 'tripwire' that is time tested, and is easier to configure and use.
libdnet provides a simplified, portable interface to several low-level networking routines, including network address manipulation, kernel arp(4) cache and route(4) table lookup and manipulation, network firewalling, network interface lookup and manipulation, and raw IP packet and Ethernet frame transmission.
Multi threaded cgi scanner. It has rulesets and more than 2500 cgi script checks.
This program implements: a) A PPTP challenge/response sniffer. These c/r can be input into L0phtcrack to obtain the password, and b) An active attack on PPTP logons via the MS-CHAP vulnerability to obtain the users password hashes. Notice that this also generates the password hashes of the new password the user wanted to use. These can be input into L0phtcrack to get password, into a modified smbclient to logon onto a SMB sever, or into a modified PPP client for use with the Linux PPTP client.
The tcp_wrapper package by Wietse Venema. Formerly called log_tcp. Allows monitoring and control over who connects to a hosts TFTP, EXEC, FTP, RSH, TELNET, RLOGIN, FINGER, and SYSTAT ports. Also includes a library so that other programs can be controlled and monitored in the same fashion.
Browse by category