|
(Page 2 of 4) < Prev 1 2 3 4 Next > Category: Auditing » Network » Trojans & Backdoors Narrow Security Scanner (Unix/Perl) Added 2001-10-22 Narrow Security Scanner 2000 (Unix /Perl) searches for 367 remote vulnerabilities. SBScan Added 2001-10-22 SBScan is a tool designed to assist system administrators who can't be bothered doing anything by hand. Currently this tool checks for the following; Anonymous FTP, Unpassworded accounts, Open Ports / l33t Open Ports, Entire Subnet Promisc Check, Local Machine Promisc Check, Suspicious Files, RHost files, Sniffer check - Log files, Suid programs in slash home, Evidence of a Rootkit, X Hosts allowed to connect, permissions on vital directories, log file permissions, NFS basic check, and it makes MD5 sums of common files. Trinoo Killer Added 2001-10-22 This program kills trinoo nodes on version 1.07b2+f3 and below. APSEND Added 2001-10-22 APSEND is a TCP/IP packet sender to test firewalls and other network applications. It also includes a syn flood option, the land DoS attack, a DoS attack against tcpdump running on a UNIX-based system, a UDP-flood attack, and a ping flood option. It currently supports the following protocols: IP, TCP, UDP, ICMP, Ethernet frames and you can also build any other type of protocol using the generic option. The scripting language of apsend is already written, but not yet public. Guideon Added 2001-10-22 Guideon allows you, the user to take control back over your identity. Microsoft Office applications include an identifier called a GUID (Globally Unique Identifier). This identifier is unique to each machine. As a result, any document could be traced back to its original creator. Guideon lets you remove these identifiers from the files with no ill effects to the data files. check-ps Added 2001-10-22 Check-ps is a program that is designed to detect rootkit versions of ps that fail to tell you about selected processes. Rootkits are sometimes installed by script kiddies to allow them to continue to abuse your machine undetected. Many rootkits also contain backdoors of various kinds as well. Given prompt notification of an installation of a rootkit it is usually relevatively painless to replace the binaries with versions known to be clean and assess the extent of the instrusion. This job becomes harder the longer the crackers have had to throughly install backdoors on your machine. Intact Open Use Added 2001-10-22 Intact detects changes in computer systems by taking a snapshot of system objects then periodically compares the snapshot to the active system. The snapshot may be stored on read-only media or offline in a safe place limiting the possibility of alteration via the network. Intact detects unauthorized intrusion, damage from viruses, trojan horses, rogue installation programs, random OS corruption, security alterations, changes to auditing settings--any changes, additions or deletions that may lead to a compromise of your system's integrity. Stack Shield 0.7b Added 2001-10-22 The "stack smashing" technique is the most common way used in exploits to break the security of programs. It is based on sending an unexpected amount of input data to a program causing a buffer overflow that allows the attacker to make the program execute arbitrary assembler code which can garant to him the access to the system, destroy the system files or do anything else. Stack Shield is a tool for adding protection to programs from this kind of attacks at compile time whitout changing a line of code. Stack Shield uses a more secure protection system than other tool like Immunix Stack Guard. Stack Shield is designed to support the GCC under a Linux Intel 386 class platform. Q Added 2001-10-22 Q is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports. XploiterStat Pro Added 2001-10-22 XploiterStat Pro is a shareware network management tool in a similar vein to the dos program 'Netstat.exe' - i.e. shows all the connections to your machine, listening ports (identifying trojans) etc. allowing you the user to see TCP/UDP & ICMP connections are present on your machine. This is the latest release of the program formerly known as Totostat Enhanced. It can be used by networking professionals to determine what connections are on the machine at any time along with all the ports that may be listening (i.e. services, trojan horses etc.). Browse by category |
|
|
Privacy Statement |
