(Page 2 of 5)   < Prev  1 2 3 4 5  Next >

Category: Hardening

Password Policy Enforcer
Added 2006-05-30
Password Policy Enforcer allows you to create and enforce up to 256 different password policies in a Windows domain. Policies are easily configured, and can be assigned to specific users, groups, and organizational units. An optional client component helps users to choose a suitable password, and reduces password related helpdesk calls. PPE is the only commercially available password filter specified in the "DISA Field Security Operations - Windows 2003/XP/2000 Addendum V5R1 [UNCLASSIFIED]" PPE can also integrate with ANIXIS Password Reset, a self-service password management system that allows users to securely reset their own passwords.

Added 2006-05-26
by Joe Lima
ANY INFORMATION A HACKER CAN OBTAIN ABOUT YOUR SYSTEM IS TOO MUCH INFORMATION. Broadcasting your Web server's identity via HTTP header data makes it easy for potential intruders to complete their first hacking task: identifying your OS and Web server. Hacker pre-attack reconnaissance accounts for 40% of all Internet attack traffic, so make sure that your Windows Web server isn’t giving away unnecessary clues about its identity. SERVERMASK SOFTWARE FROM PORT80 SOFTWARE MODIFIES YOUR WEB SERVER’S "FINGERPRINT" by removing unnecessary HTTP response data, modifying cookie values, and obscuring other response information, thus masking the identity of your server. Advanced options include custom header creation, Apache emulation, response randomization, a Remove Any Header feature, cookie masking, and one-click WebDav disabling. PART OF A TOTAL SECURITY STRATEGY FOR WINDOWS-BASED WEB SERVERS, ServerMask software provides camouflage to augment the armor provided by firewalls and intrusion detection systems (IDS). Not only does successful obfuscation discourage attacks in the first place by making your Windows server less conspicuous, but it also makes hackers more likely to trigger IDS through misguided exploits. ServerMask is already used by thousands of customers, including financial institutions, governments, and corporations concerned with security best practices, and has been hailed as "clearly the best solution yet produced for managing the IIS Server banner." INSTALLED IN MINUTES AS A SUPER-FAST AND STABLE ISAPI FILTER, ServerMask is fully compatible with IIS 4, 5, and 6, IIS Lockdown, URLScan, FrontPage, Outlook Web Access, and major scripting platforms like ASP, ASP.NET, ColdFusion, PHP, and Perl. ServerMask is available for a free, fully functional 30-day trial and includes free technical support. FOR COMPLETE OS/SERVER ANNONYMIZATION AT THE TCP/IP LEVEL AND INTRUSION PREVENTION, CHECK OUT PORT80’s SERVERMASK IP APPLIANCES: www.servermask.com/appliances

Added 2006-05-12
by Daniel B. Cid
OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.

GeSWall Server Edition
Added 2006-04-03
by GentleSecurity
With GeSWall Server Edition, you can harden your Web, Mail and SQL Servers. Hardening implies an isolation security policy that prevents damage from targeted intrusions and effectively precludes various attacks, known and unknown. Built on proven technology, GeSWall Server Edition provides powerful features to manage its security policy by means of Microsft Windows Group Policy and Active Directory.

Security Cloak
Added 2006-03-09
by Craig Heffner
Allows you to spoof your OS in order to fool passive fingerprinting techniques (twenty different OSs are supported). Also helps prevent information leakage via timestamp options.

Added 2006-02-06
by Applicure Technologies Ltd
dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). easily installed, dotDefender requires minimal administrator maintanance and updates via a "live update" functionality that keeps its rule set up to date, enabling it to secure the Web environment from the moment it is deployed. dotDefender is cost-effective and is available for a 30 day evaluation period at www.dotdefender.com

Windows Permission Identifier
Added 2006-01-18
by Nathan House
This tool enables administrators and penetration testers to review and audit the permissions of users on a windows machine. Windows Permission Identifier can check; File ACLs Folder ACLs Registry ACLs Services Permissions Shares Installation rights Internet Access and so on. The GUI enables the administrator to create policies that can be saved in XML format. The windows machines permissions are then checked against this policy. This enables administrators to run checks against existing organisational windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use. WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed. Report Bugs & send your own policy files : nhouse[at]stationx.net It would be very useful to the community if you send me any policies you create. For example, Web server, desktop, domain controller or what ever you create. I will upload your policy files to the site and credit you.

Added 2005-12-19
by Applicure LTD
dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). dotDefender installs within moments on the Web server along with a predefined, configurable rule-base - enabling it to secure the Web environment from the moment it is deployed, with virtually no administrator intervention. dotDefender retails at a fraction of the cost of conventional web application firewalls, and is available for evaluation via a free 30-day trial.

Added 2005-09-06
by Jupiter Information Technology
Fortifie is designed as a security tool for Windows computers running Internet Explorer 4 or greater, which will provide peace of mind as you surf the web, and confidence that you are protected from many internet borne threats, such as covert software installation.

Proactive Password Auditor
Added 2005-07-30
by ElcomSoft Co.Ltd.
Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks. Proactive Password Auditor helps secure networks by executing an audit of account passwords, and exposing insecure account passwords. If it is possible to recover the password within a reasonable time, the password is considered insecure. The software supports a few different methods of obtaining password hashes for further attack/audit: from dump files (generated by 3rd party tools like pwdump/pwdump2/pwdump3), Registry of local computer, binary Registry files (SAM and SYSTEM), memory of local computer, and memory of remote computers (Domain Controllers), including ones running Active Directory. The product features brute-force and dictionary attacks on LM and NTLM password hashes, effectively optimized for speed, plus "rainbow" attack, that uses pre-computed hash tables that allow to find most passwords in minutes instead of days or weeks.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus