|
(Page 11 of 14) < Prev 4 5 6 7 8 9 10 11 12 13 14 Next > Platform: IRIX Chrootuid Added 2001-10-22 Chrootuid is a wrapper program designed to protect hosts from network compromise. By running a daemon under the chrootuid wrapper, if the daemon results in a remote compromise, the access acquired will be severely limited. Chrootuid utilizes the chroot() mechanism to allow the daemon to run in its own, contained sand box. If an attacker gains access to a host via a chroot'ed daemon, they will only have access to a specific subset of tools and capabilities, as provided in the chroot directory set by the wrapper. CU Sudo Added 2001-10-22 Sudo is a utility that allows administrators to give limited access to root privileges to users, and log activity associated with the use of sudo. This allows for giving people the access they need, without the need to give full root access. sniffit Added 2001-10-22 Sniffit is a packet sniffer for TCP/UDP/ICMP packets. sniffit is able to give you very detailed technical info on these packets (SEQ, ACK, TTL, Window, ...) but also packet contence in different formats (hex or plain text). Xip Added 2001-10-22 Xip is a graphical protocol analyzer. ViperDB Added 2001-10-22 ViperDB was created as a smaller & faster option to Tripwire. Tripwire while being a great product leaves something to be desired in the speed department and also, by default tripwire generates a report everytime it runs and directs that report to an email address. This hinders most people from running Tripwire every few minutes to do a system check. ViperDB however is the answer to this problem. ViperDB uses a fast plaintext db and is written in perl. S/Key Added 2001-10-22 The S/KEY one-time password system provides authentication over networks that are subject to eavesdropping/replay attacks. This system has several advantages compared with other one-time or multi-use authentication systems. The user's secret password never crosses the network during login, or when executing other commands requiring authentication such as the UNIX passwd or su commands. No secret information is stored anywhere, including the host being protected, and the underlying algorithm may be (and it fact, is) public knowledge. The remote end of this system can run on any locally available computer. The host end could be integrated into any application requiring authentication. TARA (Tiger Analytical Research Assistant) Added 2001-10-22 Tiger Analytical Research Assistant (TARA) is an upgrade to the TAMU 'tiger' program. Tiger is a set of scripts that scan a Unix system looking for security problems, in the same fashion as Dan Farmer's COPS. Since 'tiger' has not been updated since 1994, there were numerous changes made to the 'systems' directories. Output was streamlined to provide a more readable report file. Also, minor bugs in the 'scripts' directory were corrected. XTcpdump Added 2001-10-22 XTcpdump is a program providing an easy to use graphical user interface towards tcpdump(1). Tcpdump is a network monitoring program capable of observing all the traffic on a local network. As such, it can be used to provide raw trace data to a performance or security monitoring tool. UCGI Vulnerability Scanner Added 2001-10-22 CGI vulnerability scanner version 1.56. Checks for over 90 CGI vulnerabilities. Tested on slackware linux with kernel 2.0.35-2.2.5, Freebsd 2.2.1-3.2, IRIX 5.3, DOS, and windows. Tailbeep Added 2001-10-22 Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.) Browse by category |
|
|
Privacy Statement |
