|
(Page 11 of 17) < Prev 6 7 8 9 10 11 12 13 14 15 16 Next > Category: Auditing » Host DumpEvt Added 2001-10-22 DumpEVT is a Windows NT program to dump the event log, in a format suitable for importing into a database. Used as basis for eventlog managment system, for long-term tracking of security violations, etc. There is also a DLL version of DumpEvt, which allows you to read the formatted event log from Visual Basic. NT Group Monitor Added 2001-10-22 Utility for monitoring malicious group creation by end users. Wfile Added 2001-10-22 Wfile is a utility that searches through a directory structure for writeable files and directories. You can specify a local drive or UNC as the target location. Requires that the winperl files be on the path. NewSID Added 2001-10-22 NewSID is a program we developed that changes a computer's SID. It is free, comes with full source, and is a Win32 program, meaning that it can easily be run on systems that have been previously cloned. Please read this entire article before you use this program. This articles is available in the zip file of this download. NT Registry Harderner Added 2001-10-22 This tool attempts to lock down an NT host by implementing the following actions (Registry changes): - restrictlogaccess.reg restricts guest access to the system, applications, and security logs. - hidelastlogin.reg stops the last userid that logged into the machine from being dislplayed. - nolm.reg Disables the LanMangager Hash - lmonrequest.reg enables LanManger Hashes only upon server request - disablenullsessions.reg restricts anonymous logins. NT Service Pack Checker Added 2001-10-22 This is a command line utility that lists service pack and hot fix information for Windows NT machines. SID2User & User2SID Added 2001-10-22 User2sid.exe can retrieve a SID from the SAM (Security Accounts Manager) from the local or a remote machine Sid2user.exe can then be used to retrieve the names of all the user accounts and more. These utilities do not exploit a bug but call the functions LookupAccountName and LookupAccountSid respectively. What is more these can be called against a remote machine without providing logon credentials save those needed for a null session connection. NTO Tools Added 2001-10-22 NTOLog is a networkwide backup and log-clearing utility for NT event logs that can quickly back up all the logs in an entire NT domain with one command. LServers is a NetBIOS name-dumping utility that can quickly iterate all the names of any listening PDC or BDC, and all other NT systems listening on a network. NPList is a network process- dumping utility that lists all the processes running on a given NT system or all the NT systems across an NT domain. ICEWatch Added 2001-10-22 This is a program that monitors a given file for changes in size. It is very efficient; a small program that uses almost no CPU time. Why the name ICEWatch? Well, I wrote it to co-exist with a packet filter/firewall program called BlackICE Defender from Network ICE ( http://www.networkice.com). This handy program monitors all "hack" attempts coming in from the Internet and it creates a log file with many details of the attempted access. Although the program alerts you to an incoming intrusion attempt it only does so by flashing an icon in the system tray. So, I wrote this little utility to monitor changes in the log file size and play an alarm sound when changes are detected. Narrow Security Scanner (Unix/Perl) Added 2001-10-22 Narrow Security Scanner 2000 (Unix /Perl) searches for 367 remote vulnerabilities. Browse by category |
|
|
Privacy Statement |
