< Prev 6 7 8 9 10 11 12 13 14 15 16 Next >
Category: Network Utilities » Miscellaneous
Panoptis is a tool to detect and stop DoS/DDoS attacks. It relies on data provided by NetFlow-enabled routers, and includes functionality to cooperate with other "Panoptis" detectors in order to trace the attack back to its source.
virusNotification is a simple Perl script that can be run (either manually, or automatically through cron) to detect, download, and send a notification by email when new DATs are present for the McAfee antivirus software. The email notification contains the location where the DAT file can be retrieved (both locally and remotely), as well as a list of the changes from the previous to the newest DAT. If any viruses on the Top Threats list or the Virus Alerts pages have been addressed by the new DAT, this information will also be noted in the email.
The SLAN project is focused on developing a flexible open source Virutal Private Networking system, primarily for securing Internet uplinks which use broadcast media such as 802.11 wireless links or public/shared ethernets. The system is flexible enough to support traditional VPN applications as well. As well as featuring an open design and strong security, the SLAN project hopes to eventually provide support for all major computing platforms.
This little utility dumps MSRPC endpoint information from Windows systems. Similar to the rpcdump program from Microsoft, but does not need a DCE stack and so runs on Unixes. dcetest can be very useful once inside a DMZ to fingerprint Windows machines on the network. dcetest operates over TCP port 135. (Think of it as rpcinfo -p against Windows.)
Leka Rescue Floppy
Leka Rescue Floppy is a Linux mini-distribution that installs into one floppy disk. It is meant for disaster recovery, but also contains many fine features like networking support, a dhcpd, a Web browser, and an IRC client.
OpenRADIUS is a RADIUS server that allows you to use external data sources for anything - shared secrets, accounts and passwords, profiles, session database, NAS lists, called/calling nr. ACLs, accounting storage, and much more. It has a powerful external module interface that uses pre-spawned subprocesses and pipes for communication, allowing you to implement modules in any language that supports Unix pipe I/O. Its behaviour is fully configurable, using a built-in business rule language, which gives you full control over the request and reply list. It includes a versatile LDAP gateway module and a full featured RADIUS client.
OpenSC consists of a SmartCard library that uses PC/SC Lite as its backend, and applications that use the library. It's been tested so far on only Finnish Electronic Identity (FINEID) cards, but might work on other PKCS#15 compatible SmartCards. Also implemented are a Netscape PKCS#11 module for WWW authentication, a PAM module, and OpenSSH support.
MyAM is an alert manager. Send an alert to MyAM and it will perform the following operations: archive the alert, update the user views that are concerned in the alert, and execute actions depending on the alert type and content. Additionnaly, MyAM will clean old archived alerts. MyAM stores alerts on your disk (not in a database), which makes it easy to develop, easy to install, and easy to administer.
Advanced Administrative Tools
AATools for Windows is a great set of utilities for analyzing network properties. It will test pretty much every network operation you could want to know about. AATools will check Email properties, Scan ports and proxies, give network and system statuses, clean up unnecessary registry entries in your registry, etc. The information it conveys is easy to digest and setting up a test is likewise very simple. A worthwhile download for anyone wanting to gather info on their network or PC. AATools should be a part of your security toolkit and you should employ them regularly.
Amap is a scanning tool that allows you to identify the applications that are running on (a) specific port(s). It does this by connecting to the port(s) and sending trigger packets. These trigger packets will typically be an application protocol handshake (i.e. SSL). Amap then looks up the response in a list and prints out any match it finds. Adding new response identifications can be done just by adding them to an easy-to-read text file. With amap, you will be able to identify that SSL server running on port 3445 and some oracle listener on port 233.
Browse by category