|
(Page 11 of 18) < Prev 6 7 8 9 10 11 12 13 14 15 16 Next > Category: Auditing » Network » General Icmpenum Added 2001-10-22 Host enumeration is the act of determining the IP address of potential targets on a network. Icmpenum uses not only ICMP Echo packets to probe networks, but also ICMP Timestamp and ICMP Information packets as well. Furthermore, it supports spoofing and promiscuous listening for reply packets. Icmpenum is great for enumerating networks who block ICMP Echo packets but have failed to block Timestamp or Information packet, or for upstream sniffing of trusted addresses. This is a proof-of-concept tool to demonstrate possible distributed attacking concepts, such as sending packets from one workstation and sniffing the reply packets on another. Egressor Added 2001-10-22 MITRE has released a freeware tool that allows a company to check the configuration of their Internet point-of-presence router. The tool will help companies determine whether their routers are configured to the Help Defeat Denial of Service Attacks guidelines. This configuration of egress filtering reduces the chance that their computers can unwittingly contribute to a distributed denial of service attack. The tool has two parts; a generator and a receiver. The test generator (or "client") is being provided as C source code and the test receiver (or "server") is a PERL script. Both are currently known to work on LINUX, and the server also works on Solaris. ISB Added 2001-10-22 Security auditing tool for unix systems. Port scan, remote services version detect, log facility. Satan Added 2001-10-22 SATAN is a tool to help system administrators. it recognizes several common networking-related security problems, and reports the problems without actually exploiting them. checkXusers Added 2001-10-22 This script checks for people logged on to a local machine from insecure X servers. It is intended for system administrators to check up on whether users are exposing the system to unacceptable risks. Like many commands, such as finger(1), checkXusers could potentially be used for less honorable purposes. checkXusers should be run from an ordinary user account, not root. It uses kill which is pretty dangerous for a superuser. It assumes that the netstat command is somewhere in the PATH. Wireless Network Tools Added 2001-10-22 The Wireless Network Tools package uses a Web-enabled phone (or an emulator) to provide traceroute, ping, and port scanning. If you use netsaint, it ties into it nicely and provides real-time status of your hosts/network. This should be considered pre-alpha, but it does do what it is intended to do. Messala Added 2001-10-22 A vulnerability scanner which scans for the following: - 97 CGI vulns - 7 FTP vulns - All known QPOP vulns - 7 named vulns and prints out which version the host is running on - 9 IMAP vulns - 16 mail vulns - 1 Webserver vuln and dumps the header to a file - Checks if host suffers from TCP chorusing - Checks for vuln kernel's - Performs a basic OS guess - Telnet Banner grabbing and dumps it to a file - 16 RPC vulns (sh script written by gH [bin/msl-rpcvulns.sh]) Zombie Zapper Added 2001-10-22 Zombie Zapper is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep. Zombie Zapper Added 2001-10-22 Zombie Zapper is a free, open source tool that can tell a zombie system flooding packets to stop flooding. It works against Trinoo, TFN, and Stacheldraht. It does assume various defaults used by these attack tools are still in place, but allows you to put the zombies to sleep. VoidEye CGI scanner Added 2001-10-22 Void Eye is a CGI scanner which scans for up to 119 known vulnerabilities. Browse by category |
|
|
Privacy Statement |
