(Page 3 of 3)   < Prev  1 2 3 

Category: Intrusion Detection » Web

Early Bird
Added 2001-10-22
by Jay Dyson, jdyson@treachery.net
This utility is designed around the notion of setting up a decoy 'default.ida' executable on a UNIX system. When the worm (code red) hits this decoy script, a quick note is made as to the version of the worm (v1 or v2), and a lookup is performed via ARIN on the connecting IP address to determine the parent netblock owner. (Starting with Early Bird v2.1, the APNIC and RIPE databases are also consulted based on the IANA designations for Class A networks.) An e-mail is then composed with those details and sent off to said contact.

Netsecure Web
Added 2001-10-22
by netsecure software
NetSecure Web is a reverse proxy that blocks all buffer overflow attacks, and hundreds of cgi-based attacks. It is available on Windows NT and 2000, Solaris, Linux and AIX. This product can protect any web servers, and prevent any intrusion from the Internet.

X-RAY VISION
Added 2001-10-22
by Intracept, Inc.
X-RAY VISION provides privacy and security to the Internet user by filtering out unwanted ActiveX controls, Java Script, Java applets, cookies, push/pull technologies etc.

JCon
Added 2001-10-22
by Cyberdemon
Java Host/Network scanning tool including cgi-vulnerability checks, brute-force and various list-scans and a logfile-watcher (linux-only). Java 1.1 RE or JDK1.1 needed.

CGI Scanner Trap
Added 2001-10-22
by Narrow, nss@privacyx.com
Detects a CGI scan and sends an alert message to syslog with the attackers IP+Web Browser.

WebWatcher
Added 2001-10-22
by ForixNT
Web Watcher is a script that 'watches' a list of web pages for changes. The user can determine the pages to watch, interval between queries, etc. If even a single bit changes during the "sleep" interval, a message will appear on the screen.

Atelier Web Security Port Scanner
Added 2001-10-22
by Jose Pascoa, japp@atelierweb.com
AWSPS features a very comprehensive set of tools, some of them unique, for in-depth assessment of Network Security: * High-speed TCP Connect scanning engine, with adjustable maximum number of simultaneously opened ports and no-connection time-out adjustment. * High-speed TCP Syn scanning engine for Windows 2000 platforms with TCP/IP and ICMP packet capture, report on pen/Retransmits, Close, Filtered ports, ICMP packet decoding and much more. * Fast reliable UDP Port scanner with intelligent test probing of ports to confirm whether the host is up. * State-of-the-art NetBIOS scanner (AWSPS Professional only). * Unique Mapping of Ports to applications feature (Ports Finder). * Local Connections and Listening Ports instant report. * Local TCP, UDP and ICMP statistics instant report. * Local Active Routes, DNS Servers and Persistent Routes. * Local IP Statistics/Settings instant report. * Local Transport Protocols/Winsock Service Providers list and details. * Local Addressing information table. * Local Net to media information table. * Local Interfaces Statistics/Settings instant report. * Local Network related Local Registry settings. * Comprehensive Local Area Network information, including NetBIOS Names, LANA, Shares, Security Information, Groups/Users and running Services. * The most complete TCP/UDP ports database. * Full-featured Time synchronyzer according to SNTP (RFC 1769), TIME TCP (RFC 868) and TIME UDP (RFC 868).

ScanMail for Microsoft Outlook
Added 2001-10-22
by TrendMicro
Scans Outlook folders for malicious code and attachments. Also includes Trend's ActiveUpdate technology which automatically retrieves the latest virus pattern file and scan engine directly from Trend, so you are always up-to-date.

WS-Logan
Added 2001-10-22
by Pier Carlo Chiodi
WS-Logan (WebSite - Log Analyzer) looks in log file for hacking HTTP requests and send report by e-mail. Scheduled to run periodically, it take as input web site log file and looks in them for "bad" HTTP request, used in web attack (CGI vulnerability, exploits...). WS-Logan put lines of log file containing this kind of request in a file, and then send it by e-mail. WS-Logan is a VBS script provided within a .BAT file, that can be used in the Scheduled Task utility to run periodically, and a .TXT file, containing the "bad" string to look for. I use it on a web server I administer, set to run at 00.05 and parsing log file of previous day; it's fun to see people playing with the server! If you download and use this tool, please send me any modifications in the script, so that I can improve it.

arirang
Added 2001-10-22
by pilot
arirang is a powerful webserver security scanner with support for: -Operating System Detect -flexible scan rule databases -scan list file -http port -wide network(ip range) scan -wide network webserver type scan -patch information. -http request injection. -virtual host scan -fast scan, and -included last (~2001/05/25) WWW Vulnerabilities able to check (700 over check)

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus