|
(Page 3 of 10) < Prev 1 2 3 4 5 6 7 8 Next > Category: System Security Management » Linux Devil-Linux Added 2004-06-02 Devil-Linux is a special Linux distribution which is used for firewalls/routers. The goal of Devil-Linux is to have a small, customizable, and secure Linux system. Configuration is saved on a floppy disk, and it has several optional packages. NSA Security-enhanced Linux Added 2004-04-08 NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control architecture into the major subsystems of the kernel. It provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals. INSERT Added 2004-04-05 INSERT (the Inside Security Rescue Toolkit) aims to be a multi-functional, multi-purpose disaster recovery and network analysis system. It boots from a credit card-sized CD-ROM and is basically a stripped-down version of Knoppix. It features good hardware detection, fluxbox, emelfm, links-hacked, ssh, tcpdump, nmap, chntpwd, and much more. It provides full read-write support for NTFS partitions (using captive), and the ClamAV virus scanner (including the signature database). Symbion SSL Proxy Added 2004-03-22 SSL Proxy server listens on a TCP port, accepts SSL connections, and forwards them to another local or remote TCP port. For example, it is possible to create an HTTPS server if you have an HTTP server and you run an SSL Proxy server on port 443 which forwards the connections to port 80. SSL Proxy's design makes it as secure as possible and still perform well. Adamantix Added 2004-03-02 The Adamantix project (formerly known as Trusted Debian) aims to create a highly secure but usable Linux platform. It brings together security solutions including kernel patches, compiler patches, security related programs, and techniques. mod_log_sql Added 2004-03-02 mod_log_sql (formerly known as mod_log_mysql) is an Apache module that enables access logging to an SQL database. This capability can replace or coexist with Apache's regular text-file logging mechanisms. The currently supported database backend is MySQL, with PostgreSQL and others in development. Fast OnlineUpdate for SuSE Added 2004-02-04 Fast OnlineUpdate for SuSE (fou4s) is a bash script that provides the functionality of YOU (YaST OnlineUpdate), but can also work in background and check for updates every night. It supports resumed downloads and proxies by using wget. GPG signatures are also checked. Linux Security Auditing Tool Added 2004-01-11 Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and scans for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions. Linux-VServer Added 2004-01-08 Linux-VServer allows you to create virtual private servers and security contexts which operate like a normal Linux server, but allow many independent servers to be run simultaneously in one box at full speed. All services, such as ssh, mail, Web, and databases, can be started on such a VPS, without modification, just like on any real server. Each virtual server has its own user account database and root password and doesn't interfere with other virtual servers. Port Scan Attack Detector (psad) Added 2003-12-29 Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, DShield reporting, and automatic blocking of offending IP addresses via dynamic configuration of iptables firewall rulesets. In addition, psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate Browse by category |
|
|
Privacy Statement |
