|
(Page 5 of 16) < Prev 1 2 3 4 5 6 7 8 9 10 11 Next > Category: Auditing » Network » Firewall Port Scan Attack Detector (psad) Added 2003-12-29 Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, DShield reporting, and automatic blocking of offending IP addresses via dynamic configuration of iptables firewall rulesets. In addition, psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate CheckPoint FW1 VPN Tools (fw1vpntools) Added 2003-12-29 fw1vpntools is a set of some nifty little helpers which can be used for monitoring and maintaining a VPN which is terminated with CheckPoint VPN-1 Firewalls. Jay's Iptables Firewall Added 2003-12-29 Jay's Iptables Firewall is a bash script that allows one to easily install and configure a firewall on a Linux system. It was initially written for use on a home LAN, but can be extend to any type of network. It features support for multiple (external/internal) interfaces, TCP/UDP/ICMP header control, masquerading, synflood control, spoofing control, port forwarding, (experimental) upload limits, VPNs (like vtun), ToS (bandwith managment), denying hosts, ZorbIPTraffic, Spyware list IP, log options, and more. The firewall is able to launch custom iptables rules, and the configuration of the firewall is assisted by an optional, interactive, curses-based Perl script. ICEWall Network Access System Added 2003-12-22 ICEWall Network Access System is a modular billing and security system. The main module is "IC-Radius" (a Radius protocol implementation); it is needed to work with VPN clients. It can set traffic limits and time limits, block viewing of external sites, etc. Th statistics module provides information about individual clients and total usage. fwlogview Added 2003-12-15 fwlogview is a graphical, realtime, colorized logviewer for netfilter and other logs written in Java. It displays the logentries which are related to the firewall action. You can hide unimportant columns or change the order in which columns are shown. Firewall Builder for PIX Added 2003-12-09 Firewall Builder for PIX hides the complexity of PIX command line interface and automatically configures options and parameters that usually make manual configuration a real chore. With this module, the same workstation running Firewall Builder can create and manage security policy on Cisco PIX firewalls, as well as on firewalls built with iptables, OpenBSD pf, or ipfilter. Pound Added 2003-12-01 Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests. AstroFlowGuard Bandwidth & Security Management Added 2003-11-28 AstroFlowGuard is a Linux-based bandwidth manager, stateful firewall, intrusion detection system, and VPN server. With its user-friendly interface, automatic failover, and smart recovery system, it is the complete tool for anyone wanting to manage bandwidth and network security. It uses a hierarchical class-based system which provides a logical, intuitive view of network classes along with their priorities. It has the ability to manage P2P applications such as Kazaa and the like, manage firewall and bandwidth by time of the day, precedence, strings in any packet, and much more. Diagnose your network by powerful reporting tools that drill down to IP, port, and protocol level with graph and pie charts. It is a self-contained system that offers simple installation by means of a bootable CD and ease of use via a Web based GUI. fwanalog Added 2003-11-26 fwanalog is a shell script that parses and summarizes firewall logfiles. It understands logs from ipf (xBSD, Solaris), OpenBSD 3.x pf, Linux 2.2 ipchains, Linux 2.4 iptables, and some routers and firewalls (Linksys, Cisco). The excellent log analysis program, Analog (which is also free software), is used to create the reports. fwlog Added 2003-11-24 fwlog receives packets from iptables, and logs the header data. It supports IPv4, ICMP, UDP, and TCP packets. It translates IP addresses, protocol IDs, and TCP and UDP port numbers into human- readable names. It receives the packet information via the ULOG kernel module, and is similar to the ulog daemon provided by Harald Welte. Browse by category |
|
|
Privacy Statement |
