(Page 5 of 5)   < Prev  1 2 3 4 5 

Category: Hardening

Added 2001-10-22
by Rob J Meijer
Ridentd is a stand-alone replacement for identd that uses a random selection of a ispell dictionary to use as fake ident responses. This server application is meant for the totally paranoid that need access to servers that require ident and don't want to give any information about local users to the remote server or its other users.

ImSafe - Host Based Anomaly Detection
Added 2001-10-22
by Laurent E.
Immue Security Architecture for Your Enterprise: detect changes in the "normal" behavior of processes (eg: ftp server). Use a kernel driver to monitor system calls and build a "profile" of the monitored application. Fast heuristics for detection of Buffer Overflows.

Added 2001-10-22
by rebby
rTables is a detailed, customizable iptables firewall for Linux 2.4.x, easily implemented on boxes with one to three network interfaces. It is currently set up to handle a single external LAN, single internal LAN, and a single internal DMZ.

LCAP Linux Kernel Capability Remover
Added 2001-10-22
by Spoon, spoon@ix.netcom.com
"Capabilities" are a form of kernel-based access control. Linux kernel versions 2.2.11 and greater include the idea of a "capability bounding set". The bounding set is a list of capabilities that can be held by any process on the system. If a capability is removed from the bounding set, the capability may not be used by any process on the system (even processes owned by root). LCAP allows a system administrator to remove specific capabilities from the kernel in order to make the system more secure. LCAP modifies the value in the sysctl file "/proc/sys/kernel/cap-bound".

SPIRO-Bastille 1.0
Added 2001-10-22
by Rick Collette, rcollette@inventivecomm.com
SPIRO-Bastille attempts to make your system ultra secure by periodically checking the SPIRO-Linux website for security updates. It hardens the system from various attacks while adjusting ftpd, inetd, console security, remote access, etc. It is based up on the original Bastille-Linux Hardening System.

Added 2001-10-22
This code implements a reference monitor for the Linux kernel that authorizes the invocation of critical system calls. It is able to detect and block some buffer overflow attacks.

Added 2001-10-22
by FreeBSD Hardening Project
suidcontrol is an experimental utility for managing suid/sgid policy under FreeBSD. The primary intent is to allow system managers to generate scripts to apply to new FreeBSD installations so that they can minimize risk associated with the plethora of tools requiring additional privilege to run.

ech0 security scanner
Added 2001-10-22
by ech0 security, info@ech0.de
eSS is a remote security scanner for linux that scans remote nodes for known security flaws. It does some of the simple probing techniques automatically like banner grabbing, OS guessing, and it includes a multithread TCP portscanner.

Harden NT
Added 2001-10-22
by Bart Timmermans and Filip Sneppe
HardenNT is a tool created to automate the task of securing one or more Microsoft Windows based computers. It is specifically aimed at securing Windows NT 4.0 machines, although some of the functionality could also be used on Windows 9x or even Windows 2000 networks. HardenNT is aimed at: Security minded system administrators who are willing to put some time and effort into securing their Windows systems; Security consultants who find themselves having to secure Windows NT computers regularly, and who are looking at a way to automate this as much as possible without losing the flexibility of easy customization. HardenNT's strength lies in its ability to provide security baselines for various systems. It can be used to perform the following tasks: Install one or more security patches on a Windows computer depending on its operating system, CPU architecture and service pack level; Restrict a user group's default NT privileges; Turn on NT auditing for security events a user considers important; Set NTFS ACL permissions, delete and/or move security critical files; Secure a computer's registry. HardenNT is not a tool that is to be installed or even run on a computer that one wants to secure. It merely creates a number of batch files that run standard NT (and NT resource kit) tools. This means that the batch files created by HardenNT are to be copied and run on the host you want to secure. The batch files rely on Microsoft Windows NT resource kit utilities (xcalcs.exe, auditpol.exe, ntrights.exe, regini.exe and shutdown.exe) and Microsoft security hotfixes. These executables will have to be purchased or downloaded from Microsoft and copied to the host you are trying to secure.

Added 2001-10-22
by Matthew Mondor,
mmtcpfwd is a port forwarder daemon for linux firewalls, a superserver which starts a standalone, non-root daemon per service. It has ability to limit connections on how many IPs and connections per IP, auto-DENY IPs upon an exceeded connection threshold, or fake services a-la portsentry. It uses a single configuration file.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus