|
(Page 6 of 12) < Prev 1 2 3 4 5 6 7 8 9 10 11 Next > Platform: BSDI dig Added 2001-10-22 Dig (domain information groper) is a flexible command line tool which can be used to gather information from the Domain Name System servers. Dig has two modes: simple interactive mode which makes a single query, and batch which executes a query for each in a list of several query lines. All query options are accessible from the command line. Fragrouter Added 2001-10-22 Fragrouter is a network intrusion detection evasion toolkit. It implements most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. This program was written in the hopes that a more precise testing methodology might be applied to the area of network intrusion detection, which is still a black art at best. Angel Added 2001-10-22 Angel is a simple yet useful tool to monitor the services on your network. Technically speaking, it's a Perl program that runs every 'n' minutes (usually fired from your cron) and calls different perl subprograms (referred as "plugins" from now on) to do the actual testing. It will then generate an HTML table containing the status of your network. Imapd Vulnerability Scanner Added 2001-10-22 This Imapd scanner searches for and exploits hosts which are vulnerable to the imapd buffer overflow vulnerability. In particular the imapd vulnerability which was posted to the Bugtraq mailing list on July 17, 1998 by Anonymous (nobody@REPLAY.COM). A vulnerability exists in certain imapd implementations that allow an attacker to execute arbitrary code remotely. In certain instances, the code to be executed will be run with root privilege. Imap supports a command 'AUTHENTICATE' which specifies the type of authentication mechanism to be used to open a mailbox. The value passed to the authenticate command is copied into a buffer of size 1024. The maximum size of this value, however, it 8192 characters. A failure to bound the read value to 1024 results in a buffer overflow. This particular tool is built to exploit Linux X86 platforms. Mscan Added 2001-10-22 Mscan is a collection of programs hacked together to form a fairly broad network auditing tool (scanner). It searches for a variety of problems (and in some cases exploits them) such as a named(8) overflow for Linux X86 hosts, one of the rpc.statd overflows, open Xterms, exported NFS shares, default accounts and several other items. TCFS Added 2001-10-22 TCFS is a Transparent Cryptographic File System that is a suitable solution to the problem of privacy for distributed file system. By a deeper integration between the encryption service and the file system, it results in a complete trasparency of use to the user applications. Files are stored in encrypted form and are decrypted before they are read. The encryption/decryption process takes place on the client machine and thus the encryption/decryption key never travels on the network. Cfdecrypt Added 2001-10-22 CFDECRYPT: Decrypt Cold Fusion templates encrypted with CFCRYPT fping Added 2001-10-22 fping is a ping(1) like program which uses the Internet Control Message Protocol (ICMP) echo request to determine if a host is up. fping is different from ping in that you can specify any number of hosts on the command line, or specify a file containing the lists of hosts to ping. Instead of trying one host until it timeouts or replies, fping will send out a ping packet and move on to the next host in a round-robin fashion. If a host replies, it is noted and removed from the list of hosts to check. If a host does not respond within a certain time limit and/or retry limit it will be considered unreachable. Cdgxn-Bsd Added 2001-10-22 Cdgxn-Bsd is a Local Bsd Security Auditer. It is similar to Cdgxn-Secure, tweaked to help secure BSD based systems. StackGuard (Source Code) Added 2001-10-22 StackGuard is a compiler approach for defending programs and systems against "stack smashing" attacks. Stack smashing attacks are the most common form of security vulnerability. Programs that have been compiled with StackGuard are largely immune to stack smashing attack. Protection requires no source code changes at all. When a vulnerability is exploited, StackGuard detects the attack in progress, raises an intrusion alert, and halts the victim program. Browse by category |
|
|
Privacy Statement |
