(Page 6 of 10)   < Prev  1 2 3 4 5 6 7 8 9 10  Next >

Category: System Security Management » Linux

pptp proxy
Added 2002-03-04
by Emmanuel Mogenet
pptp proxy forwards a PPTP VPN connection through a Linux firewall.

NARC
Added 2002-02-20
by Shane Chen
NARC (Netfilter Automatic Rules Configurator) is a free firewalling package for Netfilter/Iptables, released under the BSD license. It attempts to simplify the setup of a firewall (stateful packet filter) via the iptables tools. It is a bash shellscript that generates (hopefully) sensible and secure rules for Netfilter based on a simple configuration file. It features quick setup via a simple configuration file, connection tracking (and fragmentation reassembly), customized logging, probe detection (TCP & UDP), and much more.

Appcap
Added 2002-02-01
by Paul Starzetz
Appcap is a tricky application for x86 Linux which allows an user with enough power (usually the superuser) on a machine to attach and redirect standard input and output of any application to his/her actual tty. In this way the superuser obtains an instrument for looking into ordinary users' sessions. This may be very useful if you suspect some of your users of doing nasty things from your machine.

Webmin
Added 2002-01-21
by jcameron@webmin.com
Webmin is a web-based interface for system administration for Unix. Using any browser that supports tables and forms (and Java for the File Manager module), you can setup user accounts, Apache, DNS, file sharing and so on. Webmin consists of a simple web server, and a number of CGI programs which directly update system files like /etc/inetd.conf and /etc/passwd. The web server and all CGI programs are written in Perl version 5, and use no external modules. This means that you only need a Perl binary to run Webmin.

EchoWall Firewall
Added 2002-01-11
by sbest
EchoWall is a firewall configuration package for creating an ipchains-based Linux firewall. It is optimized for the Linux Router Project (LRP), but was originally created for a Debian platform. EchoWall's aim is simplicity for entry-level users. It presumes the user is using a Linux box as a masquerading firewall/router for a single Class-C address range. It manages services in an interesting way: instead of indicating the IP addresses of machines you want to act as servers, you instead specify them by their MAC address. When run, the echowall script automatically detects the current IP address associated with this MAC address. This allows you to connect a service to a machine whose IP address is dynamically assigned.

capsel
Added 2001-12-13
by Wojciech Purczynski, wp@elzabsoft.pl
capsel is a Linux kernel 2.2.x module designed to increase system security. It works with Linux capabilities and decreases number of suid binaries and daemons working with root privileges. It prevents breaking the chroot jail even for privileges processes. It also does additional security checks before executing new binaries to prevent users from taking control of their execution.

Current
Added 2001-12-05
by Hunter Matthews
Current is a server implementation for Red Hat's up2date tools. It's designed for small to medium departments to be able to set up and run their own up2date server, feeding new applications and security patches to workstations/servers.

Stealth Kernel Patch
Added 2001-11-13
by Robert Salizar, madcamel@energymech.net
Stealth IP Stack is a kernel patch for Linux 2.2.18 which makes your machine almost invisable on the network without impeding normal network operation. Many denial of service attacks, such as stream, are much less effective with this patch installed, and port scanners slow to a crawl. It works by restricting TCP RST packets (no "Connection Refused"), restricting ICMP_UNREACH on UDP (Prevents UDP portscans), and restricting all ICMP and IGMP requests. A sysctl interface is used so these features can be turned on and off on the fly.

vma_rw_check
Added 2001-10-31
by proton
A small security module for Linux-2.2.19. Only works on Intel processors. It wraps execve() and checks so that the caller does not call from a writeable memory segment. Since most local (and many remote) exploits call execve() from the stack (and environment, which is also placed on the stack), which is writeable, it would prevent most standard exploits from working.

Lrp Network Monitor
Added 2001-10-22
by Martin Hejl
Lrp Network Monitor is an applet/application that displays information about network devices on a Linux router. This information can be displayed either in plain text, or in graphical format (either bar-charts, line-charts, or a histogram). It also displays the status (online/offline) of ISDN-devices, and can trigger actions like dial or hangup.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus