|
|
(Page 8 of 17) < Prev 3 4 5 6 7 8 9 10 11 12 13 Next > Category: Auditing » Host Wireless Network Tools Added 2001-10-22 The Wireless Network Tools package uses a Web-enabled phone (or an emulator) to provide traceroute, ping, and port scanning. If you use netsaint, it ties into it nicely and provides real-time status of your hosts/network. This should be considered pre-alpha, but it does do what it is intended to do. Vlad Added 2001-10-22 VLAD the Scanner is an open-source security scanner that checks for the SANS Top Ten security vulnerabilities commonly found to be the source of a system compromise. It has been tested on Linux, OpenBSD, and FreeBSD. It requires several Perl modules to run (see the README for more details). VLAD has been updated and will check for the latest IIS Unicode bug recently reported in MS00-078. CrucialADS Added 2001-10-22 CrucialADS is a GUI based Alternate Data Stream scanning tool. CrucialADS is designed to quickly and easily detect the presence of Alternate Data Streams in NTFS files and directories. ForixNT Added 2001-10-22 ForixNT is an NT vulnerability scanner...and so much more! ForixNT is a flexible, extensible toolkit that NT administrators can use to automate policy-based security management in a way that fits their infrastructure. Rather than spending $1000's for a commercial product, NT administrators can use ForixNT to collect configuration information from NT systems across the enterprise. For example, ForixNT collects: Host information (Service Pack, HotFixes, modems, trusted domains, etc) Services (state, account each service runs under, etc) Registry key values "Trojan Keys" (see my article, "What you really need to know about network backdoor "trojan" programs"on NT) Audit settings (what events are being audited...if any) EventLog settings (via the Registry) File Permissions (checks for NTFS file system first...even remotely) Registry Permissions Domain Account Policy envcheck Added 2001-10-22 Envcheck is a Linux kernel module which detects and prevents exploitation of the recent glibc vulnerabilities by intercepting the execve system call and sanitising the enviroment passed. At the cost of a very small performance penalty, it has advantages over a glibc upgrade, including logging of exploit attempts, it works with statically linked binaries, it is transparent to applications that may be sensitive to a change of glibc, and it partially protects libc5. NDiff Added 2001-10-22 NDiff compares two nmap scans and outputs the differences. It allows monitoring of your network(s) for interesting changes in port states and visible hosts. Viewing results in this manner eliminates the need to sift through voluminous raw scan output in search of the few noteworthy differences. It should be useful to network administrators, security analysts, and other interested parties who need to monitor large networks in an organized fashion. SocketWatcher Added 2001-10-22 SocketWatcher is an SGI utility similar to lsof. iScan Vulnerability Scanner Added 2001-10-22 The purpose of iScan is to provide a vulnerability scanner for NT platforms. Many quality freeware scanners exist for Linux/Un*x platforms, yet few (if any) are available for NT, especially those that follow the model of SATAN, VLAD, etc. GNIT NT Vulnerablility Scanner Added 2001-10-22 A vulnerability scanner which checks for the following: - Null Session Check - NBTStat Query - Share Enumeration - Local and Global Group Enumeration - User Account Enumeration - Transport Enumeration - WebServer Version Grab - 87 Known Vulnerable URL structures - FTP Banner grab - FTP Anonymous check - SMTP Banner Grab - POP3 Banner Grab VeteScan Added 2001-10-22 VetesCan Local is a shell script which checks local unix security, including checking for rootkits, log permissions, home/root directory accessibility, inetd services, /etc/securetty, SUID/SGID files, World writable files, Unowned files, .rhosts, and cracks passwd/shadow. Changes: Updated chkrootkit to version 0.16. Browse by category |
|
Privacy Statement |