|
(Page 8 of 17) < Prev 3 4 5 6 7 8 9 10 11 12 13 Next > Category: Auditing » Host envcheck Added 2001-10-22 Envcheck is a Linux kernel module which detects and prevents exploitation of the recent glibc vulnerabilities by intercepting the execve system call and sanitising the enviroment passed. At the cost of a very small performance penalty, it has advantages over a glibc upgrade, including logging of exploit attempts, it works with statically linked binaries, it is transparent to applications that may be sensitive to a change of glibc, and it partially protects libc5. NDiff Added 2001-10-22 NDiff compares two nmap scans and outputs the differences. It allows monitoring of your network(s) for interesting changes in port states and visible hosts. Viewing results in this manner eliminates the need to sift through voluminous raw scan output in search of the few noteworthy differences. It should be useful to network administrators, security analysts, and other interested parties who need to monitor large networks in an organized fashion. SocketWatcher Added 2001-10-22 SocketWatcher is an SGI utility similar to lsof. iScan Vulnerability Scanner Added 2001-10-22 The purpose of iScan is to provide a vulnerability scanner for NT platforms. Many quality freeware scanners exist for Linux/Un*x platforms, yet few (if any) are available for NT, especially those that follow the model of SATAN, VLAD, etc. Scandetd 1.1.3 Added 2001-10-22 Scandetd is daemon which attempts to recognize port scans. If it detects a port scan, the daemon sends e-mail to root@localhost (by default) with following informations: host, number of connections made, port of the first connection and it's time, port of the last one and it's time, and type of scan (FIN, SYN). ProtectX Added 2001-10-22 This program will protect you from intruders and malicious users whilst on the net so if anyone attempts to connect to your PC then their IP will be logged and an alarm will sound. SmurfLog 1.0 Added 2001-10-22 This program is designed to log smurf attacks and the broadcasts used. Essentially it is an icmp echo reply logger with the following twists: - Logging only begins after passing a certain threshold rate of packets/sec and kilobytes/sec. This prevents the logging of innocent ping replies. - Only the /24 is logged, and it is only logged once per attack. TCP Listen 1.5 Added 2001-10-22 TCP Listen is complimentary to the program 'Send Packet' by the same author. Based on tcpdump, it will report all the data of any tcp/udp/icmp/ip incoming packet in one terminal line (80 chars) or so. Can fork, and report on the tty and/or via syslog. Audit Added 2001-10-22 The 'audit' program recursively searches through directories looking for files that may not be needed or have strange permissions, ownership, etc. It is intended to help people clean up their accounts and find hidden problems. TTY-Watcher 1.1b Added 2001-10-22 TTY-Watcher is a utility to monitor and control users on a single system. It is based on our IP-Watcher utility, which can be used to monitor and control users on an entire network. It is similar to advise or tap, but with many more advanced features and a user friendly (either X-Windows or text) interface. TTY-Watcher allows the user to monitor every tty on the system, as well as interact with them by: to the real owner of the TTY without interfering with the commands he's typing. The message will only be displayed on his screen and will not be sent to the underlying process. Aside from monitoring and controlling TTYs, individual connections can be logged to either a raw logfile for later playback (somewhat like a VCR) or to a text file. Browse by category |
|
|
Privacy Statement |
