(Page 1 of 2)   1 2  Next >

Category: Hardening » NT

Harden SSL/TLS
Added 2010-02-22
by Thierry Zoller
Harden SSL/TLS” allows hardening SSL/TLS Schannel settings of Windows 2000,2003,2008,2008R2, XP,Vista,7. It allows to locally and remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites. This tool specific allows setting policies with regards to what ciphers and protocols are available to applications that use SCHANNEL crypto interface. A lot of windows applications do use this interface, for instance Google Chrome as well as Apple Safari are a few of these. By changing the settings you can indirectly control what ciphers these applications are allowed to use.

IIS Secure Parameter Filter (SPF)
Added 2008-08-22
by Brian Holyfield / Gotham Digital Science
SPF is an application security module designed for Microsoft IIS web servers. SPF uses cryptography to dynamically secure embedded application parameters at runtime (Query String Values, Form Inputs & Cookies). SPF does not require any changes to the underlying application code and provides instant protection against parameter tampering, URL manipulation and replay attacks. SPF also includes the capability to define forbidden input patterns (Black-Lists) using regular expressions to block known attack signatures.

Helios
Added 2006-07-14
by MIEL e-Security Pvt. Ltd.
Helios is an advanced malware detection system. It has been designed to detect, remove and inoculate against modern Windows rootkits. It performs behavioral analysis as opposed to signature based analysis and is one of the only tools that is able to detect rootkits in real-time, unhide hidden processes, restore hijacked system functions and inoculate the system against rootkit installation.

Password Policy Enforcer
Added 2006-05-30
by ANIXIS
Password Policy Enforcer allows you to create and enforce up to 256 different password policies in a Windows domain. Policies are easily configured, and can be assigned to specific users, groups, and organizational units. An optional client component helps users to choose a suitable password, and reduces password related helpdesk calls. PPE is the only commercially available password filter specified in the "DISA Field Security Operations - Windows 2003/XP/2000 Addendum V5R1 [UNCLASSIFIED]" PPE can also integrate with ANIXIS Password Reset, a self-service password management system that allows users to securely reset their own passwords.

GeSWall Server Edition
Added 2006-04-03
by GentleSecurity
With GeSWall Server Edition, you can harden your Web, Mail and SQL Servers. Hardening implies an isolation security policy that prevents damage from targeted intrusions and effectively precludes various attacks, known and unknown. Built on proven technology, GeSWall Server Edition provides powerful features to manage its security policy by means of Microsft Windows Group Policy and Active Directory.

Windows Permission Identifier
Added 2006-01-18
by Nathan House
This tool enables administrators and penetration testers to review and audit the permissions of users on a windows machine. Windows Permission Identifier can check; File ACLs Folder ACLs Registry ACLs Services Permissions Shares Installation rights Internet Access and so on. The GUI enables the administrator to create policies that can be saved in XML format. The windows machines permissions are then checked against this policy. This enables administrators to run checks against existing organisational windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use. WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed. Report Bugs & send your own policy files : nhouse[at]stationx.net It would be very useful to the community if you send me any policies you create. For example, Web server, desktop, domain controller or what ever you create. I will upload your policy files to the site and credit you.

Proactive Password Auditor
Added 2005-07-30
by ElcomSoft Co.Ltd.
Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks. Proactive Password Auditor helps secure networks by executing an audit of account passwords, and exposing insecure account passwords. If it is possible to recover the password within a reasonable time, the password is considered insecure. The software supports a few different methods of obtaining password hashes for further attack/audit: from dump files (generated by 3rd party tools like pwdump/pwdump2/pwdump3), Registry of local computer, binary Registry files (SAM and SYSTEM), memory of local computer, and memory of remote computers (Domain Controllers), including ones running Active Directory. The product features brute-force and dictionary attacks on LM and NTLM password hashes, effectively optimized for speed, plus "rainbow" attack, that uses pre-computed hash tables that allow to find most passwords in minutes instead of days or weeks.

zigstack
Added 2004-08-11
by Alexander 'xaitax' Hagenah
hardening your tcp/ip stack (e.g. against dos-attacks) of windowsnt/2k/xp/2003-based workstations and servers. new* incl. 7 new methods and remote-registry functions.

Anti-Cracker Shield
Added 2004-07-19
by SoftSphere
Protect your computer from Internet worms and hackers' attacks, which become possible due to the operational system and software vulnerabilities ("exploits"). Neither antiviruses, nor firewalls can protect from exploits. Only Anti-Cracker Shield, a multilevel security system is able to cope with all known and unknown versions of "exploits". It is possible and is necessary to protect from hackers!

Mod_security
Added 2003-12-23
by Ivan Ristic
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports Apache (both branches) today, with support for Java-based servers coming soon.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus