2 3 Next >
Category: Hardening » Linux
OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Jailkit is a suite to create and deploy chroot jails for user accounts and for daemons. It has several utilities to facilitate the setup of chroot jails and utilities to use and check existing jails.
LINReS is a Live Response script designed to run on suspect/compromised Linux systems system with a minimal impact on the system to satisfy various forensic standards requirements. This script has been tested successfully on RedHat Enterprise Linux systems. LINReS consists of mostly statically compiled binaries and includes the various shared libraries that may be required to run the binaries (which are not statically compiled). All in all, no binary from the compromised system is used by this tool which mitigates the risk of collecting information on a trojaned system.
OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.
dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). easily installed, dotDefender requires minimal administrator maintanance and updates via a "live update" functionality that keeps its rule set up to date, enabling it to secure the Web environment from the moment it is deployed. dotDefender is cost-effective and is available for a 30 day evaluation period at www.dotdefender.com
dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). dotDefender installs within moments on the Web server along with a predefined, configurable rule-base - enabling it to secure the Web environment from the moment it is deployed, with virtually no administrator intervention. dotDefender retails at a fraction of the cost of conventional web application firewalls, and is available for evaluation via a free 30-day trial.
Umbrella is a security mechanism that implements a combination of Process-Based Access Control (PBAC) and authentication of binaries through Digital Signed Binaries (DSB). The scheme is designed for Linux-based consumer electronic devices ranging from mobile phones to settop boxes. Umbrella is implemented on top of the Linux Security Modules (LSM) framework. The PBAC scheme is enforced by a set of restrictions on each process.
DigSig Linux kernel load module checks the signature of a binary before running it. It inserts digital signatures inside the ELF binary and verify this signature before loading the binary. Therefore, it improves the security of the system by avoiding a wide range of malicious binaries like viruses, worms, Torjan programs and backdoors from running on the system.
Bulldog is a powerful but lightweight firewall for heavy use systems. With many features, this firewall can be used by anyone who wants to protect his/her systems. This system allow dynamic and static rules sets for maximum protection and has several advance features. This firewall will work for the hobbyist or a military base. Generation 7 is a complete rewrite and redesign from scratch. Be prepared to spend some time setting this up.
Devil-Linux is a special Linux distribution which is used for firewalls/routers. The goal of Devil-Linux is to have a small, customizable, and secure Linux system. Configuration is saved on a floppy disk, and it has several optional packages.
Browse by category