< Prev 1 2 3 4 5 6 7 Next >
Category: Auditing » File Integrity
DmpE32 -Symbian Executable Information Dumper
Symbian Exe File dumper * Useful for analysis of potential malware. * Determine wheteher or not an executable has been inappropiately modified(Mosquitos "Trojan"). * Provides information on: - Header (UIDs,Section sizes, Entry Point, Application Type) - Imported functions list (DLL name and number of functions by default)
Xintegrity makes it virtually impossible for anybody or anything to modify your files without being detected. When Xintegrity detects a modified file it will show exactly how and when the file was modified and display the contents of the modified file in comparison with an optionally backed up copy of the file. All your files [including operating system files] can be protected. Xintegrity can automatically create protected backup files [optionally encrypted with 256 bit]
afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. You can then run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware.
Mailfilter is a flexible utility to get rid of unwanted spam mails, before having to go through the trouble of downloading them into the local computer. It offers support for one or many POP3 accounts and is especially useful for dialup connections via modem. You can define your own filters (rules) to determine which e-mails should be delivered and which are considered waste.
jmark aims to easily identify illegal Java programs containing unlicensed class files. jmark provides a practical way for encoding and decoding a digital watermark into/from Java class files. Encoding a program developer's copyright phrase as a watermark ensures the legal ownership of class files.
Sophie is a daemon which uses 'libsavi' library from Sophos anti-virus vendor (http://www.sophos.com). On startup, Sophie initializes SAPI (Sophos Anti-Virus Interface), loads virus patterns into memory, opens local UNIX domain socket, and waits for someone to connect and instructs it which path to scan. Since the database is loaded in RAM, scanning is very fast. (Note: speed of scanning also depends on SAVI settings and size of the file.) It works on Linux, Solaris (Sparc/x86), HP-UX, and FreeBSD.
Instead of having one program perform file integrity checks, another program monitoring the connectivity and health of your network, and yet another monitoring your network for intrusion detection attempts, Demarc PureSecure combines all these services into one powerful client/server program. Not only can you monitor the status of the different machines in your network, but you can also respond to changes in your network all from one centralized location. Security is already a full time job in any network, and the burden of monitoring the reports from multiple programs across dozens of servers can result in information overload. The human mind can only process so much data at any given time before it simply becomes too much to analyze. Demarc PureSecure centralizes the reporting and analysis for the entire network which allows you to more easily weed out the important data from the superfluous background noise, thereby targeting your efforts where they really belong.
DansGuardian Anti-Virus Scanner
The DansGuardian Anti-Virus Scanner gives you the ability to virus-scan all content that passes through DansGuardian. It uses the scanning code from the MailScanner project to do the actual virus scanning, so it supports all the virus engines that the MailScanner project supports. The scanning is done as the file is being downloaded, so your current network apps don't have to be modified, etc. They just have to support using a proxy.
SQL Server Password Auditing Tool
This tool should be used to audit the strength of Microsoft SQL Server passwords offline. The tool can be used either in BruteForce mode or in Dictionary attack mode. The performance on a 1 Ghz pentium (256mb) is around 750 000 guesses/sec. To be able to perform an audit one needs the password hashes that are stored in the sysxlogins table int the master database. The program needs to have them formated in a textfile accordingly (look at the included file hashes.txt)
Browse by category