(Page 2 of 3)   < Prev  1 2 3  Next >

Category: Hardening » Linux

Added 2003-12-23
by Ivan Ristic
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports Apache (both branches) today, with support for Java-based servers coming soon.

ClarkConnect Internet Gateway
Added 2003-12-05
by Peter Baldwin
ClarkConnect is a software package that transforms an old beat up PC into a smart, simple, and secure Internet gateway and server for your home or small office network. In addition to connection sharing, the software comes with a strong firewall, Apache, dynamic DNS utilities, and Samba filesharing. The software is based on Red Hat Linux.

Trustix Secure Linux
Added 2003-07-03
by TSL Team, tsl@trustix.com
Trustix Secure Linux is a project to make a hardened Linux distribution for servers. It features FreeS/WAN, OpenSSL, OpenSSH, Apache w/SSL & PHP, Postfix, POP3 and IMAP with SSL support, ProFTP, ftpd-BSD, and PostgreSQL.

Bastille Linux
Added 2003-05-26
by Jay Beale
Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat, Mandrake, and Debian Linux, along with HP-UX. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.

Shilosh OS
Added 2002-07-08
by Stefan Ilivanov
Shilosh OS provides a secure and stable operating system based on a highly modified Linux kernel, with its own package system similar to BSD's "ports". Compatible with x86 and Power PC, it is also 99% compatible with Windows 9x. It is easy to use and includes complete documentation in many languages.

CylantSecure: Linux Kernel Plugin
Added 2002-04-09
by Scott Wimer
CylantSecure is a complete security architecture that currently provides a security plug-in for the Linux kernel. It enables a user to protect and reject both known and novel attacks in real time. It makes use of a number of Open Source technologies. It provides an XML and GTK+ based administration interface, and secures all communication with OpenSSL. Our product is currently being released with support for 2.2 kernels on RedHat 6.x systems.

Linux Intrusion Detection System LSM (Linux Security Module)
Added 2002-04-02
by Huagang Xie
The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs can access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Added 2001-12-19
by Ian Goldberg
WebSecure4Linux is a simple, unofficial Linux client for the Freedom WebSecure service (see http://www.freedom.net/products/websecure/). Zero-Knowledge Systems runs the service and provides a Windows client, but is not responsible for this Linux client. Note that you will need to sign up for the service before this client will operate. It currently supports HTTP on all versions of Linux, and HTTPS is supported under Linux 2.4. WebSecure4Linux is not feature-complete and it is slow. It's written in Perl, and forks for each Web connection.

LCAP Linux Kernel Capability Remover
Added 2001-10-22
by Spoon, spoon@ix.netcom.com
"Capabilities" are a form of kernel-based access control. Linux kernel versions 2.2.11 and greater include the idea of a "capability bounding set". The bounding set is a list of capabilities that can be held by any process on the system. If a capability is removed from the bounding set, the capability may not be used by any process on the system (even processes owned by root). LCAP allows a system administrator to remove specific capabilities from the kernel in order to make the system more secure. LCAP modifies the value in the sysctl file "/proc/sys/kernel/cap-bound".

SPIRO-Bastille 1.0
Added 2001-10-22
by Rick Collette, rcollette@inventivecomm.com
SPIRO-Bastille attempts to make your system ultra secure by periodically checking the SPIRO-Linux website for security updates. It hardens the system from various attacks while adjusting ftpd, inetd, console security, remote access, etc. It is based up on the original Bastille-Linux Hardening System.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus