(Page 3 of 9)   < Prev  1 2 3 4 5 6 7 8  Next >

Category: Auditing » File Integrity

SMTP Relay Checker
Added 2002-06-22
by Spencer Hardy
Smtprc is a fully configurable, multi-threaded open mail relay scanner. It supports scanning of IP blocks, and can print results to a web page. It is intended for Systems Aministrators to check IP blocks under their control.

Added 2002-05-09
by Michal Zalewski
Fenris started as a binary code tracing utility, but since the first release, it gets more and more difficult to write a simple summary of its functionality. Fenris is a comprehensive multi-level code tracer, a bit of a C decompiler, an interactive modular debugger, a code analysis tool, an execution path visualisation tool, a function fingerprinting and symtab recovery tool - all depends on how you use it. Fenris is suitable for everything from bug tracking or protocol analysis to forensics and reverse engineering, doing all the mindless work for you and making your life a bit easier.

Added 2002-04-29
by Vanja Hrustic
Trophie is a daemon which uses libvsapi library from TrendMicro, an antivirus vendor. On startup, Trophie initializes VSAPI, loads virus patterns into memory, opens a local Unix domain socket, waits for someone to connect, and instructs it which path to scan. Since the database is loaded in RAM, scanning is very fast.

Added 2002-04-29
by Ian Kayne
A full blown multithreaded file and folder watcher tool. DLock v1.o has 3 modes of operation, and probably many more of total failure. It can lock a file for exclusive access, it can watch your system and alert you when files and folders are created, or it can watch your system and alert you when existing files and folders have changes made to/in them. Like I said, mildly useful.

Added 2002-03-14
by Michael
CodeBlue is an attempt to increase the awareness of hosts that are infected with malicious worms by scanning Apache log files and emailing the infected hosts with details of their infection and how to obtain help removing the worm. Currently, CodeBlue scans Apache logs for Code Red, Code Red 2, and Nimda.

Nabou Advanced Host Intrusion Detection System
Added 2002-02-28
by Thomas Linden, tom@daemon.de
nabou is a Perl program which can be used to monitor file changes and directories on your system using MD5 checksums. It can also monitor crontab entries, suid files, user accounts, listening TCP/UDP ports, and processes. Nabou stores all data in standard dbm databases. Encrypted databases are supported using RSA public key encryption. Nabou is highly configurable; you can exclude files from being checked, configure which file attributes it should look for, use custom checks, and much more.

AIDE (Advanced Intrusion Detection Environment)
Added 2002-02-11
by Rami Lehti and Pablo Virolainen
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Added 2002-02-05
by XFOCUS (glacier)
X-Scan is a general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scope or stand-alone computer by multi-threading method. Plug-ins are supportable and GUI or CUI programs are separately provided.

Added 2002-01-30
by Robert A. Rota
This tool turns off Windows 2000/.Net Group Policies (GPO) on your network. It is completly automated and you do not have to be administrator to run the application or turn off all of the security policies in your environment. The developer takes no responsibility for damage or loss of production due to missuse of this tool. C++ source code provided by request.

Added 2002-01-23
by Jason Haar
Qmail-Scanner, (also known as scan4virus) is an addon that enables a Qmail Email server to scan all gatewayed Email for certain characteristics. It is typically used for its anti-virus protection functions, in which case it is used in conjunction with commercial virus scanners. but also enables a site to react to Email (at a server/site level) that contains specific strings in particular headers, or particular attachment filenames or types (e.g. *.VBS attachments). It also can be used as an archiving tool for auditing or backup purposes. Qmail-Scanner is integrated into the mail server at a lower level than some other Unix-based virus scanners, resulting in better performance. It is capable of scanning not only locally sent/received Email, but also Email that crosses the server in a relay capacity.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus