< Prev 1 2 3 4 5 6 7 8 9 Next >
Category: System Security Management » Linux
Port Scan Attack Detector (psad)
Port Scan Attack Detector (psad) is a collection of three lightweight system daemons written in Perl and C that are designed to work with Linux iptables firewalling code to detect port scans and other suspect traffic. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, DShield reporting, and automatic blocking of offending IP addresses via dynamic configuration of iptables firewall rulesets. In addition, psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate
Capability Override LSM
The Capability Override LSM is a Linux kernel module which, when installed, gives processes running with certain (admin-configured) user or group IDs access to one or more POSIX.1e capabilities.
ThePacketMaster Linux Security Server is a CD-based security auditing tool that boots and runs penetration testing and forensic analysis tools. It is handy for security auditors. Some tools included are nessus, ethereal, The Coroner's Toolkit, chntpw, and minicom. It includes modules for any Linux 2.4.20 SCSI driver.
openMosix Cluster for Linux
openMosix is a a set of extensions to the standard Linux kernel allowing you to build a cluster of out of off-the-shelf PC hardware. openMosix scales perfectly up to thousands of nodes. You do not need to modify your applications to benefit from your cluster (unlike PVM, MPI, Linda, etc.). Processes in openMosix migrate transparently between nodes and the cluster will always auto-balance.
ThePacketMaster Linux Security Server
ThePacketMaster Linux Security Server is a CD- based security auditing tool that boots and runs penetration testing and forensic analysis tools. It is handy for security auditors. Some tools included are nessus, ethereal, The Coroner's Toolkit, chntpw, and minicom. It includes modules for any Linux 2.4.20 SCSI driver.
OpenNA Linux is a highly secure, very fast, and modern Linux operating system. It is intended for those who want to install and run a Linux server for mission critical tasks in a high security environment.
Saint Jude, Linux Kernel Module
Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.
fscaps implements filesystem capabilities for the Linux operating system (2.5 and up). With filesystem capabilities, you will be able to grant selective privileges to executables on a needed basis. This means there is no need anymore to run executables as root or as a suid root binary.
fBuilder Plus is a Web-based utility for building and configuring your ipchains/iptables-based Linux firewall. There are two versions of fBuilder: fBuilder Lite, a free version that includes a standard set of features, and fBuilder Plus, which includes edit, insert, and delete capabilities for firewall rules, automatic back traffic rule creation, and log reporting and export capabilities.
Server optimized Linux
SoL (Server optimized Linux) is a Linux distribution completely independent from other Linux distributions. It was built from the original source packages and is optimized for heavy-duty server work. It contains all common server applications, and features XML boot and script technology that makes it easy to configure and make the server work.
Browse by category