(Page 6 of 10)   < Prev  1 2 3 4 5 6 7 8 9 10  Next >

Category: Hostile Code

Iridium Firewall
Added 2001-12-19
by Ryan Edwards
Iridium Firewall is an ipchains-based Linux 2.2 packet-filtering firewall designed for use on a gateway server protecting an internal LAN of masqueraded devices. It provides protection from many (I won't say all) forms of Denial of Service attacks, IP Spoofing, Stuffed Routing, Stuffed Masquerading, SYN Cookie attacks, damaged or hostile ICMP packets, and packet fragmentation among others. It protects from attacks on several well known Trojan Horse and illegal ports as well as attempted connections from bogus, reserved or illegal IP addresses.

Added 2001-12-10
by John Conover
QuarantineAttachment is a short procmail(1) script to quarantine e-mail with potentially malicious Outlook attachments.

Added 2001-11-21
by Vanja Hrustic
Virge is mail scanner written in C. It requires Sendmail, and AVPDaemon, Sophie, or Trophie (for virus checking). It can check mail for virii, and also for attachment names (regular expressions, full names, etc). It scans mail for virii very quickly, since the virus scanners used are always loaded in memory.

Viralator Proxy Virus Scanner
Added 2001-11-13
by viralator
Viralator interfaces your network's squid proxy server with a virus scanner. Before a user can download a file, the proxy passes the file to the Viralator script which, in turn, uses a virus scanner (Inoculate for the first release) to scan, disinfect, or delete the download. This is especially good for stopping virus infected files from free email sites like hotmail, etc. Future enhancements will include other types of antivirus scanners, speed improvements, and limiting downloads to approved users. Support has now been added for AntiVir, AVP, RAV, and Sophos antivirus scanners, password protected sites, and filenames with spaces and special characters.

Added 2001-10-30
by Arne Vidstrom
PEriscope is a PE file inspection tool. For example you can use it as an aid when you are looking for malicious code in files.

Added 2001-10-22
by ULTiMaTuM
WPTerm is a simple console-driven program that allows a user to list processes and terminate a process, no questions asked. It was designed as a replacement for the Windows 2000 Task Manager, as the Windows 2000 Task Manager has a design error in it that disallows a process to end if it has the same name as a critical OS file. This allows for malicious programs to run without easily having them shut down. (See bugtraq ID 3033) WPTerm fixes this problem.

Code Red II Cleaner
Added 2001-10-22
by Microsoft
Microsoft has developed a tool that eliminates the obvious damage that is caused by the Code Red II worm. Before running it, ensure that you have read the cautions discussed in the "More Information" page.

Code Red v3 (aka Code Red II) Fix
Added 2001-10-22
by Richard Puckett
CD3FIX.EXE Code Red v3 Trojan Removal & Script Mapping Remediation Utility rpuckett@cisco.com 1. Looks for active EXPLORER.EXE processes and deletes those that have an execution path from the root of C:\ or D:\ 2. Unhides and deletes EXPLORER.EXE files in root of C:\ & D:\, deletes ROOT.EXE in /scripts and /MSADC directories 3. Removes SFCDisable from the Winlogon subkey of HKLM 4. Repairs the "...,,217" extensions from any of the values in the Virtual Root subkey of /W3SVC 5. Checks for static mappings in the ScriptMap subkey 6. Iterates the IIS 5.0 Metabase for .IDC, .IDA & .IDQ extension mappings and removes them 7. Creates a log file on C:\ (C:\cd3fix.log) 8. Reboots the box.

NFR BackOfficer Friendly
Added 2001-10-22
by NFR Security
NFRŪ BackOfficer Friendly is a useful little burglar alarm - simple, unobtrusive, and easy to install - which rings when someone rattles your doorknob. It identifies attacks from Back Orifice, one of the nastier hacking applications, as well as other sorts of scans. NFR is currently offering BackOfficer Friendly as a FREE download for personal use only.

IIS Worms Detector
Added 2001-10-22
by Felipe Moniz
IIS Worms Detector scans for Code Red, Code Blue and Nimda Worm locally.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus