(Page 7 of 17)   < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >

Category: Auditing » Host

XploiterStat Pro
Added 2001-10-22
by Simon Steed, simon@xploiter.com
XploiterStat Pro is a shareware network management tool in a similar vein to the dos program 'Netstat.exe' - i.e. shows all the connections to your machine, listening ports (identifying trojans) etc. allowing you the user to see TCP/UDP & ICMP connections are present on your machine. This is the latest release of the program formerly known as Totostat Enhanced. It can be used by networking professionals to determine what connections are on the machine at any time along with all the ports that may be listening (i.e. services, trojan horses etc.).

Added 2001-10-22
by Jacob Shaw
This tool is a ~600 line PERL script that utilizes the Net::SNMP module. It's purpose is to retrieve A LOT of information out of a remote Windows 2000 machine running the SNMP Service with a known community string. I may or may not get around to making it work alright with Windows NT 4, currently it does not. It queries/walks a predefined set of SNMP OIDs, and displays the return values in a nice, formatted ASCII output. I find it to be quite speedy. It's a snapshot of my work so far, most of it being sheer research (trying to find exciting, new OIDs, and THEN finding out what exactly, they're returning that can be useful ;-) ) I think many people will be suprised at the amount of information the SNMP Service shares with the world on a misconfigured (read: default) setup. Among the items one can retrieve from such a server is: - Server Name & Primary Domain/Workgroup - OS version, CPU type (& if it's Multiprocessor or not) - SNMP Contact & Location information (If defined) - System uptime - System date/time - List of all user accounts - Total RAM - Storage devices, volume label, device type, & partition type - Running processes & process id's - Installed applications & the date they were each installed - List of services - List of network interfaces (Description, HW Address, Int Speed, IP address, netmask, Bytes In/Out, Status) - List of all share names, file system location, & comments - Routing table - TCP connections & listening ports - UDP listening ports

Added 2001-10-22
by Adriano Maia
A module-based security-check tool. Currently comes with just tw modules the IIS-Unicode-check and IIS-CGi-filename-decode-check.

Added 2001-10-22
by Alexandre de Abreu
MS-IIS Web Server auditing tool, it checks for many serious vulnerabilities using a Perl script, support proxy server and if is found a hole, prints it and the Patch URL.

Added 2001-10-22
The purpose of this app is to illustrate inconsistencies in the MS implementation of the RestrictAnonymous registry setting.

RACF PC-based Utilities
Added 2001-10-22
by Nigel Pentland
The 'RACF' utilities are text processing programs which take an IRRDBU00 ASCII flat file download from RACF and produces as output text reports and depending on the program JCL which can be checked, transfered back to mainframe and submitted. Please refer to the web page for notes on using the RACF utilities, and for the RACF.ini file (not included in the ZIP file).

ImSafe - Host Based Anomaly Detection
Added 2001-10-22
by Laurent E.
Immue Security Architecture for Your Enterprise: detect changes in the "normal" behavior of processes (eg: ftp server). Use a kernel driver to monitor system calls and build a "profile" of the monitored application. Fast heuristics for detection of Buffer Overflows.

Added 2001-10-22
by Jeff Tranter, tranter@pobox.com
The 'audit' program recursively searches through directories looking for files that may not be needed or have strange permissions, ownership, etc. It is intended to help people clean up their accounts and find hidden problems.

TTY-Watcher 1.1b
Added 2001-10-22
by Mike Neuman, mcn@EnGarde.com
TTY-Watcher is a utility to monitor and control users on a single system. It is based on our IP-Watcher utility, which can be used to monitor and control users on an entire network. It is similar to advise or tap, but with many more advanced features and a user friendly (either X-Windows or text) interface. TTY-Watcher allows the user to monitor every tty on the system, as well as interact with them by: to the real owner of the TTY without interfering with the commands he's typing. The message will only be displayed on his screen and will not be sent to the underlying process. Aside from monitoring and controlling TTYs, individual connections can be logged to either a raw logfile for later playback (somewhat like a VCR) or to a text file.

Gork 2.0b
Added 2001-10-22
by Pigpen, pigpen@s0ftpj.org
Gork is a tcp/udp/icmp/ip dumper with options to log only packets from/to specific machine/s in a file. This version supports pcap library.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus