Knocker is a simple and easy-to-use TCP security port scanner written in C. It is able to analyze hosts and the network services which are running on them. Knocker it is available for Linux and Unix platforms. Both a console version and a GTK+ version are available.
d2e3d1b4d90ccaf372a0de8f3f594485a6ff88a92d9cab840c1f8f665714aafaThe Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of incidents generated by security software such as IDS's and firewalls (e.g., Snort or ipchains). It provides a search interface for finding alerts matching practically any criteria, including arrival time, signature time, source/dest address/port, flags, payload, etc. ACID also provides the ability to annotate and logically group related events, delete false positives, or archive alerts among databases. A variety of statistics and graphs can be generated based on time, IP address, ports, alert classification, and sensor.
e08027b7d330a234c53242f9b733a6fe8846e0ef01641717de2b9f123754d1c6Port Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.
2f7e9560ac335e6c47ef89a251f91e52277345d0d07943009c5784111dd63444Nessus is a free, up-to-date, and full featured remote security scanner for Linux, BSD, Solaris and some other systems. It is multithreaded, plugin-based, has a nice GTK interface, and currently performs over 531 remote security checks. It has powerful reporting capabilities (HTML, LaTeX, ASCII text) and not only points out problems, but suggests a solution for each of them. Windows version available here.
26dc74d0229e21fbafb5803f964aa05667fe8d8ac3ad2db2fa55534c3d3beda2Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.
65f57e2ad7b7c22483a3f42e9807ae6c22bd831ac181beed6eacdac7a7fdd282Tcptraceroute is an implementation of traceroute which uses TCP SYN packets, instead of the more traditional UDP or ICMP ECHO packets. In doing so, it is able to trace through many common firewall filters.
f3c821f8831df5825e51a252de008e75a7c13f3ac0b88c080818c68b2dc1509aStunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
aaf0f934ea4a2833ca6354c5c90c8a0b0d6ab2ca96d1a8d673f23b26801f65d6Sneaky Pete is a java program which lets you input an alphabetic passphrase into a computer without using a keyboard, thus foiling keylogging software/hardware. It also incorporates anti-TEMPEST fonts to make it harder for monitor-scanners to see what letters are on your display.
93beb1efc57a9397ed67dd64e1510987e1481359afba0055c83617c4bbb54338Etherape is an etherman / interman / tcpman clone which displays network activity graphically. Active hosts are shown as circles of varying size, and traffic among them is shown as lines of varying width. It is GNOME and pcap based. It supports Ethernet, FDDI, Token Ring, PPP, and SLIP.
8c2fdbf0569d78b65a8824229f81223894e622d48ec5b66907ebcb789ea23acfMedusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
a599cf59ec5f974bc6bdb81af28463f1d93848ef143510e461f2499973dc8f2d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed