epd dump portscanner.
7eb501c4200cd3d32ad284116cc1ab5b013ad61f6857a7d446bb928f078fbe81
Gobbler packet sniffer.
b4ad24d2132ca9724a0e9f349531bafd172d72dc4bd97c5e50d347741669a434
David LeBlanc's utility for monitoring malicious group creation by end users. For NT.
f03dc08038453b937927800e447648b343da2aeb781e05411f5b0bdf903b7661
"Building a Windows NT bastion host in practice V1.01" (Adobe PDF zipped) - Building a Windows NT bastion host in practice V1.01 - This paper presents a checklist for converting a default Windows NT installation to a bastion host. A bastion host is a computer system that is exposed to attack, and may be a critical component in a network security system. Special attention must be paid to these highly fortified hosts, both during initial construction and ongoing operation. Bastion hosts can include Firewall gateways, Web servers, FTP servers, Name servers (DNS), Mail hubs and Victim hosts (sacrificial lambs).
01cd2767a012a6f33919660f82161617366f8679602c6fbcb1283e406ad9b2f5
DOS I-Scanner.
d7e1959894e1e2c2be2414b0f24523194ab4575ec6775692fa467bc6e684026d
WinAudlog - New centralized logfile checking tool for auditing distributed system logs in a network and certify that intruders did not modify these logs.
9ee3285187ef174797610eb73326afc6fe2e459b8868d63cca2a9cb8b2d9a802
WDumpEvt v2.01 is an administration tool that makes it easy to manage all the information from Windows NT logs. Browse the eventlog tree, dump the data to a file in ASCII-delimited format for importing into a database or spreadsheet, or choose HTML format for an easy-to-read display. The resulting file can contain information such as type, number, and category of the event, plus computer name, date, user, description. Dump the data of the system, security, application log, or only a source, category, or event. Dump all the data or just the data from the last dump. Erase or save the data in the eventlogs, too. Schedule all these actions thanks to the LogSched service to have regular save or dump. Retrieve properties about eventlog files: events number, begin and end date, file size, etc. Shareware by Isabelle Vollant, www.wdumpevt.com
55aee08a0d799e13095aa323f5d0f1f4a8a992306960c8c1f85b8b084f354e4a
NessusNT-981007.zip
5d75239aee0172eef205da98d9ed1e4adbf2daa65bd959712b3d6fbb555a5d60
Somarsoft RegEdit V2.0 - DLL callable by 32 bit Visual Basic that can be used to view and/or modify user registry profile.
bc25071bc3b541c565e2f211a0fb3dbbcfcbe24934cfb9c43360e5ad012d8556
Somarsoft DumpReg V1.1 - Windows NT and Windows 95 program to dump the registry, making it easy to find keys and values matching a string.
cf7750193764bb7ba74e85e20c0a86740729e71a98780b1c0e59e1af810b57df
Forensic Toolkit v1.4 contains several Win32 Command line tools that can help you examine the files on a NTFS disk partition for unauthorized activity. Excellent Open Source freeware from NT OBJECTives, Inc. web site for lots of excellent tools and the source code for some of their fine products.
415b5b00bf4aa7d44f83ac75080f64398554a3819e7b67681f0269bb88ce625a
NessusJ-JFC-980705.zip
c5780c9dac6ad37575499c4ac0f5630e782ab431da80405e7bc0e7ff7338bea3
AFind is the only tool that lists files by their last access time without tampering the data the way that right-clicking on file properties in Explorer will. AFind allows you to search for access times between certain time frames, coordinating this with logon info provided from ntlast, you can to begin determine user activity even if file logging has not been enabled. This is the latest release of AFind.
7fa8a68e6476c3237758457eb927431f4898a4a4e1dd883108d6d970e55f6053
celsetupb.zip
9b3121632087758d0f8df4af8ed7a05832c8760d46181495da9f1310a8d7abbb
Somarsoft DumpAcl V2.7.16 - Windows NT program to dump the permissions (ACLs) for the file system, registry, shares and printers in a concise, readable listbox format, so that "holes" in system security are readily apparent.
7065db9ddb71999270b1dde2347b9a7e5935f1997cfb24f96077520a06648f6d
Somarsoft DumpEvt V1.7.3 - Windows NT program to dump the event log, in a format suitable for importing into a database. Used as basis for eventlog managment system, for long-term tracking of security violations, etc.
37a8f4b504165b365ab8afd84f08fa437cc2253d1ab53cd7b785329988ed393f
There is also a DLL version of DumpEvt, which allows you to read the formatted event log from Visual Basic.
b684b8808eb9aa1d59923480145ee7fd76078d8280af9da9b68c922c9fc9942f