Pidentd v3 is a much improved version of the original Ident daemon both in terms of speed, code quality and features. Features include multithreading, a "configure" script, startup autodetection, much clearer/rewritten C code, doesn't run as root after startup, has a configuration file and can be started from /etc/inittab (on systems using a SysV init).
90c64a4c17de693f940eddc2ed2a9e831ef18486054df4877534e6c693977386
Winfingerprint 223: Advanced remote windows OS detection. Current Features: Determine OS using SMB Queries, PDC (Primary Domain Controlller), BDC (Backup Domain Controller), NT MEMBER SERVER, NT WORKSTATION, SQLSERVER, NOVELL NETWARE SERVER, WINDOWS FOR WORKGROUPS, WINDOWS 9X, Enumerate Servers, Enumerate Shares including Administrative ($), Enumerate Global Groups, E numerate Users, Displays Active Services, Ability to Scan Network Neighborhood, Ability to establish NULL IPC$ session with host, Ability to Query Registry (currently determines Service Pack Level & Applied Hotfixes.
d2c64498ec1cb0175f3084da43d7f9f0ff3cd23013d44bae7d96fb8efb56b556
Windows 2000 Security - Log of a Windows 2000 hack and explanation of the dangers involved with the default security in Windows 2000 professional.
8b2ac853634ad5a826d4954ec9a04f38562ac16e7d8df4b21e6871c90ec05651
Q 1.0 is a client / server backdoor which features remote shell access with strong encryption for root and normal users, and a encrypted on-demand tcp relay/bouncer that supports encrypted sessions with normal clients using the included tunneling daemon. Also has stealth features like activation via raw packets, syslog spoofing, and single on-demand sessions with variable ports. This version is downward compatible and includes a few bugfixes that make the remote access daemon work reliably.
35ffdfbefeac850bb2ce4ff8a3613dbf68aaa7ef7147b5b4a9a14bcbff725692
The Nemesis Project is designed to be a commandline-based, portable human IP stack for UNIX/Linux. The suite is broken down by protocol, and should allow for useful scripting of injected packet streams from simple shell scripts.
55b28c562859c445ffcacb06d9a5d7268a74d4a47d80d6e42b4b2c9cd9cef0c3
Microsoft has released a patch for a security vulnerability in the Rich Text Format (RTF) reader that ships as part of Windows 95, 98, and NT 4.0. The vulnerability is used to cause email programs to crash. Microsoft FAQ on this issue here.
f8951101aeebb2c728a48f1c1870a0377255e6ef1c0a19790e2f2f19fa49c968
The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace on your system. LIDS can also provide raw device and I/O access protection.
c39022e6637ebe955b9e6589c00444a2e4cd839fbb6745d42db2e6983994d769
syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
8c217ce8ee29bc17b5d8e90ac179438e71f454e78e50a5febe7c2e8980683901
Flash is an attempt to address the security problems associated with giving local unix users full shell access. It is a (hopefully) secure shell which will only execute administrator defined programs, while also being very user friendly. Flash is fully windowed (using an ncurses interface), is driven by cursor keys, has hotkey support, has fascist logging support and more.
c410a190307086628c2e042d55436e24ba55a65b60d905474b261883b35b5eed
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time.
1b8b3ea7a188c4ebf4c4c9e89f7947797ae041ca6472ec52d2e1d93748996f6b
Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more.
a24a812f64eda5d17aa7581490867f0831831045e6e525f89faaeead1af4a79b