Find_ddos Version 3.1 (solaris intel) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.
9faf64c8b6739303cc2dc2b4152896361bdf70c5807908afbaadd586a0ae20c1
Find_ddos Version 3.1 (linux) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.
555d7ce8aff713ccf10f2d9cf13bf78dae04c68345ffffcf5cd52f591896a466
Find_ddos Version 3.1 (sparc) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.
862b19352d79f9875321d98f6bbf6571a9ba8799ac5008189740bfedfd987b0d
CrackDate will "crack" any Windows time limited program by changing the system date when the program is run / exits.
c50b6c75f5997d2000448826ef8f2c65aeca7714521ce891dc2f3d91ab5fc8f7
Simple CGI scanner which works on Linux, OpenBSD, and others. Updated to fix y2k problem.
67283afef975011510958b99f1bfc3a7059b81d45720412147d8ce0cd3d535ee
Universal remote unix trojan - This wrapper can backdoor nearly any service on any platform. Tested on login / imapd / qpopd.
885fba40e10573bdedddaf334427dedeca14c2d38df6c931e2a697af2a02b6b8
It is possible to cause the BeOS PoorMan webserver to crash (remotly) by sending a given URL to the server.
c7a561452597163b2603b347de43d34eabbf8faadb4f6ddceba795ffbb450b77
CERT/CC Malicious Web Scripts FAQ - A problem has recently been identified that can be found on a wide variety of web sites: what you receive from a web site may not be what that site meant to send. If you click on a specially designed link, the site may unknowingly send you bad data, unwanted pictures, and programs (malicious scripts) to compromise your data. The problem is not with web browsers themselves but with how web pages are constructed and how data entering and leaving web sites is validated. "Validate" means ensuring no "unintended" characters are sent back to the client.
7f117a7af59e1b84cb8ed09ed23e3b31fe0155ce6f43016ad6c28ee3d1892a12
CERT FAQ on which ports you should block at your firewall / router.
41aca7079c158408c3be8306274e0f2c91fcecaa2777d7b5100a185f8130e76b
The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off online and you can hide sensitive processes and prevent anyone from using ptrace on your system. LIDS can also provide raw device and I/O access protection.
d5af7ad334e17414e17804f66d1aabf9e75a571121f63998dad19b0021229ebd
syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
c66267e1f2fb86f4acd260388673bd986a5481deceafe784fd77053840ca8a25