Port Scan Attack Detector (psad) is a perl program that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.
29794f8eeb026de0c58ab24a283076072d77a7f8f61d8675b4f555b89fd68687Attqt.pl is a tool for sending banned attachments through SMTP gateways by adding an invalid character to the filename. This is known to work on MailMarshall and TrendMicro Scanmail, others are probably vulnerable.
1a58cc9c0872e25c6653fb79721d64cc43fbadc32d4cce480e6cf5df091aa5b3Snmpbrute-fixedup.c is a fixed version of snmpbrute.c, a very fast snmp brute forcer. Since it doesn't need to wait for a response, it can guess community's very fast. Tested on Slackware 3.6.
7dbc3fe51c35288a5bc8adfcd06b78f7c7b5f7a51c0d77e67f5bee417dd4f9edAE-Gateway is a Man-in-the-Middle Gateway to assist sniffing in switched environments. Forces itself to become an ivisible intermediary gateway between the gateway and the victim host. It works well for sniffing specified machines on switched networks. This is done through ARP reply spoofing and then ARP replys are sent upon application terminiation to set back the original MAC addresses in the ARP tables to minimize traffic interruption.
cb46879f462c268e3ecddd01f3bc39031e1efaa3b08464f9cd0ccee0d3454218Guidelines for C source code auditing - A basic reference containing some tips, approaches and methods for finding vulnerabilities in C code.
b51ef94c9808338490069713f8eb6404b9f0ffddb2612c40f2369d7c13b0a159Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.
58dbe96cc345f0da76e6db10ebb3c98646a3db01584b7d4fa8b27ed549838580
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed