all things security
Showing 1 - 25 of 94 RSS Feed

Files Date: 2005-06-01

Fwknop Port Knocking Utility
Posted Jun 1, 2005
Authored by Michael Rash | Site

fwknop is a flexible port knocking implementation that is based around iptables. Both shared knock sequences and encrypted knock sequences are supported. In addition, fwknop makes use of passive OS fingerprinting signatures derived from p0f to ensure the OS that initiates a knock sequence conforms to a specific type. This makes it possible to allow, say, only Linux systems to connect to your SSH daemon. Both the knock sequences and OS fingerprinting are completely implemented around iptables log messages, and so a separate packet capture library is not required.

Changes: Added new authorization mode. Updated man page and there are a few other additions to the functionality.
tags | tool, scanner
systems | linux, unix
MD5 | 0656d8123f4d40498754c7d245a36ba4
Posted Jun 1, 2005
Authored by Alberto Ornaghi, Marco Valleri | Site

Ettercap NG is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining an established TCP connection! Integrated into a easy-to-use and powerful ncurses interface.

tags | tool, sniffer, tcp
MD5 | 28fb15cd024162c55249888fe1b97820
Posted Jun 1, 2005
Authored by SmithJ108 | Site

SnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and synchronize all sensor configurations.

Changes: Enabled logging. Various bug fixes.
tags | tool, web, sniffer
MD5 | 1e9eac271e447283f6a7290ed884fb36
Posted Jun 1, 2005
Authored by Todd Troxell | Site

Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.

Changes: Various updates. See changelog.
tags | tool, intrusion detection
systems | unix
MD5 | 5d551961f207686d742238091a9690c5
Posted Jun 1, 2005
Authored by Phillip Deneault | Site

Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.

Changes: Bug fixes. Minor additions and changes.
tags | tool, web, sniffer
MD5 | 4d6a2269375a13a1ea7bcb6703e7d701
Posted Jun 1, 2005
Authored by Nicola Cocchiaro | Site

SteGUI is a graphical front-end to Steghide that lets users view the images (in Bitmap and JPEG format) and play the sounds (in Wave and AU format) that Steghide allows as cover files. SteGUI also contains a simple text editor to manage text payload files (although any kind of file can be a payload to hide). The idea is to allow users to manage the supported file types and use Steghide from a single graphical tool.

tags | encryption, steganography
MD5 | 81322a5d6b5672a6cf9b22392a03e79c
Posted Jun 1, 2005
Authored by David Barroso, Alfredo Andres Omella | Site

Yersinia implements several attacks for the following protocols: Spanning Tree (STP), Cisco Discovery (CDP), Dynamic Host Configuration (DHCP), Hot Standby Router (HSRP), Dynamic Trunking (DTP), 802.1q and VLAN Trunking (VTP), helping a pen-tester with different tasks.

Changes: A couple of bug fixes.
tags | tool, protocol
systems | cisco, unix
MD5 | 3a4c8ee7c8fbc751152de423f624d994
Posted Jun 1, 2005
Authored by Attila Nagyidai | Site

Iron Bars SHell is a restricted Unix shell. The user can not step out of, nor access, files outside the home directory. Two ASCII configuration files are used for more control. The system administrator can define which commands may be executed by the user. No other executables are allowed. The admin also has the opportunity to define what kind of files the user may create. If a file has a certain extension (such as .mp3, .c, etc.), ibsh automatically erases it.

Changes: Fixed a format string vulnerability.
tags | shell
systems | unix
MD5 | cd06310446b91d0fac933d5083d7205f
Posted Jun 1, 2005
Authored by Mark Seaborn | Site

Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.

tags | tool, shell, kernel
systems | linux, unix
MD5 | 1416819f04be0e4509100ca220d8608a
Posted Jun 1, 2005
Authored by Victor Julien | Site

Vuurmuur is a middle-end and front-end for netfilter and iptables that is aimed at system administrators who need a decent firewall, but do not have netfilter specific knowledge. It converts human-readable rules into an iptables ruleset (or optional a bash script), makes netfilter logs readable, and includes an ncurses GUI.

Changes: Various fixes, updates, and improvements.
tags | tool, firewall, bash
systems | linux
MD5 | d5b5129365356a5126f36ad889799793
Posted Jun 1, 2005
Authored by Dominique Karg, David Gil, Fabio Ospitia Trujillo, Julio Casal, Jesus D. Munoz | Site

Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.

Changes: Various bug fixes and feature enhancements.
tags | system logging
systems | linux, unix
MD5 | bf666cb502d46697e80a9cf786b4e964
Clam AntiVirus Toolkit 0.85.1
Posted Jun 1, 2005
Authored by Tomasz Kojm | Site

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various fixes and updates.
tags | virus
systems | unix
MD5 | b0675c3273785d61eefc1afa304745c0
Posted Jun 1, 2005
Authored by priikone | Site

SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services in the Internet. It can be used to send any kind of messages, in addition to normal text messages. This includes multimedia messages like images, video, and audio stream. All messages in the SILC network are encrypted and authenticated, and messages can also be digitally signed. SILC protocol supports AES, SHA-1, PKCS#1, PKCS#3, X.509, OpenPGP, and is being developed in the IETF. This tarball holds all developer related files.

Changes: Rewritten SILC Log API.
tags | protocol
MD5 | 7ce8de362d1ecede89779abd343c8c24
Posted Jun 1, 2005

VisualRoute is a traceroute tool which displays a map of the path to the destination server by looking up the geographical location of each traceroute hop. The network service provider is identified for each hop, and instant domain and network whois information enable quick problem or abuse reporting.

Changes: Maintenance Release.
systems | unix
MD5 | 2d8ac022dd56ba5c8beeb532de5b87fd
Posted Jun 1, 2005
Authored by regit | Site

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: Added nuauth_log_users_without_realm.
tags | tool, remote, firewall
systems | unix
MD5 | ea4e1f55794d880c678cd5a377231174
Posted Jun 1, 2005
Authored by fuzzyping | Site

Hatchet is a log parsing and viewing utility for OpenBSD's PF firewall software. It presents HTML output of logged events and utilization graphs using pfstat.

Changes: Reorganization of docs directory. Various bug fixes.
tags | tool, firewall
systems | unix, openbsd
MD5 | ab5bc9dba21b6b2a9a6627ef7da3e846
Openwall Linux Kernel Patch
Posted Jun 1, 2005
Authored by Solar Designer | Site

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: This version adds a fix to the ELF core dump vulnerability.
tags | overflow, kernel
systems | linux
advisories | CVE-2005-1263
MD5 | 15ea2e5b5818c2207eb8026147d168c7
Posted Jun 1, 2005
Authored by H D Moore | Site

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. The Framework will run on any modern system that has a working Perl interpreter, the Windows installer includes a slimmed-down version of the Cygwin environment.

Changes: Five new exploits added.
tags | tool, perl
systems | windows, unix
MD5 | 50de66eedb0f0a075b6453344f37ed34
Posted Jun 1, 2005
Authored by Anthony G Persaud | Site

Nmap Parser is a Perl module that simplifies the process of developing scripts and collecting information from the XML nmap scan data, which can be obtained by using nmap's -oX switch or from the file handle of a pipe to an nmap process. It uses the XML twig library for parsing, and supports filters.

Changes: Support for multiple instances of Nmap::Parser objects without overwriting data. Various other tweaks.
tags | tool, perl, nmap
systems | unix
MD5 | a62a7c1e5911beca30b56d954b8bd6ec
Posted Jun 1, 2005

Network Security Policy Compiler (NetSPoC) is a tool for security management of large networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware - a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.

Changes: Multiple bug fixes.
systems | unix
MD5 | 28c25eb39183370ff4eb86222f317cee
Posted Jun 1, 2005
Authored by Eric Gerbier | Site

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: Various bug fixes.
tags | tool, integrity
systems | windows, unix
MD5 | ab4f32181072ede3064162ace37c4e82
Samhain File Integrity Checker
Posted Jun 1, 2005
Authored by Rainer Wichmann | Site

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 1e5f026a6c6289fdc33970c803599e56
Posted Jun 1, 2005
Authored by roseg | Site

Pound is a reverse HTTP proxy, load balancer, and SSL wrapper. It proxies client HTTPS requests to HTTP backend servers, distributes the requests among several servers while keeping sessions, supports HTTP/1.1 requests even if the backend server(s) are HTTP/1.0, and sanitizes requests.

Changes: See the changelog.
tags | web
MD5 | f8a15e9019ce778afae952a83c172145
Posted Jun 1, 2005
Authored by noorg | Site

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Minimal updates.
systems | unix
MD5 | 5269c49d3fcd2de5f9c0fbbe4d9b09c4
Posted Jun 1, 2005

The Umbrella security mechanism implements a combination of process-based Mandatory Access Control (MAC) and authentication of files through Digital Signed Binaries (DSB) for Linux based consumer electronics devices ranging from mobile phones to settop boxes. Umbrella is implemented on top of the Linux Security Modules (LSM) framework. The MAC scheme is enforced by a set of restrictions on each process. This policy is distributed with a binary in form of execute restrictions (in the file signature) and within the program, where the developer has the opportunity of making a restricted fork.

Changes: Various fixes.
systems | linux
MD5 | c260b14578e7b8f577e71b0067696cbc
Page 1 of 4

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    22 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2016 Packet Storm. All rights reserved.

Security Services
Hosting By