Systrace enforces system call policies for applications by constraining the application's access to the system. The policy is generated interactively. Operations not covered by the policy raise an alarm, allowing the user to refine the currently configured policy. After a policy has been sufficiently constructed, further alarms often indicate security problems. Policies can also be generated automatically for sandboxing purposes.
35edc5553f55e4cec3302994ba3cf04e8a05f9d1d1f8839b8fb53ab0b9ebd292Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
fc697653c107f99d9f2d4a8a7750bc607ac547a153d16c3bdd6a2500280c2b9dradmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
8e138975f9731ba15e35b9d664db1a2f6a48152d950efc31c943d9b415150a83NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.
2049582d902a1a512500d862a0206fac5161ddf42a873f84c9840e480426ccf7John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), DOS, Win32, and BeOS. Its primary purpose is to detect weak Unix passwords, but a number of other hash types are supported as well.
b53633941ad52083d7143499ea06c60d918881a85d9685cd3f1917de7b0e61dfaircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
c0c8d36d9f0b7b622ded0dd3453e9a52f7c3034ec5900de577297f72fa6c37a3Plash (the Principle of Least Authority Shell) is a Unix shell that lets you run Unix programs with access only to the files and directories they need to run. In order to implement this, the filesystem is virtualized. Each process can have its own namespace, which can contain a subset of your files. Plash is implemented by modifying GNU libc and replacing the system calls that use filenames. For example, open() is changed so that it sends a message to a file server via a socket. If the request is successful, the server sends the client a file descriptor. Processes are run in a chroot jail under dynamically-allocated user IDs. No kernel modifications are required. Existing Linux binaries work unchanged.
d162e0d9d090d65a5d1a62627b10022026902c292609cd4e10c0ccc1030113a7Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
3fd0fb4e07213fe9bd2fc2797d0f4f7ff7505dbbb73af4ea1cb8a829b057505cScapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.
340bebb26bbf8cb37bdbcfb7b8df9225ad384a0b3f0b33b55ca0b8ba6c9a3b02Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
b679252aac90c9b764e3190f128d66baf9d21db71790848eefe351b332f44f08Gentoo Linux Security Advisory GLSA 200603-22 - Multiple vulnerabilities in PHP allow remote attackers to inject arbitrary HTTP headers, perform cross site scripting or in some cases execute arbitrary code. Versions less than 4.4.2 are affected.
fd8e3280bbe522b5ca5030a88eaa2b6793d02bcd572640cb7f3f5fc2967c9a64Sendmail, Inc. has recently become aware of a security vulnerability in certain versions of sendmail Mail Transfer Agent (MTA) and UNIX and Linux products that contain it. Sendmail was notified by security researchers at ISS that, under some specific timing conditions, this vulnerability may permit a specifically crafted attack to take over the sendmail MTA process, allowing remote attackers to execute commands and run arbitrary programs on the system running the MTA, affecting email delivery, or tampering with other programs and data on this system. Versions 8.13.5 and below are affected.
3b3c6adcf605a2b27d8b8cb962869671376f087868fa32c5b883c8b5c1bddf16Secunia Security Advisory - trew has discovered a vulnerability in LibVC, which potentially can be exploited by malicious people to compromise a user's system.
c9ec52fb90237483a2f2c6dbfdd7162f106f762377ab0f43ecc1b7e15c0c752dSecunia Security Advisory - Pratiksha Doshi has reported a vulnerability in Meeting Reserve, which can be exploited by malicious people to conduct cross-site scripting attacks.
50571b29007e606a7e174ce3e1a7cd5a7425854b469b1c86350ded438b009ec1Secunia Security Advisory - r0t has discovered some vulnerabilities in Helm Web Hosting Control Panel, which can be exploited by malicious people to conduct cross-site scripting attacks.
b2424f12d5433d0363c0a243d0b67225b8fdd8d81735bd0b9441a3ec6270145aSecunia Security Advisory - Jeffrey van der Stad has reported a vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
852d84411569962fa047d2cea88d8b4b302cbe8f02ec28d36276dd2679bd8a01Secunia Security Advisory - r0t has reported a vulnerability in E-School Management System, which can be exploited by malicious people to conduct cross-site scripting attacks.
9572f326484e57577bc729e3ae4662dce3a2d76b8efd7919467c91da3039fb8aSecunia Security Advisory - Two vulnerabilities have been reported in phpPgAds / phpAdsNew, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.
5fa867c69ef3c760b4625153cf5303de8139f4f388035d1de5f83cdca1908d64Secunia Security Advisory - r0t has reported a vulnerability in Metisware Instructor, which can be exploited by malicious people to conduct script insertion attacks.
6e1be78a510b4e9200e0458eca82ee0ac001b072b116a298f3e5f468fdffcd98Secunia Security Advisory - r0t has reported some vulnerabilities in EZ
6961c672c1f784e59662463493afdf645564b7aae9967cf3aa8afd7ee3f5d826Secunia Security Advisory - r0t has reported a vulnerability in BlankOL, which can be exploited by malicious people to conduct cross-site scripting attacks.
ebb5558a1f83dbb4fd542dc5e45c2b745a5276a60b27923110eeaf0c4461072fSecunia Security Advisory - Luigi Auriemma has reported two vulnerabilities in Vavoom, which can be exploited by malicious people to cause a DoS (Denial of Service).
204d3f685b74e330dfb0982977ce1ab4bdd9b58c10d568e2c17423b024caef91Secunia Security Advisory - Luigi Auriemma has reported some vulnerabilities in csDoom, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system.
0a1880472ed7c0798691de98611fea2c2b94e7c72f8f3f7bef665e851cdc0a95Secunia Security Advisory - Gentoo has issued an update for realplayer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
64761c77faa802972f9451d5815388032fd17314df7ce13a219f61b29b32f3e9Secunia Security Advisory - Pratiksha Doshi has reported a vulnerability in Calendar Express, which can be exploited by malicious people to conduct cross-site scripting attacks.
aeb353b88314aa1c067e6f1035a94e2ec350ff15d0c77586d8f86a6b89244332
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed