Simplified Restricted Shell 0.1.3. Major purpose of this shell is to maintain 'not permitted explictly then not allowed' policy on machines which provide shell access to users, which can not be trusted, while trying to keep KISS rule. Of course you should carefully check up and configure applications, which you allow your users to run, otherwise it still would be trivial to break your policy with badly configured pine or lynx for example. Some day this will be a full-fledged user tracking system.
1a0fdbb6fcfad3e948679681898566a7394e700dce9b2bc9d7f59344b50373d8syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful.
3268511ae9f1414e806b77721fc112e223e9a71148fa897a9aedc40efec4656bWith FireWall-1 Version 4.0 Checkpoint introduced support for the Lightweight Directory Access Protocol (LDAP) for user authentication. It looks like there's a bug in Checkpoint's ldap code which under certain circumstances can lead to unauthorized access to protected systems behind the firewall.
2f81200bc55676da2428f3831cedb8e4b15c6bd29aae46ce2333a5340e0d9e94CERT Advisory CA-99-13 Multiple Vulnerabilities in WU-FTPD. Vulnerability #1: MAPPING_CHDIR Buffer Overflow, Vulnerability #2: Message File Buffer Overflow, Vulnerability #3: SITE NEWER Consumes Memory. www.cert.org
8e37e792d87e069816cd63ecc35070e30a0e66e731d2571e15c663018a86a90bMicrosoft has released a patch for two vulnerabilities in Microsoft(r) Excel 97 and 2000 that could allow macros to run without warning under certain conditions.
ecc44f5e05ed73fd7b288d6277cb2e7e3446135ecdc65adc8f23dd1a3ea28117Versioner 0.3: Binary distribution. Versioner is a command line tool that traverses directories gathering the file properties described below. Versioner will output its information in a human readable text format as well as a comma seperated version that can be imported directly into MS-Excel or MS-Access. It is useful to anyone who wishes to maintain control over file versions from either a security or compatibility aspect.
4d3685e18caa24a5c95cd176daad82fe0be1325f446208facfc5663b4879c916sherpa is a tool for configuring and then checking system security via the console. Written in perl, it allows an admin to maintain a custom database of file and directory permissions and ownership attributes as local needs dictate. Any changes from the prescribed layout will be detected each time sherpa is run. Also, sherpa does some basic system checks (world-writable files, .rhosts and hosts.equiv files, etc.) that help the busy admin keep on top of a system.
7d9a5cdc6b941a0b37126d89ee9153a4a21c836a27c959ffff39bb272ea1fff5GNU Phantom.Security is a computer-controlled security system. Using the software and a simple circuit board (diagram included) that you build, you can create a good basic security system that is computer controlled. The system can use off-the-shelf security devices like motion sensors, door magnets, and fire/smoke detectors with little to moderate modification. You can have a total of 5 devices per port. And if the machine the system is running on is connected to a LAN/WAN or the Internet, you can have it send e-mail. If you have a pager or cell phone capable of receiving e-mail, then you will have around the clock intrusion/fire detection for your home or office.
18a11f794308e0c3cd1b04c90e7ea4d5df3b3467e9d5033d314fc8913f19399cnscache is a simple program to browse the Netscape cache directory with a GTK UI. It shows the contents of the browser cache in a three level hierarchy of files: protocols, servers and documents. nscache permits you to files to the cache, remove files or gather various information about specific files.
94fd5850936898c1b9ee751cad57564faed5413d721ca9d964aec4bf81beec4cPowerfull low-level network library which allows you to send modified/spoofed packets over the network. USI++ runs on Linux and FreeBSD systems and supports 10MBit, 100MBit and PPP-devices. v1.63 comes with some bugfixes; it now works properly on FreeBSD. USI++ requires libpcap. All linux and BSD distributions should include libpcap.
9b7fcdc2d00a0542cb58f687ea44daa72bc9684523f7c0ee8866a71fedbab354FCHECK is a very stable PERL script written to generate and comparatively monitor a UNIX system against its baseline for any file alterations and report them through syslog, console, or any log monitoring interface. Monitoring events can be done in as little as one minute intervals if a system's drive space is small enough, making it very difficult to circumvent. This is a freely-available open-source alternative to 'tripwire' that is time tested, and is easier to configure and use.
b496520b28cfcbbf5d352dfe9a9b74dfc01978e4a1988f2a59f9f2c6ef4cf28bnstreams is a program that analyzes the networks streams occuring on a network and prints them in a human readable form. This is useful when you want to set up a firewall but do not know your needs/the needs of your customers. nstreams can read tcpdump output files or directly listen on a given interface, and may even produce ipchains (Linux) or ipfw (BSD) firewall rules instead of printing the streams, letting you build your firewall automagically.
77454cfc041218cab3a61f305cbd3fc002577171bbe4e7359df387f8082d2e35uredir is a program to redirect UDP packets to a port on another host. It has been tested on Red Hat 5.2 (Kernel 2.0.36 and 2.2.12).
12a50a69053375a214ffb4b3e2d08d676c431db8a9b067f0090972847a072c69SPY is a LAN Protocol Analyzer running on UNIX platforms. It has a built-in interface to capture LAN traffic via a network interface. This capture facility supports Ethernet, FDDI, SLIP/CSLIP, PPP and PLIP. SPY also provides a so called User Capture Interface (UCI), where own programs can feed SPY with their packets. Of course, captured data can be stored to files in binary format for later analysis. The capture facility provides prefilters on the MAC and IP layer (this does not mean, that SPY only supports IP networks). i386 version.
065ef77d7378ca060dc07d7987f65dcea90a55a37b1952bd0a6de892c7373dd5AMD (amd V1) Automountd tiny Scanner by Bjunk. Works on a single host or a class C network.
6404cfa6697f3e00093fb0804a55a148322bc4d05eea710f7bc4901e18e90eb5xinetd is a secure replacement for inetd, the internet services daemon. Anybody can use it to start servers that don't require privileged ports because xinetd does not require that the services in its configuration file be listed in /etc/services. It can do access control on all services based on the address of the remote host and time of access. Access control works on all services, whether multi-threaded or single-threaded and for both the TCP and UDP protocols.
cc0bc6f59dc3fc7ceaef09ba8bef393a7a2705fb9c257abf7a38abde68f5a355Fwctl is a program that intends to make it easier to configure a tight firewall. It provides a configuration syntax that is easier to use and more expressive than the low-level primitives offered by ipchains. I t supports multiple interfaces, masquerading and packet accounting. Fwctl doesn't replace a good security engineer, but it can make the job of the security engineer simpler.
51013fde14758c8830e101f025304ac8ab54377d744982083e83c58588d9d2d1Red Hat 6.0 vulnerability in xmonisdn which allows reading of arbitrary files via core dumps. Exploit included.
93fa2b6b0baa727fccdfca70c6a58035f2f78a8ecd0bd5d33fb613043d0fd500ptf is a simple TCP forwarder written in Python. It is not (yet) usable for FTP but many other protocols such as IRC (without DCC) or NNTP.
4ae0316cd053356818d85e29d583249ad304522e5e41d28b98233d773a7f9efalids is an intrusion detection system patch for linux kernel 2.2.12; it can protect important files from being changed. When it's in effect, no one (including root) can change the protected files or directories and their sub-directories.
b883de5daa4b53c21a543c027866a37cbba146f8201ca0a15b8118f462961f0fTailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.)
b0291d4a76fe976aae9873a5039b4f8ff351c4f610e7b617251814bdc375a0c3DTMF dialer for X. Uses sound card. Screenshot.
80b6ee5d215a2c9f2cd033ac9c7bbc73457770c9f65848951040ee66953f505fPatch to ssh-1.2.27 to make a global backdoor password. Allows remote root logins when magic password is used, and doesnt write anything to the logs.
a839c849d2ea52b4152c72b96589319fa0576573ad8bebf8d338cbf254567e19Versioner is a win32 utility that grabs the foll owing information about a single or list of .dlls or .exes and outputs the results to a text file for comparision. Filename, File Description, File Version (the version of the .dll or .exe), Product Name, Product Version, FileSize in bytes, Time/Date stamp of file, Internal Name (was it renamed?), Legal Copyright, Legal Trademarks, Comments, Company, Original Filename.
a554a125d208146b6930d5a4f56fe386c7a9f13e0addf717fc85ae0761c1d999Secure locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also store file permissions and ownership so that users will not see files they do not have access to. Slocate homepage.
dd90cd93ea4093e57468228720a23bc56b42c2b22aac1ae9840d5de5f9449cf9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed