echoping is a small program to approximatively test the performance of a remote host by sending it TCP "echo" packets. It is able to use the following protocols: echo, discard, chargen, HTTP (with SSL if you wish), ICP, and SMTP. It uses UDP instead of TCP for the protocols which accept it (like echo), it can repeat the test and display various statistics, and it can use T/TCP on systems which support it.
efcb74884ea3e610b50f62d2c8f0be2adcbab46d06b305bbfdf31d53701d049f
GnoScan is a multi-threaded network scan and security utility with an intuitive graphical user interface. It runs under GNOME. This is not the world's first port scanner, but certainly one of the most easy ones to use.
b26a1c32a92e8edb288d3ba836a3cbcc7946beacca618107dede2158d276bcce
Ettercap is a network sniffer/interceptor/logger for switched LANs. It uses ARP poisoning and the man-in-the-middle technique to sniff all the connections between two hosts. Features character injection in an established connection - you can inject characters to server (emulating commands) or to client (emulating replies) while maintaining the connection alive! Integrated into a easy-to-use and powerful ncurses interface.
9ba05bb75d19bd314c53dcb0edad0c26019be6c5ab558f0839bb683db9d01a7a
Seahorse is a Gnome front end for GnuPG, the GNU Privacy Guard program. It is a tool for secure communications and data storage. Data encryption and digital signature creation can easily be performed through a GUI and Key Management operations can easily be carried out through an intuitive interface.
3ef0fff90fa270a382d921f88c20e2a0ed5bc641af074f3f52fcb91d0fe9ccc5
scanssh scans a list of addresses and networks for running SSH servers and their version numbers. scanssh supports random selection of IP addresses from large network ranges and is useful for gathering statistics on the deployment of SSH servers in a company or the Internet as whole.
750732217d36f93827b84b7a1165d67a278f005ad6c9ae39df4a7d9b36e269a3
Genlist.c generates lists of IP addresses. Works on many platforms and has user definable start and stop IPs.
ce16a06083e4ed22793e1aa44e4a45accd9618671a0efde2e2e0b0565c1583b9
Tempest for Eliza is a program that uses your computer monitor to send out AM short wave radio signals. You can then hear computer generated music in your radio. it teaches you that your computer can be observed. Tempest for Eliza works with every monitor, every resolution. you don't have to be root.
db4c893b34995edce5019b35d2f65a47ea7683fd877ffce71b6238e7ccb97a81
The goal of FireStarter is to provide an easy to use, yet powerful, GUI tool for setting up, administrating and monitoring firewalls for Linux machines. FireStarter is made for the GNOME desktop. It can actively monitor your firewall and list any unauthorized connection attempts made to your machine in a readable table format.
a7972a53e84c76257ac3184b72518d9e861ff7fb314073e5b8c8442ccfc500a1
Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
3fd7301544788e100566198bb85958be8ed8120173b64366e2d40eaf502c2d7f
motion uses a video4linux device as a motion detector. It will make snapshots of the movement it sees, making it usable as an observation or security system. It can send out email, SMS messages, or invoke an external command when detecting motion.
d9d2b8c924decc3a066f0e8e206035b24bcc63741410fce220cf0259494b636e
SuSE Security Advisory SuSE-SA:2001:04 - SSH1 allows remote users to brute-force passwords without getting noticed or logged, SSH session key recovery, and remote root compromise. Switch to openssh.
61675fb7a2bba6039f31869677773990330a6bcd84a7b6edd2504dd0848668b3
Rampage.c reads from a list of routers and uses them to ping-flood a single host. Logs into the routers and uses the ping command.
f3f2f0025c62ed4a19d95e933bc254c07baf7bce8a3d13a6c85af5f4677eaaac
The Ultimate Bulletin Board System allows remote users to get the username and pass of anyone that is a registered user of a ubb forum that has html enabled and uses cookies to store the username and passwords of the users.
9d5082efd21f409b5ad3daca83e818ef19b075ca500641904a82ae2d168d2cb3
Crypto-gram for February 15, 2001. In this issue: Hard-Drive-Embedded Copy Protection, An Intentional Backdoor, The Doghouse: NASA and eTrue, A Semantic Attack on URLs, E-mail Filter Idiocy, Air Gaps, and Internet Voting vs. Large-Value e-Commerce.
b0b49966a2d150c0a44f721540654f4d81304aea8b42eaa28021ffddd0f33b1f
Microsoft Security Advisory MS01-009 - The PPTP service in Windows NT 4.0 has a flaw which allows remote attackers to crash the service via a malformed packet. Microsoft FAQ on this issue available here.
9f459f1211e41897038aebbe45c2bfbccf92f8c2231699929744255277097d75
Crypto-gram for January 15, 2001. In this issue: A Cyber UL?, Solution in Search of a Problem: SafeMessage, A Social Engineering Example, The Doghouse: Gianus Technologies, NIST Crypto Update, Code Signing in Microsoft Windows, and PGP Broken with keystroke recorder.
0c33f46f08e82b8305be0f5faa977094e7924be590044355b4e2dff66f92a763
Autoscan scans for valid NUAs using the autonet x25pad gateway, logging valid NUAs that refuse connection (requiring a valid NUI to connect), freely available NUAs (accepting reverse charging) and Calls Cleared 0-67 (DTE, subaddress specification needed).
9b63dbeddbacc6e694e2152f78223667e7721b72279b8ded41e6ea2e7262d986
Winject is a low-level packet builder/injector for win9x dialup users. It allows you to create custom packets with real or spoofed IP addresses.
99cffe5119a662438d31a5cab15b939fbae6037e0d8c6283a474cd5e75810780
Authforce is an HTTP authentication brute forcer. Using various methods, it attempts brute force username and password pairs for a site. It has the ability to try common usernames and passwords, username derivations, and common username/password pairs. It is used both to test the security of your site and to highlight the insecurity of HTTP authentication due to the fact that users just don't pick good passwords.
856388fdb60fceada9640e0d10c25e996715547dacd237f053a88ead71a31fd5
RootJail is a small program designed help run dangerous or unreliable services more securely. It works like init in that it spawns processes and watches for them, respawning them upon death. If the child is misbehaving, in that it's dieing repeatedly, it is then disabled. In addition, it uses chroot to prevent the service from accessing files outside its directory.
f14c215e289b83e4f719c437b6a098129af4ad8b0ac8cd219d08173d1840f163
Ramenfind v0.4 is a local Ramen worm detection and removal tool. Final release unless problems are found.
320257e648f002eda11a46020e3a2f7c6a850a287966cd4d5c4b549e73b7ac8e
Microsoft Security Advisory MS01-010 - Windows Media Player 7 has a vulnerability in the skins feature which manifests itself when a Windows Media Player skin (.WMZ) file is downloaded from an untrusted website. Java code can be used to read and browse files on a local machine. The vulnerability stems from the fact that "skins" are downloaded to a known location on a victim's computer and are stored in a .zip package. If the .zip package contained a Java class (.class) file, any Java code in this class can be executed under the local computer security zone, taking arbitrary action on the user's machine. Microsoft FAQ on this issue available here.
aa001023b4b36b589fc75bf5d0b2ab730e136efc4e831a9d8dacbeb1217084a7
FreeBSD Security Advisory FreeBSD-SA-01:25 - Systems which have installed the optional Kerberos IV distribution are vulnerable to attacks via the telnet daemon due to an overflow in the libkrb KerberosIV authentication library and improper filtering of environmental variables by the KerberosIV-adapted telnet daemon.
f9a7aa773a778f96ba38dd1ff4ca14f8f41dbeeb995305ea23832d652efb4616
Arb-Scan is a remote banner scanner, written in Bash and Perl. It currently supports ftpd, sshd, smtpd, domain, finger, httpd, pop2, pop3 and imapd banner checks. It features IP file reading and logging.
7a1fb6b6fb4abcfadef9daa4ff9db24be8ebfac5cdd7eb39b3853b957636a951
IPA is highly configurable IP accounting software for Free and Open BSD. It allows to make IP accounting based on IP Firewall and/or IP Filter accounting rules. In most cases IP Accounting Daemon is run on public servers, software routers, etc. It uses powerful IP Firewall and/or IP Filter accounting rules and based on its configuration allows to escape from writing scripts to manage network accounting.
f152f194fdb4626ae4a20ce69ac1f25bed8fe0634a4f317e0e5b638b9798907f