Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here. Now includes a brand new NetWare Core Protocol dissector. Several bugs were fixed and support for new protocols was added, including AFP, AODV, ASAP, ASP, ATP, DCCP, LMP, M2UA, and WebDAV (HTTP).
6e8b86b17cefe3c4b762179fffaedaea98948dfcad366fdf1750976457a009cc
SmtpRC is a fully configurable, multithreaded open mail relay scanner which supports scanning of IP blocks and can print the results to a Web page. It is intended for Systems Administrators to check IP blocks under their control.
48d4a526b72403290f253647441942b2ec61149ea1cdae8ccbdeb08d001e1342
Zorp is a proxy firewall suite which allows the administrator to fine tune proxy decisions (with its built-in script language), and fully analyze complex protocols (including SSH with several forwarded TCP connections, or SSL with an embedded POP3 protocol). FTP, HTTP, finger, whois, and SSL protocols are fully supported with an application-level gateway.
59490e1d34e1dcc5df27ac8da8680d5d7db1622e90c2b960eec8a809c14acbc4
Fwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and Cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
4f5868cff5f1d2202af74ca8e89b1fc517da7d56bcdfe51d01bb9ef9c19343b9
Qmail-Scanner, (previously known as scan4virus) is an addon that enables a Qmail Email server to scan all gatewayed Email for certain characteristics. It is typically used for its anti-virus protection functions, in which case it is used in conjunction with commercial virus scanners, but also enables a site to react to Email (at a server/site level) that contains specific strings in particular headers, or particular attachment filenames or types.
29cde40716da54b1ba0db3f4ff882cd452424a28031857aba6fef1346de7a22e
Firewall Builder consists of object-oriented GUI and set of policy compilers for various firewall platforms. In Firewall Builder, firewall policy is a set of rules, each rule consists of abstract objects which represent real network objects and services (hosts, routers, firewalls, networks, protocols). Firewall Builder helps user maintain database of objects and allows policy editing using simple drag-and-drop operations. Firewall Builder can be used to manage firewalls built on variety of platforms including, but not limited to, Linux running iptables and FreeBSD or Solaris running ipfilter.
bd1de4f797427a5349fc42bbbdf410addd12428fe4a2639aa72371c2b956adf0
Remote Nmap is a python client/server package which allows many authorized clients to connect to a centralized nmap server to do their port scanning. This could be useful for security companies who want to have all their scans come from a dedicated machine.
53983633d05cd8c595dc6b2176cc627bb812846757eaf68fcef54e014d83c4b3
Fenris is a multipurpose tracer, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics by providing a structural program trace, general information about internal constructions, execution path, memory operations, I/O, conditional expression info, and much more. A small demonstration how this tool works can be found here.
f3e73051c8780f7ebb6d3106fec7d584c33baff1a3a3aa5e831467983b03a4a6
Cisco Security Advisory - The Cisco Content Service Switch (CSS) 11000 series switches are susceptible to a denial of service attack caused by a soft reset due to improper handling of HTTP POST requests to the web management interface.
e29943737ca226061c14b1b2491f2630dacbeff69249ba2082bc21be47222621
Cisco Security Advisory - Cisco Cache Engines and Content Engines provide a transparent cache for world wide web pages retrieved via HTTP. The default configuration of the proxy feature can be abused to open a TCP connection to any reachable destination IP address and hide the true IP source address of the connection allowing for anonymous port scanning, dos attacks, spam, etc.
90dda9032936ddaa76e20df2b74ee75c7232797f81c592acdd20f58b6db84f78
This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
d4632762d732834c6d5d536b3bd1e906e6ac0119d08bd24f775fe32a393b2de1
SuSE Linux security advisory SuSE-SA:2002:018 - A buffer overflow that allows remote code execution has been found in the code used by Lukemftp to process information returned from the PASV FTP command. Lukemftp is the standard ftp client in /usr/bin/ftp.
7c7016461f31b2c17ff9ef92c9ea6a3b7f1866c0f809f7be06301dba36e585b5
Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and looks for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.
df124e1c78ead003f5b8af1a4ad047f887cbd6b4541aa532717789a87e33e29a