//Here are some Security tools and where to find them AFRIK. The choicest of paddlocks are all here OPEN-SOURCE SECURITY TOOLS Bastille http://www.bastille-linux.org/ Red Hat Linux "hardening" program Bastille Linux project Helps new sysadmins make Red Hat more secure CERT http://www.cert.org/ Clearinghouse for security information Carnegie Mellon University Highly authoritative and comprehensive courtney ftp://ciac.llnl.gov/pub/ciac/sectools/unix/courtney/ SATAN/SAINT scanner detector Basic Perl script that works with tcpdump crack http://www.users.dircon.co.uk/~crypto/ Password cracker Alec Muffett Used by white hats and black hats alike GPG http://www.gnupg.org/ (GNU Privacy Guard) A free replacement for PGP Free Software Foundation Uses no patented algorithms and supports OpenPGP IPchains http://www.rustcorp.com/linux/ipchains/ Linux firewall implementation Paul ("Rusty") Russell, project coordinator Included with most current Linux distributions IPmasquerade http://ipmasq.cjb.net/ Linux network address translation (NAT) function Incorporated into most Linux distributions Linux FreeS/WAN http://www.xs4all.nl/~freeswan/ Secure tunnels and VPNs Linux FreeS/WAN Project IPSec/IKE implementation Logcheck http://www.psionic.com/abacus/logcheck/ Checks logs and sends e-mail alerts Psionic Software Systems Inc. Check license for source restrictions Nessus http://www.nessus.org/ Security scanner The "Nessus" Project Intended to update and improve on SATAN NMAP Portscanner http://www.insecure.org/nmap/ Network port scanning "Fyodor" Scans networks for open ports OpenBSD http://www.openbsd.com/ Secure and free multiplatform OS The OpenBSD Project Developed in Canada to avoid export controls; includes strong encryption; all code is audited. (This is the most secure o/s in the World) OpenSSH http://www.openssh.com/ Secure shell (terminal emulation and file transfer) The OpenBSD Project Replaces Telnet ProFTPD http://www.proftpd.org/ Professional FTP Daemon; more secure alternative to wu-ftpd Public Flood Software Inc. Developed for Linux/Unix platforms but will compile under Win32 SAINT http://wwdsilx.wwdsi.com/saint/ Security scanner World Wide Digital Security Inc. Easy-to-use WebSAINT version is also available Securing Linux Step-by-Step (report) http://www.sans.org/ Report on steps to take to secure Linux installations The SANS Institute Available for under $50 online or in hard copy SHADOW http://www.nswc.navy.mil/ISSEC/CID/ Intrusion detection system based on TCPdump Naval Surface Warfare Center In association with the Cooperative Intrusion Detection Evaluation and Response (CIDER) project Squid http://squid.nlanr.net/ Full-featured Web proxy cache Duane Wessels (Ntl. Laboratory for Applied Network Research) Supports Internet Caching Protocol (ICP) and SSL sudo http://www.courtesan.com/sudo/ "Superuser do" allows controlled access to root Todd C. Miller Logs uses, restricts access to users or groups swatch ftp://ftp.stanford.edu/general/security-tools/swatch/ "Simple WATCHer" or "Simple WATCHdog"; configurable log file filter/monitor Monitors entries to log files as the entries are made TCP wrappers ftp://ftp.cert.org/pub/tools/tcp_wrappers/ Enforces network access control Wietse Venema Included in most current Linux distributions TIGER ftp://coast.cs.purdue.edu/pub/tools/unix/tiger/TAMU/ System vulnerability scanning scripts Texas A&M University Part of Texas A&M University (TAMU) Security Package Tripwire http://www.tripwiresecurity.com/ Commercial version of freeware IDS Tripwire Inc. Tripwire 2.2.1 for Linux released this past December X-Force http://xforce.iss.net/ Computer threat and vulnerability database Internet Security Systems Inc. Covers all major platforms, including Linux Bye Kaushik ----------------------------------------------------------------------- LIH is all for free speech. But it was created for a purpose - to help people discuss issues about installing and running Linux. If your messages are counterproductive to this purpose, your privileges to submit messages can and will be revoked.
