---------- Forwarded message ---------- Date: Wed, 27 Sep 2000 00:02:30 -0600 From: Kurt Seifried <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: LSLID:2000092701 - weekly posting [mod note]: is this a good idea? bad idea? indifferent? New Linux security tools / documentation September 26, 2000 - Weekly posting to Linux Security List The big news is that Red Hat 7.0 is out and ships with OpenSSL, OpenSSH and CIPE (and GnuPG, but that's old news). I'll be tearing into it next week. The LSKB has over 150 Linux security articles now, and a second author contributing (yipeee). http://www.securityportal.com/lskb/ The GNU Privacy Guard 1.0.3 - http://www.gnupg.org/ The GNU Privacy Guard (GPG) is a complete and free replacement for PGP developed in Europe. Because it does not use IDEA or RSA, it can be used without any restrictions. GnuPG is an RFC2440 (OpenPGP)-compliant application. squidauth 1.0- http://www.securegateway.org/ squidauth.pl is a Perl script that allows the Squid proxy server to authenticate to the TIS Toolkit firewall (or Gauntlet Firewall) authsrv using the authenticate_program parameter in the squid.conf. ndiff 0.02- http://www.vinecorp.com/ndiff/ NDiff compares two nmap scans and outputs the differences. It allows monitoring of your network(s) for interesting changes in port states and visible hosts. NDiff should be useful to network administrators, security analysts, and other interested parties who need to monitor large networks in an organized fashion. NDiff requires perl 5.005_03 or later and nmap 2.30BETA21 or later. Sara - http://www-arc.com/sara Security Auditor's Research Assistant (SARA) is a security analysis tool based on the SATAN model. It is updated frequently to address the latest threats. Checks for common old holes, backdoors, trust relationships, default cgi, common logins. Nessus 1.0.5 - http://www.nessus.org/ Nessus is a remote security scanner for Linux, BSD, Solaris, and other Unices. It is multi-threaded and plug-in-based, has a GTK interface, and performs over 500 remote security checks. It allows for reports to be generated in HTML, XML, LaTeX, and ASCII text, and suggests solutions for security problems. Stealth Kernel Patch 2.2.16/2.2.17- http://www.energymech.net/madcamel/fm/ Stealth is a kernel patch (for 2.2.16/2.2.17) that allows you to disable the sending of TCP RST packets and ICMP/IGMP replies, including UDP port unreach. This is useful for slowing portscan attempts to a crawl, hiding on a network, and making certian DoS attacks (a la stream) much less effective on your machine. A sysctl interface is used so the features can be enabled and disabled on the fly. -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
