background preloader

Security

Facebook Twitter

Seven Free Security Tools for Linux - PCWorld Business Center. One of the big advantages of using Linux is that its security tends to be so much better than that of the competing alternatives.

Seven Free Security Tools for Linux - PCWorld Business Center

That's due in large part to the way Linux assigns permissions, but it's also certainly true that the open source operating system is targeted by malware writers far less frequently than Windows is, in particular, simply because it's less widely used and so much more diverse. The fact remains, however, that no operating system is perfectly secure. For business users, in particular, a little extra security assurance is always a good idea, at the very least for your own peace of mind. Here, then, are a few of the best free tools you can use to help keep your Linux systems secure. Clam AntiVirus. John the Ripper password cracker.

John the Ripper is free and Open Source software, distributed primarily in source code form.

John the Ripper password cracker

If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. This version integrates lots of contributed patches adding GPU support (OpenCL and CUDA), support for a hundred of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc., and even things such as encrypted OpenSSH private keys, ZIP and RAR archives, PDF files, etc.), as well as some optimizations and features. Unfortunately, its overall quality is lower than the official version's. Wireshark · Go deep. Tenable Network Security. Nmap - Free Security Scanner For Network Exploration & Security Audits.

Locally checks for signs of a rootkit. Home Page. Talisker Computer Network Defence Operational Picture. Glasnost: Test if your ISP is shaping your traffic. The goal of the Glasnost project is to make ISPs' traffic shaping policies transparent to their customers.

Glasnost: Test if your ISP is shaping your traffic

To this end, we designed Glasnost tests that enable you to check whether traffic from your applications is being rate-limited (i.e., throttled) or blocked. Glasnost tests work by measuring and comparing the performance of different application flows between your host and our measurement servers. The tests can detect traffic shaping in both upstream and downstream directions separately. The tests can also detect whether application flows are shaped based on their port numbers or their packets' payload. Ip Tools, DNS tools, internet tools, WHOIS, traceroute, ping, domain name tools. SQL Injection Walkthrough. 1.0 Introduction When a machine has only port 80 opened, your most trusted vulnerability scanner cannot return anything useful, and you know that the admin always patch his server, we have to turn to web hacking.

SQL Injection Walkthrough

SQL injection is one of type of web hacking that require nothing but port 80 and it might just work even if the admin is patch-happy. It attacks on the web application (like ASP, JSP, PHP, CGI, etc) itself rather than on the web server or services running in the OS. This article does not introduce anything new, SQL injection has been widely written and used in the wild. We wrote the article because we would like to document some of our pen-test using SQL injection and hope that it may be of some use to others. You may find a trick or two but please check out the "9.0 Where can I get more info? " 1.1 What is SQL Injection? SQL Injection Attacks by Example. A customer asked that we check out his intranet site, which was used by the company's employees and customers.

SQL Injection Attacks by Example

This was part of a larger security review, and though we'd not actually used SQL injection to penetrate a network before, we were pretty familiar with the general concepts. We were completely successful in this engagement, and wanted to recount the steps taken as an illustration. Network Calculators. Upside-Down-Ternet. My neighbours are stealing my wireless internet access.

Upside-Down-Ternet

I could encrypt it or alternately I could have fun. I'm starting here by splitting the network into two parts, the trusted half and the untrusted half. The trusted half has one netblock, the untrusted a different netblock. We use the DHCP server to identify mac addresses to give out the relevant addresses. Is Hiding Your Wireless SSID Really More Secure? Top 100 Network Security Tools. Three locks for your SSH door. Introduction If you require remote access to your computer and you enable Secure Shell (SSH) connections, you must accept that you will automatically attract hackers who will try to break your defenses and take command of your machine.

Three locks for your SSH door

Zenmap - Official cross-platform Nmap Security Scanner GUI. Zenmap is the official Nmap Security Scanner GUI.

Zenmap - Official cross-platform Nmap Security Scanner GUI

It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Scan results can be saved and viewed later. Kismet. BackTrack 4 R2 download available.