Seven Free Security Tools for Linux - PCWorld Business Center One of the big advantages of using Linux is that its security tends to be so much better than that of the competing alternatives. That's due in large part to the way Linux assigns permissions, but it's also certainly true that the open source operating system is targeted by malware writers far less frequently than Windows is, in particular, simply because it's less widely used and so much more diverse. The fact remains, however, that no operating system is perfectly secure. For business users, in particular, a little extra security assurance is always a good idea, at the very least for your own peace of mind. Here, then, are a few of the best free tools you can use to help keep your Linux systems secure.
ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats.
John the Ripper is free and Open Source software, distributed primarily in source code form. If you would rather use a commercial product tailored for your specific operating system, please consider John the Ripper Pro, which is distributed primarily in the form of "native" packages for the target operating systems and in general is meant to be easier to install and use while delivering optimal performance. This version integrates lots of contributed patches adding GPU support (CUDA and OpenCL), support for a hundred of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc., and even things such as encrypted OpenSSH private keys, ZIP and RAR archives, PDF files, etc.), as well as some optimizations and features.
Riverbed is Wireshark's primary sponsor and provides our funding. They also make great products. Free 30 day trial Save hours on network and application issue diagnosesMonitor physical and virtual environmentsGUI packet capture and analysisFully integrated with Wireshark WLAN packet capture and transmissionFull 802.11 a/b/g/n supportView management, control and data framesMulti-channel aggregation (with multiple adapters)
We're pleased to release our new and Improved Icons of the Web project—a 5-gigapixel interactive collage of the top million sites on the Internet! We've also launched a Kickstarter for a 36x24 inch poster version, but you need to order by January 17! Nmap has been discovered in two new movies! It's used to hack Matt Damon's brain in Elysium and also to launch nuclear missiles in G.I. Joe: Retaliation!
chkrootkit is a tool to locally check for signs of a rootkit. It contains: chkrootkit: shell script that checks system binaries for rootkit modification. ifpromisc.c: checks if the interface is in promiscuous mode. chklastlog.c: checks for lastlog deletions.
The goal of the Glasnost project is to make ISPs' traffic shaping policies transparent to their customers. To this end, we designed Glasnost tests that enable you to check whether traffic from your applications is being rate-limited (i.e., throttled) or blocked. Glasnost tests work by measuring and comparing the performance of different application flows between your host and our measurement servers. The tests can detect traffic shaping in both upstream and downstream directions separately. The tests can also detect whether application flows are shaped based on their port numbers or their packets' payload. For more details on how Glasnost tests work, please read our NSDI 2010 paper. Glasnost: Test if your ISP is shaping your traffic
SQL Injection Walkthrough 1.0 Introduction When a machine has only port 80 opened, your most trusted vulnerability scanner cannot return anything useful, and you know that the admin always patch his server, we have to turn to web hacking. SQL injection is one of type of web hacking that require nothing but port 80 and it might just work even if the admin is patch-happy. It attacks on the web application (like ASP, JSP, PHP, CGI, etc) itself rather than on the web server or services running in the OS. This article does not introduce anything new, SQL injection has been widely written and used in the wild. We wrote the article because we would like to document some of our pen-test using SQL injection and hope that it may be of some use to others.
A customer asked that we check out his intranet site, which was used by the company's employees and customers. This was part of a larger security review, and though we'd not actually used SQL injection to penetrate a network before, we were pretty familiar with the general concepts. We were completely successful in this engagement, and wanted to recount the steps taken as an illustration. "SQL Injection" is subset of the an unverified/unsanitized user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it's straightforward to create some real surprises.
My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun. I'm starting here by splitting the network into two parts, the trusted half and the untrusted half. The trusted half has one netblock, the untrusted a different netblock.
Is Hiding Your Wireless SSID Really More Secure?
SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form .
Three locks for your SSH door Introduction If you require remote access to your computer and you enable Secure Shell (SSH) connections, you must accept that you will automatically attract hackers who will try to break your defenses and take command of your machine. Although there's no guarantee that your machine won't be "0wn3d" by a "h4x0r," a few simple solutions can help reinforce your SSH door and make life a bit more difficult for anybody trying to break in.
Zenmap is the official Nmap Security Scanner GUI. It is a multi-platform (Linux, Windows, Mac OS X, BSD, etc.) free and open source application which aims to make Nmap easy for beginners to use while providing advanced features for experienced Nmap users. Frequently used scans can be saved as profiles to make them easy to run repeatedly. A command creator allows interactive creation of Nmap command lines. Zenmap - Official cross-platform Nmap Security Scanner GUI
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic. Wed Sep 25 2013 - Released the first version of Smarter Wi-Fi Manager for Android - Automatically learn where you use Wi-Fi and keep the radio disabled when you aren't near a known spot.Mon Apr 08 2013 - Kismet-2013-03-R1b released. Somehow the latest configure script didn't get into the R1 release so it blew up on libnl1 detection; No code changes, no package changes.Wed Mar 27 2013 - Kismet-2013-03-R1 released!
Yes, the time has come again – for a new kernel, and a new release of BackTrack. Codenamed “Nemesis”. This release is our finest release as of yet with faster Desktop responsiveness, better hardware support, broader wireless card support, streamlined work environment. We could go on for pages on saying how great the new version is, but we’ll cut to the chase, and give you the run down: BackTrack 4 R2 download available