Semantic search

Jump to: navigation, search

Edit query Show embed code

The query [[Security::system]] was answered by the SMWSQLStore3 in 0.0065 seconds.

Results 1 – 20    (Previous 20 | Next 20)   (20 | 50 | 100 | 250 | 500)   (JSON | CSV | RSS | RDF)

Authorized Entities Directory (Æ-DIR) is a Privileged Identity and Access Management (IAM/PIM/PAM) based on OpenLDAP Objectives:
  • Strictly follow need to know and least privilege principles
  • Agile data maintenance by consequent delegation of manageable small areas
  • Provide meaningful audit trails for compliance checks
  • Secure defaults
'afick' is a multi-platform file integrity checker. It works by first creating a database that represents a snapshot of the essential parts of your computer system. You then run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). It shows new, deleted and changed files (rights, owner, size, content).
'AntiExploit' scans for well known exploit files. It currently recognizes over 1700 suspicious files, and the database is updated weekly. It is not meant to be a IDS or high-profile security-application, but rather an extension to other security checks. 'aexpl' was developed for a freeshell-server to track script-kiddies.
BleachBit deletes unnecessary files to free valuable disk space, maintain privacy, and remove junk. It removes cache, Internet history, temporary files, cookies, and broken shortcuts. Some common uses include:
  • Free disk space
  • Reduce the size of backups and the time to create them by removing unnecessary files
  • Maintain privacy
  • Improve system performance (by vacuuming your browser's database, for example)
  • Prepare whole disk images for compression (common for "ghost" backups and virtual machines) by wiping free disk space
Add security to your desktop by automatically locking and unlocking the screen when you and your phone leave/enter the desk. Think of a proximity detector for your mobile phone or other device via bluetooth.
Bunny the Fuzzer
* " IMPORTANT: This project (Bunny the Fuzzer) is superseded by American Fuzzy Lop " A closed loop, high-performance, general purpose protocol-blind fuzzer for C programs. Uses compiler-level integration to seamlessly inject precise and reliable instrumentation hooks into the traced program. These hooks enable the fuzzer to receive real-time feedback on changes to the function call path, call parameters, and return values in response to variations in input data. This architecture makes it possible to significantly improve the coverage of the testing process without a noticeable performance impact usually associated with other attempts to peek into run-time internals. Bunny is currently known to support GNU/Linux, FreeBSD, OpenBSD, and Cygwin on IA32 and IA64 systems.
cage is a replacement for the chroot(8) utility. Like chroot, cage changes its root directory to the one specified and then executes your application. Before execing, however, cage drops all privileges that would let the program escape its jail.
'changedfiles' is a framework for filesystem replication, security monitoring, and/or automatic file transformations--anything where you'd poll files or directories and then do something to them or send them somewhere else (or both). The difference is, the kernel tells you when they change, instead of you having to poll. It is also an easy real time FTP push mirror to one or multiple sites. 'changedfiles' has a kernel module (works with Linux kernel version 2.4) which reports to a device whenever a file on the filesystem changes, and a daemon which runs in user space and can be configured to do almost anything when a change to a file matching one of the patterns it looks for is reported.
chkrootkit is a tool to locally check for signs of a rootkit. It contains programs to check for modified system binaries, signs of LKM trojans and more. It currently detects 60 rootkits, worms and LKMs.
Chroot safe
'chroot_safe' is a alternative method for chrooting dynamically linked applications. It delays the chrooting until after dynamic linking has completed, so you don't need to have a copy of the binary or libraries within the chroot. This simplifies the process of chrooting an application, as you often do not need any files besides the data files within the chroot. In addition to chrooting the application, 'chroot_safe' also drops root privileges before letting the application start.
Scans log files and emails infected hosts
ryptsetup is utility used to conveniently setup disk encryption based on dm-crypt kernel module, including plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format. Cryptsetup is backwards compatible with the on-disk format of cryptoloop, but also supports more secure formats. This package includes support for automatically configuring encrypted devices at boot time via the config file /etc/crypttab. Additional features are cryptoroot support through initramfs-tools and several supported ways to read a passphrase or key.
dsacheck is a python program that will check all the packages on a Debian system. Dsacheck will download dynamically the DSA (Debian Security Alert) news from the security webpage and build a list that will be compared to the locally installed packages. You can use it easily in a CRON job.
Easy integrity check system is an easy-to-install and use file integrity system. It is meant to be used by system administrators to aid with intrusion detection.
EncFS is an encrypted pass-through filesystem which runs in userspace on GNU/Linux (using the FUSE kernel module). Similar in design to CFS and other pass-through filesystems, all data is encrypted and stored in the underlying filesystem. Unlike loopback filesystems, there is no predetermined or pre-allocated filesystem size.
Fenris is a multipurpose tracer, GUI debugger, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics - providing a structural program trace, interactive debugging capabilities, general information about internal constructions, execution path, memory operations, I/O, conditional expressions and more. Fenris can do traditional, instruction by instruction or breakpoint to breakpoint interactive debugging enhanced by additional structural data about the code delivered to the user; it is able to fingerprint functions in static binaries, reconstruct symbol tables in ELF files based on that information, automatically detect common library code; able to deliver text-based and graphical, browsable output that documents different aspects of program activity on different abstraction layers; able to perform partial analysis of single structural blocks.
File Integrity Command & Control (FICC) helps system administrators manage multiple Tripwire installations. It maintains MD5 hashes for three key Tripwire files and verifies that the MD5 checksum of these key files against the signatures in its file checksum database. If they match, it then connects to the host via SSH and runs Tripwire. If any signatures do not match, an email is sent to the "FICC administrator" of the system in question.
This is a candidate for deletion: broken links, can't find elsewhere, not on, my email to maintainer was returned to sender. Danm (talk) 14:19, 1 November 2017 (EDT) GSsh is a Gnome frontend to ssh. It keeps track of the hosts you visit and remembers the username, so logging in is only a few mouse clicks away. Most of ssh's command line parameters can be set from a settings dialog.
gnoMint is a tool for easily creating and managing certification authorities. It provides fancy visualization of all the pieces of information that pertain to a CA, such as x509 certificates, CSRs, and CRLs. gnoMint is currently capable of managing a CA that emits certificates that are able to authenticate people or machines in VPNs (IPSec or other protocols), secure HTTP communications with SSL/TLS, authenticate and cipher HTTP communications through Web-client certificates, and sign or crypt email messages.
'grsecurity' is a complete security system for Linux 2.4 that implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs with least privilege via its process-based ACL system, hardens syscalls, and provides many of the OpenBSD randomness features. It has auditing capabilities and a netfilter module designed to thwart portscans and OS fingerprinting.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.