Semantic search

Jump to: navigation, search
Search

Edit query Show embed code

The query [[Security::system]] was answered by the SMWSQLStore3 in 0.0066 seconds.


Results 11 – 76    (Previous 250 | Next 250)   (20 | 50 | 100 | 250 | 500)   (JSON | CSV | RSS | RDF)


CodeBlue
Scans log files and emails infected hosts
Cryptsetup
ryptsetup is utility used to conveniently setup disk encryption based on dm-crypt kernel module, including plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format. Cryptsetup is backwards compatible with the on-disk format of cryptoloop, but also supports more secure formats. This package includes support for automatically configuring encrypted devices at boot time via the config file /etc/crypttab. Additional features are cryptoroot support through initramfs-tools and several supported ways to read a passphrase or key.
DsaCheck
dsacheck is a python program that will check all the packages on a Debian system. Dsacheck will download dynamically the DSA (Debian Security Alert) news from the security webpage and build a list that will be compared to the locally installed packages. You can use it easily in a CRON job.
EICS
Easy integrity check system is an easy-to-install and use file integrity system. It is meant to be used by system administrators to aid with intrusion detection.
EncFS
EncFS is an encrypted pass-through filesystem which runs in userspace on GNU/Linux (using the FUSE kernel module). Similar in design to CFS and other pass-through filesystems, all data is encrypted and stored in the underlying filesystem. Unlike loopback filesystems, there is no predetermined or pre-allocated filesystem size.
Fenris
Fenris is a multipurpose tracer, GUI debugger, stateful analyzer and partial decompiler intended to simplify bug tracking, security audits, code, algorithm, protocol analysis and computer forensics - providing a structural program trace, interactive debugging capabilities, general information about internal constructions, execution path, memory operations, I/O, conditional expressions and more. Fenris can do traditional, instruction by instruction or breakpoint to breakpoint interactive debugging enhanced by additional structural data about the code delivered to the user; it is able to fingerprint functions in static binaries, reconstruct symbol tables in ELF files based on that information, automatically detect common library code; able to deliver text-based and graphical, browsable output that documents different aspects of program activity on different abstraction layers; able to perform partial analysis of single structural blocks.
Ficc
File Integrity Command & Control (FICC) helps system administrators manage multiple Tripwire installations. It maintains MD5 hashes for three key Tripwire files and verifies that the MD5 checksum of these key files against the signatures in its file checksum database. If they match, it then connects to the host via SSH and runs Tripwire. If any signatures do not match, an email is sent to the "FICC administrator" of the system in question.
GSsh
This is a candidate for deletion: broken links, can't find elsewhere, not on archive.org, my email to maintainer was returned to sender. Danm (talk) 14:19, 1 November 2017 (EDT) GSsh is a Gnome frontend to ssh. It keeps track of the hosts you visit and remembers the username, so logging in is only a few mouse clicks away. Most of ssh's command line parameters can be set from a settings dialog.
GnoMint
gnoMint is a tool for easily creating and managing certification authorities. It provides fancy visualization of all the pieces of information that pertain to a CA, such as x509 certificates, CSRs, and CRLs. gnoMint is currently capable of managing a CA that emits certificates that are able to authenticate people or machines in VPNs (IPSec or other protocols), secure HTTP communications with SSL/TLS, authenticate and cipher HTTP communications through Web-client certificates, and sign or crypt email messages.
Grsecurity
'grsecurity' is a complete security system for Linux 2.4 that implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs with least privilege via its process-based ACL system, hardens syscalls, and provides many of the OpenBSD randomness features. It has auditing capabilities and a netfilter module designed to thwart portscans and OS fingerprinting.
Gvpe Heckert gnu.tiny.png
gvpe is a suite designed to provide a virtual private network for multiple nodes over an untrusted network. It works by creating encrypted host-to-host tunnels between multiple endpoints. GVPE (GNU VPE) is an acronym standing for GNU Virtual Private Ethernet.
Hashlet
Hashlet is an application with a Command Line Interface (CLI) that controls the Cryptotronix Hashlet. The Cryptotronix Hashlet is open source hardware that implements SHA256, provides a hardware random number generator, and stores 256 bit keys in read and write protected memory. The hardware is designed for a BeagleBone Black but can be uses on an embedded GNU/Linux system that supports the I2C protocol and can supply 3.3 or 5 Volts to the device
Hping
'Hping' sends custom ICMP/UDP/TCP packets and displays target replies. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under supported protocols. With 'Hping', you can test firewall rules, perform [spoofed] port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, tranfer files (even between really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, and audit a TCP/IP stack.
IP Sentinel
'IP Sentinel' is a tool that tries to prevent unauthorized usage of IP addresses within an ethernet broadcast domain by answering ARP requests. After receiving faked replies, requesting parties store the MAC in their ARP tables and will send future packets to this invalid MAC, rendering the IP unreachable.
IPFC
This is a candidate for deletion: broken links, can't find software elsewhere, software not on archive.org, developer said via email that it can be deleted. Danm (talk) 12:53, 29 October 2017 (EDT) IPFC is software and a framework to manage and monitor multiple types of security modules across a global network. Modules can be packet filters (like netfilter, pf, ipfw, IP Filter, checkpoint FW1, etc.), NIDS (Snort, arpwatch, etc.), Web servers, or other general devices (from servers to embedded devices). It features log collection for different security "agents", dynamic log correlation possibilities, and easy extensibility due to the generic database and XML message formats used.
IceCat/FreeSpeechMe
FreeSpeechMe is a Free Software plug-in for IceCat that allows people to effortlessly view Dot-Bit websites. It works on GNU/Linux and Windows. Dot-Bit (.bit) is a new top-level domain that, unlike Dot-Com, Dot-Net, Dot-UK, etc., is NOT controlled by any government or corporation. FreeSpeechMe works over the distributed blockchain of the inexpensive cryptocurrency, Namecoin (a derivative of BitCoin). Namecoin is not generally traded as currency. It exists primarily for the purpose of decentralized DNS. Domains currently cost about 10 cents US of Namecoin to register. Before FreeSpeechMe, viewing Dot-Bit websites required changing DNS settings, and using non-vetted public DNS servers. FreeSpeechMe doesn't require changing DNS settings, so it is much more secure. Newly registered Dot-Bit websites can be viewed within three hours worldwide with FreeSpeechMe. IP or Nameserver update changes to an existing Dot-Bit website are viewable worldwide within 40 minutes. This isn't just "a plug-in." FreeSpeechMe, Dot-Bit and Namecoin are a complete new Internet ecosystem, free of the constraints of ICANN and the like. Please see tech FAQ for full list of improvements and implementations we're planning on for FreeSpeechMe and Namecoin: http://www.freespeechme.org/advanced-faq/
Incident.pl
Homepage has new owner. Links broken. Homepage redirected to archive.org entry. Email to maintainer broken. Poppy-one (talk) 13:20, 5 August 2018 (EDT) 'incident'.pl is a small script that, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
Integrit
Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. It creates a database that is a snapshot of the essential parts of your computer system. You put the database somewhere safe, and then use it to make sure that no one has made illicit modifications to the computer system. If there's a break in, you know exactly which files have been modified, added, or removed. Current features include a small memory footprint, a simple and modular design (for a faster learning curve), up-to-date cryptographic algorithms, cascading rulesets, output that can be XML or a human-readable form that can be scanned, an option to reset access times, simultaneous check and update, and a design that is meant for unattended use.
LSAT
Linux Security Auditing Tool (LSAT) is a post install security auditing tool for systems using the Linux kernel. It is modular in design, so new features can be added quickly. It checks many system configurations and local network settings on the system for common security/config errors and for unneeded packages.
Laplock
Laplock, Lock my computer with a SD-Card! Laplock does not only save your laptop, but will also save your files. The Idea: A special SD-Card in your box and anything will run just normal to work with. Pull out the card (someone is knocking at the door) and the box is locked, so there is no way to access it anymore. Furthermore the laptop will not start if the card is not inside. Quite important, if the laptop "gets lost" for some reason.
Librecmc
libreCMC is an embedded GNU/Linux distro with the focus of providing a platform that is 100% free software and that does not contain non-free blobs. While libreCMC is currently a hard fork of the popular OpenWRT project, it uses a linux-libre kernel and does not contain non-free parts.
Linux-libre Heckert gnu.tiny.png
Linux-libre is a version of the Linux kernel suitable for use with the GNU Operating System. It removes non-free components from Linux, that are disguised as source code or distributed in separate files. It also disables run-time requests for non-free components, shipped separately or as part of Linux, and documentation pointing to them. The GNU Linux-libre project takes a minimal-changes approach to cleaning up Linux, making no effort to substitute components that need to be removed with functionally equivalent free/libre ones.
Lynis
Lynis is an auditing and hardening tool for Unix derivatives like Linux/BSD/Solaris. It scans systems to detect software and security issues. Besides security-related information, it will also scan for general system information, installed packages, and possible configuration mistakes. The software is aimed at assisting automated auditing, software patch management, and vulnerability and malware scanning of Unix-based systems.
MacSSH
SSH2, version 2 of the Secure Shell protocols, lets you connect to a remote computer through a strongly encrypted and authenticated TCP/IP connection. This is a Macintosh version for SSH.
Mandos
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote and/or unattended reboots. Wouldn’t it be great if you could have the security of encrypted root file systems and still have servers that could boot up automatically if there was a short power outage while you were asleep? That you could reboot at will, without having someone run over to the server to type in the password? Well, with Mandos, you (almost) can! The gain in convenience will only be offset by a small loss in security. The setup is as follows: The server will still have its encrypted root file system. The password to this file system will be stored on another computer (henceforth known as the Mandos server) on the same local network. The password will *not* be stored in plaintext, but encrypted with OpenPGP. To decrypt this password, a key is needed. This key (the Mandos client key) will not be stored there, but back on the original server (henceforth known as the Mandos client) in the initial RAM disk image. Oh, and all network Mandos client/server communications will be encrypted, using TLS (SSL).
MasterPassword
Most password managers are password vaults: they let you store or generate a strong password for your services and then encrypt that key and store it for later retrieval. This approach presents many problems, in particular in the modern mobile age, that result in many frustrations: * Vault availability: If your vault is not available, you cannot use any of your services. * Added risk of identity loss: If you lose (eg. HDD failure/house fire) your vault, you instantly lose your entire online identity. * Force of law: Many countries have laws that require you to divulge the encryption key if a lawful search discovers your vault. Some password vaults implement features to try and address these issues, such as Internet sync, cloud-based vaults or backups and self-destructing vaults. These features all work around issues inherent to the solution and bring their own set of issues: * Network sync: Keeping data secure in transit is non-trivial and adds security risks. * Backups: Requires that you keep multiple locations secure from loss and theft, as well as the vault in transit. * Cloud-based services: Requires you to trust an external party and sacrifices transparency and freedom. * Defensive destruction: Reliability issues and again, risk total identity loss. Master Password is a completely different approach to passwords. The core issue that brings forth these problems is the vault used to store passwords. Master Password removes the vault from the solution by being a stateless solution, thus avoiding each of these issues. Master Password works by being an offline and stateless algorithm used to calculate your site passwords on-demand. Your passwords exist only as long as you need them and then disappear from disk and memory. Passwords are calculated based on a master password and the user's full name, combined with the name of the site. Calculation is based on strong, known and understood cryptographic hashes. Hash-based password generation is not new, but Master Password is a careful implementation that avoids many issues that other hash-based password managers suffer from. Cryptography is not easy and upon inspection, the security of most hash-based password generators completely falls apart. Master Password uses scrypt combined with hmac-sha256 and salting to prevent all known attack vectors.
Monkeysphere
The Monkeysphere project's goal is to extend OpenPGP's web of trust to new areas of the Internet to help us securely identify each other while we work online. Specifically, monkeysphere currently offers a framework to leverage the OpenPGP web of trust for OpenSSH authentication. In other words, it allows you to use secure shell as you normally do, but to identify yourself and the servers you administer or connect to with your OpenPGP keys. OpenPGP keys are tracked via GnuPG, and monkeysphere manages the known_hosts and authorized_keys files used by OpenSSH for authentication, checking them for cryptographic validity.
NMIS
NMIS performs multiple network management functions from the OSI Model and International Organization for Standardization FCAPS model, these being - Fault, Configuration, Accounting and/or Administration, and Performance. These metrics provide valuable capabilities and features for fault and performance management, which in turn are useful for many other aspects of network and business management. NMIS monitors the status and performance of an organization’s IT environment, assists in rectification and identification of faults and provides valuable information for IT departments to plan expenditure and IT changes. The NMIS business rules engine classifies events on their business impact, not just the technical nature. The rules engine is extremely powerful; however it can be configured in minutes for a network with a small number of devices to hours for networks with large numbers of devices.
Nabou
'nabou' monitors changes to files and directories on your system using MD5 checksums. It can also watch crontabs, suid files, and user accounts for changes. It stores all data in standard dbm databases. 'nabou' is highly configurable; you can exclude files from being checked, configure which file attributes it should look for, use custom checks, and more.
NetCube
NetCube (a.k.a. Jeff's version of The Spinning Cube of Potential Doom) is a python utility for visualizing network traffic in a 3d simulation. The x, y, and z axes correspond to the source IP address, the port number, and the destination IP address, respectively. This applies only to TCP and UDP traffic, of course, but that's the bulk of the traffic out there! Why bother? Well for one, visualization seems to help humans in identifying port scans and the like. See the original The Spinning Cube of Potential Doom page for more info.
NetSPOC
NetSPOC is a Network Security POlicy Compiler. A tool for simplified security management of networks with multiple security domains. NetSPOC takes a description of topology, services and rules and generates access lists for multiple packet filters.
Netcat
'Netcat' is a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. It is also a network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.
Netcat6
Netcat6 is a rewrite of the well-known netcat package, adding IPv6 support. Netcat6 can act as a client or a server for TCP and UDP protocols, in IPv4 and IPv6, and aims to be efficient with its data handling and to be easily extended to other "level 3" protocols. Its primary use, like netcat, is for communications development, making it easy to make or listen for connections and see what's coming through.
Newrelic-api
Java client library for the New Relic REST APIs built using Jersey and Gson. The library implements over 110 operations across all of the available 35 New Relic services. It is primarily used by applications to automate the configuration of New Relic Monitoring, Alerting and Dashboards, but can also be used for extracting incident and metric data, executing Insights queries, or uploading plugin metrics.
Nmap
Nmap ("Network Mapper") is a utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.
Noexec
'noexec' is a package for preventing a process from exec'ing another process. It can be a useful security measure to prevent a user from escaping to a shell, and may be able to prevent some kinds of CGI exploits.
Oftpd
'oftpd' is designed to be as secure as an anonymous FTP server can possibly be. It runs as non-root for most of the time, and uses the Unix chroot() command to hide most of the systems directories from external users--they cannot change into them even if the server is totally compromised. It also contains its own directory-change and directory-listing code (most FTP servers execute the system "ls" command to list files).
Op
'op' allows fine-grained control of access to super-user privileges through easy to remember mnemonics. Its features include user and host based access control, and command expiration. Different sets of users can access different operations, and the security-related aspects of each operation can be carefully controlled.
P0f
p0f is a versatile passive OS fingerprinting and masquerade detection utility, to be used for evidence or information gathering on servers, firewalls, IDSes, and honeypots, for pen-testing, or just for the fun of it. It is a complete rewrite of p0f version 1 that used to be maintained by William Stearns.
Poink
'poink' is a TCP/IP-based ping implementation. It does not require special privileges and is designed for multiuser shell systems. It is meant to be a secure replacement for the standard IPv4 network monitoring tool.
RSBAC
Rule Set Based Access Control (RSBAC) is a security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) by Abrams and LaPadula and provides a flexible system of access control based on several modules. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which then calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.
Radius Heckert gnu.tiny.png
Radius is a server for remote user authentication and accounting. Its primary use is for Internet Service Providers, though it may as well be used on any network that needs a centralized authentication and/or accounting service for its workstations. The package includes an authentication and accounting server and administrator tools.
RazorBack
RazorBack is a log analysis program that interfaces with the SNORT Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. RazorBack is designed to work within the GNOME framework on GNU/Linux platforms.
RootkitHunter
Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every *nix clone.
Rssh
rssh is a small shell that lets system administrators give specific users access to a given system via scp or sftp only.
Slock
Simple X display locker. Really this is the simplest X screen locker we are aware of. It is stable and quite a lot people in this community are using it every day when they are out with friends or fetching some food from the local pub.
Sptrace
'sptrace' is a secure ptrace() module for Linux. It limits users' access to the ptrace() call. It can disable ptrace altogether, or if you add a ptrace group to your system, only users in that group will be able to use ptrace().
Sshdfilter
'sshdfilter' blocks ssh brute force attacks by reading sshd log output in real time and adding iptables rules based on authentication failures. Block rules are created by logging on with an invalid user name, or wrongly guessing the password for an existing account; they are removed after a week to maintain a small list of blocks. Tha package also comes with a LogWatch filter.
Sudoscript
Sudoscript is a pair of Perl scripts (sudoscriptd/sudoshell) that provide an audited root shell using sudo by logging all terminal output to log files. It lets sysadmins give users an unrestricted root shell yet not lose the audit trail.
Sussen
Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment Language
Swatd
SWATd lets you configure 'sensors' that check your PC's external environment. When enough sensors 'fail', SWATd will run a script for you. Sensors are commands or scripts that get executed repeatedly. A sensor is said to fail when its exit code makes a transition from zero (working) to non-zero (not working). This makes configuration easy and powerful. For example, you can make a sensor that checks if your website is online, and then make a command to alert you when the sensor fails.
TPMTOTP
This is a small collection of tools for allowing "remote attestation" between a computer and a phone via TOTP. It was presented during Matthew Garrett's talk on FISL (Fórum Internacional Software Livre) 16.
Tiger
TIGER is a set of Bourne shell scripts, C programs, and data files which are used to perform a security audit of Unix systems. The security audit results are useful both for system analysis (security auditing) and for real-time, host-based intrusion detection (if configured to run through cron and by sending e-mail reports).
Tinc
'tinc' is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling lets VPN sites to share information with each other over the Internet without exposing any information.
Tlock
tlock-v1.0 is simple console based utility to lock the terminal with password string provided by user, or with her login password, as needed. The password is kept in memory encrypted using crypt(3). With tlock-v1.0, a library containing function to read password string from standard input, is also distributed; this could be used by similar programs.
Tox
Tox is a peer-to-peer, encrypted instant messaging and video calling library that provides APIs for clients, including toxcore, toxav, and toxdns API libraries. This is the page about the Tox core, not a particular Tox client. Tox itself is not an instant messaging client.
Tripwire
Tripwire is a system integrity checker, a utility that compares properties of designated files and directories against information stored in a previously generated database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email reporting. Additionally, support files (databases, reports, etc.) are cryptographically signed.
UID
Provided is an implementation of a "unique" ID generator in Python. The implementation does not follow UUID or GUID standards, but rather uses available system, host, user, shell environment, process, and other ephemeral information fed into a hasher (by default MD5) to generate the ID. The system is designed to be used both as a standalone application and as a module. The data used to be fed into the hash, as well as the hashing mechanism itself, can be overridden both through the command line and programmatically by importing the module.
Uschedule
'uschedule' is a job scheduler aimed at replacing cron and which is designed to be secure. Unsafe concepts like set-user-id and set-group-id files and programs, communication between programs of different privilege levels, etc. have been removed.
Userv Heckert gnu.tiny.png
Userv allows one program to invoke another when only limited trust exists between them. It is a tool which can be used to avoid having to give other system services root privileges, and which allows users to more securely have programs provide services to others. Userv can be useful as 'glue' for system administrators as well as application authors; there are a few userv-using utilities/examples in the associated userv-utils package.
Virtual eXecuting Environment
The Virtual eXecuting Environment (VXE) protects a server proactively and lets you prevent intrusions rather than just report them. It protects the host and particular subsystems which work as superuser and can have bugs. Users can protect current software without changing its configuration. VXE also includes daemon protection, provides restricted access to command line (shell, telnet), and allows CGI hosting.
WebJob
WebJob downloads a program over HTTP/HTTPS and executes it in one unified operation. The output, if any, may be directed to stdout/stderr or a Web resource. WebJob may be useful in incident response and intrusion analysis as it provides a mechanism to run known good diagnostic programs on a potentially compromised system. It can also support various host-based monitoring solutions. The intended audience includes Incident Response (IR) Handlers and System Administrators.
Worm Warner
WormWarner is a scripts that warns hosts that are probably infected by a worm. It decides whether a host is infected by analyzing the data from the Apache log files. It currently recognizes CodeRed, Nimda, the Linux.Slapper.Worm, and the FreeBSD.Scalper.worm. Warning is done by trying to contact the SMTP server on the infected host and sending an email to the postmaster. When this fails WormWarner tries to send a warning to the ISP
WormReport
Worm Report is a script that filters out known worm hits from the access log, and puts them into their own files named for the IP/Host that has been "wormed". A report containing the count, hostname, ip, and a guess at the parent domain is printed to STDOUT to facilitate contacting these individuals. This script is useful in the short term to get the info to the people who need it. Adding a new worm requires adding a new worm hit string to the DATA section of the script, nothing so fancy (or exhaustive) as an Apache module.
Zebedee
Zebedee establishes an encrypted, compressed tunnel for TCP/IP or UDP data transfer between two systems. This protects telnet, ftp and X traffic from snooping. It has a small footprint, low wire protocol overhead, and gives significant traffic reduction by the use of compression.
Zeppoo
Zeppoo allows you to detect rootkits on the i386 architecture under Linux by using /dev/kmem and /dev/mem. It can also detect hidden tasks, modules, syscalls, some corrupted symbols, and hidden connections. Anti-Rootkits which don't use these methods can be fooled easily.


Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.