By Seán Boran (sean at boran.com) for SecurityPortal
Weekly Security Tools Digest Archive
http://securityportal.com/research/research.wst.html
To receive this digest via Email:
http://securityportal.com/subscribe.html
This is a summary of changes to free security tools over the last week.
Updates to General free tools this week include
Auditing and Intrusion Monitoring tools include
Firewalls for UNIX/Linux/BSD & Cross-platform: tools.
Tools for Linux/Unix/Cross Platform: items.
Snort v1.7
Martin Roesch & many others
http://www.snort.org
- What is snort? Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
- Snort version 1.7 has been finally released. Changes:
* Dynamic rules (rules that can turn on other rules) added
* Statistical Anomaly Detection preprocessor added
* TCP stream reassembly preprocessor added
* XML output plugin added
* Database plugin enhanced, supports Oracle DB now
* IP defragmentation preprocessor is 100% functional now on all platforms
* HTTP decode preprocessor can now detect IIS/UNICODE attacks
* Four new detection plugins(react, reference, fragbits, tos)
* Three new command line switches (-L, -I, -X)
* Improved packet printout code
* Rules language now supports IP address lists
* Arbitrary/user configurable action types now available
* Snort now dumps packet statistics to console/syslog when prompted with a SIGUSR1
* Updated documentation
* Much more!
Nessus
Renaud Deraison
http://www.nessus.orgTesters needed. Nessus 1.0.7 will be released shortly. If you have some time, download the CVS version and let me know if you encounter any problem with it.
tcpdump 3.5.2
http://www.tcpdump.orgMinor release.
Saint 3.1.3 beta1
World Wide Digital Security, Inc.
http://www.wwdsi.com/saint
Gnome Service Scan 0.6
http://feynman.mme.wilkes.edu/~xNetTools/gnome_service_scanGNOME service scan is a multi-threaded Network service scanner. You give it a start IP and a ending IP, and it scans all the IPs in between to see if a given port is open.
-- RPGen 1.1 --
RPGen generates passwords either from completely random letters and numbers (at any given length) or by taking a random word from a dictionary file, optionally with a digit placed on the end. http://www.raxpmh.org.uk/
-- Lynx 2.8.4dev.16 --
Lynx is a fully-featured WWW client for users running cursor-addressable, character-cell display devices (e.g., vt100 terminals, vt100 emulators running on PCs or Macs, or any other character-cell display). It will display HTML documents containing links to files on the local system, as well as files on remote systems running HTTP, gopher, FTP, WAIS, NNTP, finger, or cso/ph/qi servers, and services accessible via logins to telnet, tn3270, or rlogin accounts. http://lynx.browser.org/
-- Linux Trustees 2.3 --
The main goal of the Linux Trustees project is to create an advanced permission management system for Linux. The solution proposed is mainly inspired by the approach taken by Novell Netware and the Java security API. Special objects (called trustees) can be bound to every file or directory. The trustee object can be used to ensure that access to a file, directory, or directory with subdirectories is granted (or denied) to a certain user or group (or all except user or group). Trustees are like POSIX ACLs, but trustee objects can affect entire subdirectory trees, while ACLs a single file. http://trustees.sourceforge.net/
Freedom Internet Privacy Suite
http://www.freedom.net/info/linux.html
Freedom® is a flexible suite of standard features and premium services that serve to protect and secure your online privacy using sophisticated military-grade encryption. Unlike other Internet privacy solutions, Freedom gives you complete control over your personal information and online identity. The free version (Windows & Linux) includes a cookie manager, ad manager and keyword alert. The commercial version adds anonymous encrypted email and anonymous browsing and chatting ($49.95)
Note: tools announced on forums are not necessarily updates or new or free, it's just that someone posted an announcement. We try out best to only notify you only of new or updated free tools.
Seán Boran is an IT security consultant based in Switzerland and the author of the online IT Security Cookbook.
| © Copyright 2000, SecurityPortal Inc. & Seán .Boran, All Rights Reserved, Last Update: 08 January, 2001 |