Security Tools News & Tips

Juniper Networks® NSMXpress is an appliance version of Juniper Networks Network and Security Manager (NSM). It simplifies the complexity of security device administration by providing a single integrated management interface that controls every device parameter. This robust hardware management system installs in minutes with full High Availability (HA) support, which also makes it easy to scale and deploy. Enterprise customers with limited resources can benefit significantly from NSMXpress. That is because it eliminates the need to have dedicated resources for maintaining a security management solution. NSMXpress makes it easy for administrators to control all aspects of Juniper Networks firewall/VPN, SA Series SSL VPN Appliances, IC Series Unified Access Control Appliances, J Series Services Routers, EX Series Ethernet Switches, and IDP Series Intrusion Detection and Prevention Appliances which include device configuration, network settings and security policy.

• More information or Write a review...(0)

Juniper Networks IDP Series Intrusion Detection and Prevention Appliances offer the latest capabilities in network intrusion prevention to protect the network from a wide range of attacks. Using industry-recognized stateful detection and prevention techniques, the IDP Series provides zero-day protection against worms, trojans, spyware, keyloggers, and other malware.

• More information or Write a review...(0)

NS2HTML is a tool created to convert the config file extracted from Netscreen devices into friendly HTML rulebases. It is a free tool developed from the need of gathering data from policies used at ancient firewalls under administration. It is developed under GPL license. It’s totally free, under the license terms.

• More information or Write a review...(0)

AutoScan-Network is a network discovering and managing application. No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network. It’s a free software and can be installed on Windows, Linux, Mac, Solaris and Maemo 4.

• More information or Write a review...(0)

Wireshark is the world’s foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998. It started as Ethereal but was later re-branded as Wireshark due to trademark issues.

• More information or Write a review...(0)

Turtle Firewall is a software which allows you to realize a Linux firewall in a simply and fast way. It’s based on Kernel 2.4.x/2.6.x and Iptables. Its way of working is easy to understand: you can define the different firewall elements (zones, hosts, networks) and then set the services you want to enable among the different elements or groups of elements. You can do this simply editing a XML file or using the comfortable web interface Webmin. Turtle Firewall is an Open Source project written using the perl language and realeased under GPL version 2.0 by Andrea Frigido (Frisoft).

• More information or Write a review...(1)

Babel Enterprise is a systems auditing tool. Babel performs a security level check of the machine, or hardening. The check consists of a number of auditing tests that obtain a snap of the security status of each machine. The result is a security index of the system that is given after each execution. Babel Enterprise has a version of its agent for each of the latest Microsoft operating systems, Windows 2003 and Windows XP, and the main Unix system: Solaris 10, AIX 5.x, SUSE GNU/Linux 9 ES and Ubuntu Dapper, although they can be easily adapted to different versions and other UNIX OSs (such as BDS or HP-UX ).

• More information or Write a review...(1)

Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment Language. The Sussen project is comprised of three main components:

Interpreter – This library can analyze a system using OVAL definition files. It comes with documentation and a test suite. All the other components depend on it. This can also be used by application developers who wish to add this kind of functionality to their applications.
Applet – A GNOME-based applet for your desktop. Allows users to easily scan their systems for vulnerabilities.
Agent – A command line program for scanning a system.

The interpreter takes a set of OVAL definitions and starts to collect characteristics and configuration information about the target system. These are non-destructive probes and are not running any exploit code. After the data collection is complete it analyzes each OVAL definition and sees if the conditions were met on the target system. When the analysis is complete the results are presented to the user.

• More information or Write a review...(1)

Linux systems, as many others in the Unix family, have a well-known lack of access control. There is a small granularity of discretionary access rights, only dividing between read, write and execute rights for file owner, and file group members. The RSBAC (Rule Set Based Access Control) framework solves this access control deficiency by giving detailed access control information, and you can implement almost any access control model in it, e.g. as a runtime registered kernel module. Also, there is a powerful logging system which makes intrusion attempts easily detectable.

• More information or Write a review...(1)

The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities. The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in ftest.conf, with a signature in the data part while the sniffer listens for such marked packets. The scripts both write a log file which is in the same form for both scripts. A diff of the two produced files (ftest.log and ftestd.log) shows the packets that were unable to reach the sniffer due to filtering rules if these two scripts are ran on hosts placed on two different sides of a firewall. Stateful inspection firewalls are handled with the ‘connection spoofing’ option. A script called freport is also available for automatically parse the log files.

• More information or Write a review...(0)