Security Tools News & Tips

Turtle Firewall

Niranjan — Tue, 07 Aug 2007 03:22:04 +0000

Turtle Firewall is a software which allows you to realize a Linux firewall in a simply and fast way. It’s based on Kernel 2.4.x/2.6.x and Iptables. Its way of working is easy to understand: you can define the different firewall elements (zones, hosts, networks) and then set the services you want to enable among the different elements or groups of elements. You can do this simply editing a XML file or using the comfortable web interface Webmin. Turtle Firewall is an Open Source project written using the perl language and realeased under GPL version 2.0 by Andrea Frigido (Frisoft).

Turtle Firewall Homepage

Share This

Babel Enterprise

Niranjan — Mon, 06 Aug 2007 03:48:18 +0000

Babel Enterprise is a systems auditing tool. Babel performs a security level check of the machine, or hardening. The check consists of a number of auditing tests that obtain a snap of the security status of each machine. The result is a security index of the system that is given after each execution. Babel Enterprise has a version of its agent for each of the latest Microsoft operating systems, Windows 2003 and Windows XP, and the main Unix system: Solaris 10, AIX 5.x, SUSE GNU/Linux 9 ES and Ubuntu Dapper, although they can be easily adapted to different versions and other UNIX OSs (such as BDS or HP-UX ).

Babel Enterprise Homepage

Share This

File Shredder

Niranjan — Fri, 03 Aug 2007 03:27:48 +0000

File Shredder is free desktop application for shredding (destroying) unwanted files beyond recovery. With File Shredder you can remove files from your hard drive without fear they could be recovered. There are quite a few software tools today for retrieval of deleted files under Windows OS. Those tools, often referred to as “file recovery” software, are taking advantage of shortcoming of WIndows “delete” command that we all use regularly to delete files. Actually, the “delete” operation in Windows only removes bits of information from files so they appear deleted in OS. It is easy to retrieve those files using aforementioned specialized file recovery software. In order to remove, or shred files permanently from your system you have to use a program that is capable of rewriting the files with random series of binary data multiple times. This process is often called shredding. That way, the actual content of the file has been overwritten and the possibilities to recover such a shredded file are mostly theoretical.

File Shredder Homepage

Share This

McAfee Rootkit Detective

Niranjan — Thu, 02 Aug 2007 02:32:44 +0000

McAfee Rootkit Detective 1.0 is a free program designed and developed by McAfee Avert Labs to proactively detect and clean rootkits that are running on the Windows system. This program is not dependent on any signatures and can proactively detect most of the existing and upcoming rootkits and allow the user to clean them. Some of the features of Rootkit Detective:
* Designed to proactively detect the system objects like processes, files and registry that are hidden to the user.
* Provides information about all running processes in the system.
* Provides information about various system hooks like SSDT(System Service Descriptor Table) hooks, user/kernel IAT/EAT(Import/Export Address Table) hooks.
* Allows the user to clean/remove the malicious objects from the system by renaming/deleting the hidden files/registry.
* Allows the user to terminate the malicious processes.
* Users can submit samples using the submission feature present in the tool.
* Users can also collect the samples manually after renaming them and submit to stinger@avertlabs.com for further analysis.

McAfee Rootkit Detective Homepage

Share This

Sussen

Niranjan — Wed, 01 Aug 2007 08:56:44 +0000

Sussen is a tool that checks for vulnerabilities and configuration issues on computer systems. It is based on the Open Vulnerability and Assessment Language. The Sussen project is comprised of three main components:

Interpreter - This library can analyze a system using OVAL definition files. It comes with documentation and a test suite. All the other components depend on it. This can also be used by application developers who wish to add this kind of functionality to their applications.
Applet - A GNOME-based applet for your desktop. Allows users to easily scan their systems for vulnerabilities.
Agent - A command line program for scanning a system.

The interpreter takes a set of OVAL definitions and starts to collect characteristics and configuration information about the target system. These are non-destructive probes and are not running any exploit code. After the data collection is complete it analyzes each OVAL definition and sees if the conditions were met on the target system. When the analysis is complete the results are presented to the user.

Sussen Homepage

Share This

Active Virus Shield

Niranjan — Tue, 31 Jul 2007 03:27:19 +0000

Active Virus Shield is a free service from AOL that protects your pc from viruses and spywares. It uses Kaspersky Advanced detection technology to help stop known and new viruses, spyware and other malware before they attack you. It has all the features of a commercial anti-virus; always-on, automatically checks for updates every hour- providing real-time scanning and protection against virus threats. Easy-to-install, works with most Windows® operating systems. (Windows 98, 2000, ME, XP & Vista).

Active Virus Shield Homepage

Share This

SQL Power Injector

Niranjan — Mon, 30 Jul 2007 07:00:58 +0000

SQL Power Injector is an application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page. For now it is SQL Server, Oracle, MySQL, Sybase/Adaptive Server and DB2 compliant, but it is possible to use it with any existing DBMS when using the inline injection (Normal mode). Indeed, the normal mode is basically the SQL command that someone will put in the parameter sent to the server.

SQL Power Injector Homepage

Share This

Secunia Personal Software Inspector (Beta)

Niranjan — Fri, 27 Jul 2007 02:20:14 +0000

The Secunia Personal Software Inspector (Beta) detects installed software and categorises your software as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors. Highlights of The Secunia PSI: The Secunia PSI will be available free of charge; Calculates your unique Secunia System Score; Automatically scans your computer; Enables you to update Insecure/End-of-Life software; Provides Direct Download Links to security updates & patches; Detects and advises on more than 4,200 applications; Direct correlation between thousands of Secunia Advisories and your specific system and software; Secure SSL encrypted connection to Secunia.

Secunia PSI Homepage

Share This

RSBAC

Niranjan — Thu, 26 Jul 2007 02:36:26 +0000

Linux systems, as many others in the Unix family, have a well-known lack of access control. There is a small granularity of discretionary access rights, only dividing between read, write and execute rights for file owner, and file group members. The RSBAC (Rule Set Based Access Control) framework solves this access control deficiency by giving detailed access control information, and you can implement almost any access control model in it, e.g. as a runtime registered kernel module. Also, there is a powerful logging system which makes intrusion attempts easily detectable.

RSBAC Homepage

Share This

LCP

Niranjan — Mon, 23 Jul 2007 05:27:28 +0000

LCP is a free Windows password cracker created to replace the very popular L0phtCrack since Symantec stopped it’s development. LCP uses combination of dictionary and brute force attacks to guess the passwords. LCP can crack common passwords in matter of seconds, the more advanced passwords with numbers and characters take longer. LCP helps administrators to identify and remediate security vulnerabilities that result from the use of weak or easily guessed passwords. It also helps to recover lost passwords and to streamline migration of users to another authentication system.

Download LCP

Share This