Make your own free website on Tripod.com

Other Tools Page

These Tools are for Computer Security, C0VERTl, its host and ISPs are not liable for intentional misuse or problems caused by these files.

Below is a list of programs used to improve security of computers and networks, although most of these are listed for a Unix system. A good number of these programs may also have Windows, Linux, Novell versions. I will add more a more detailed description as I investigate them.

 
Abacus Sentry
Detects the use of a port scanner in real-time. Availability and Additional Info: Abacus Sentry
 
Anonftpd
anonftpd is a read-only anonymous FTP server. Availability: anonymous ftp at koobera.math.uic.edu
Additional Info: anonftd
 
Argus
Argus is a powerful tool for monitoring IP networks. It provides tools for sophisticated analysis of network activity that can be used to verify the efforcement of network security policies, network performance analysis and more. Availability: anonymous ftp at ftp.sei.cmu.edu
 
Arpwatch
An ethernet monitor program that keeps tracks of ethernet/IP address pairings.
Availability: anonymous ftp at ftp.ee.lbl.gov
 
COPS (Computer Oracle and Password System)
Identifies security risks on a Unix system. It checks for empty passwords in /etc/passwd, world-writable files, misconfigured anonymous ftp and many others.
Availability: anonymous ftp at ftp.cert.org
 
Courtney
It is a program that tries identifies the use of SATAN on a subnet. The program tcpdump will also be needed in order to run Courtney. See below for information above tcpdump.
Availability: anonymous ftp at ciac.llnl.gov Additional Info: CIAC Notes 08
 
Crack
Crack is a password cracker. Availability: www.users.dircon.co.uk
Additional Info: Crack Version v5.0 User Manual
 
Crack lib
Checks plaintext words against Crack. Availability: anonymous ftp at coast.cs.purdue.edu
 
Deslogin
Provides a more secure method for remote login than telnet or rlogin in untrusted networks. Deslogin encrypts the connection using DES. Availability: anonymous ftp at ftp.uu.net
 
Dig
Dig is a network utility which queries Domain Name Servers similar to nslookup.
Availability: anonymous ftp at venera.isi.edu
 
Drawbridge
Powerful bridging filter package. Availability: anonymous ftp at net.tamu.edu
 
Fcheck
It is an open source PERL script providing intrusion detection and policy enforcement of Windows 95/98/NT/3.x and Unix server administration through the use of comparative system snapshots.
Additional Info: anonymous ftp at The Fcheck Homepage
Fping
An efficient way to test whether a large number of hosts are up. Availability: anonymous ftp at slapshot.stanford.edu
 
Icmpinfo
It displays unusual ICMP messages received by a host and this can be used to detect suspicious network activity. Availability: anonymous ftp at hplyot.obspm.fr Additional Info: icmpinfo man page
 
ISS
Checks hosts within a specified range of IP address for various security vulnerabilities in sendmail, anonymous FTP setup, NFS and many more. Availability: anonymous ftp at info.cert.org
Additional Info: CERT Advisory 93:14.Internet.Security.Scanner
 
IPACL
Filters incoming and outgoing TCP and UDP in a SVR4/386 kernel.Availability: anonymous ftp at ftp.porcupine.org
 
Jetmon
Java based client-server link monitoring tool fo rNOC operations.
Availability and Additional Info: Home of Jetmon
Kerberos
Kerberos is an authentication system used to protect security networks. (Export restricted)
Availability: web.mit.edu Additional Info: Kerberos: The Network Authentication Protocol
 
Klaxon
It is a daemon that is used to identify the use of port scanners like ISS and SATAN.
Availability: anonymous ftp at ftp.eng.auburn.edu
 
L6
Provides a flexible and intelligent interface for periodic integrity checks of data using Perl
Availability: anonymous ftp at L6 Additional Info: L6
 
Logdaemon
Replacement for system ftp, rlogin, rexec, rsh daemons and login program that have added security features such as login in failures and S/Key one-time passwords support.
Availability: anonymous ftp at ftp.porcupine.org Additional Info: Wietse's tools and papers
 
Logsurfer
Analyzes any text-based log files real-time using contexts and executes a corresponding action.
Availability: anonymous ftp at ftp.cert.dfn.de Additional Info: Lo gsurfer Homepage
Lsof
Displays all open files on a UNIX system. Availability: anonymous ftp at vic.cc.purdue.edu
 
Mangle
It is a utility that either checks existing passwords for weakness or forces users to choose good passwords. Availability: anonymous ftp at ftp.informatik.uni-erlangen.de Additional Info: Readme file for Mangle
 
Mason
Mason is a tool that interactively builds a firewall using Linux' ipfwadm or ipchains firewalling. You leave mason running on the firewall machine while you are making all the kinds of connections that you want the firewall to support (and want it to block). Mason gives you a list of firewall rules that exactly allow and block those connections. Availability: Mason
Merlin
Merlin is an interface to five popular security package to make it easier to analyze and manage the data. Availability: anonymous ftp at ciac.llnl.gov Additional Info: Merlin Information
 
MD5
MD5 is a hash function using to the authenticity of a file. Availability: anonymous ftp at rsa.com
Additional Info: RFC 1544, www.rsa.com
 
MIME Object Security Services (MOSS)
It is an extension of Multi-purpose Internet Mail Extensions (MIME) that provides authentication, integrity, and confidentiality of an email message. (export restricted) Availability: anonymous ftp at ftp.tis.com
Additional Info: MOSS FAQ
 
The Nessus Project
The "Nessus" Project is a free, powerful, up-to-date and easy to use remote security scanner.
Additional Info: The Nessus Project
 
Netlog
Network logging and monitoring of all TCP and UDP connections on a subnet. Netlog also includes tools to analyzing the output. Availability: anonymous ftp at net.tamu.edu
 
Network Security Scanner (NSS)
NSS is a perl that scans one host on subnet or an entire subnet for various simple security problems.
Availability: anonymous ftp at jhunix.hcf.jhu.edu
 
NFSWatch
NFSWatch monitors NFS requests and measures response time for each RPC.
Availability: anonymous ftp at coast.cs.purdue.edu
 
Nmap
Utility for stealthily port scanning large networks. See Syn for tracking these types of scans.
Additional Info: Information and download for Nmap
 
Npasswd
It is a replacement for the system passwd command that enforces stronger passwords.
Availability: anonymous ftp at ftp.cc.utexas.edu Additional Info: Information about npasswd
 
OPIE
This software provides the ability to generate and use one time passwords. Related tools are also available for Windows, DOS and Mac. Availability: anonymous ftp at ftp.nrl.navy.mil (may not be for public use)
 
Osh
Osh is a restricted C shell that allows the administrator to control access to files and directories and to provide logging. Availability: anonymous ftp at ftp.c3.lanl.gov Additional Info: The Operator Shell
 
Passwd+
Passwd+ is a proactive password checker which replaces the system passwd command. It enforces strong passwords. Availability: anonymous ftp at ftp.dartmouth.edu
 
PGP
Pretty Good Privacy (PGP) protects documents such as email from unauthorized reading using public key encryption. This is the famous program by NAI. (Some versions are export restricted) Availability: USA and Canada--anonymous ftp at www.eff.org or via web form Availability: International-- anonymous ftp at ftp.ifi.uio.no
Additional Info: Cryptography, PGP, and Your Privacy
 
Pidentd
Identd tries to identify the remote user name of a TCP/IP connection. Identd is an implementation of RFC 1413. Availability: anonymous ftp at ftp.lysator.liu.se or ftp.csc.ncsu.edu Additional Info: RFC 1413
 
PingLogger
PingLogger detects and logs ICMP ECHO REQUESTS. Availability: world wide web at www.students.uiuc.edu
 
Portmapper
It is a modified version of portmapper that reduces the vulnerabilities and denies proxy access.
Availability: anonymous ftp at ftp.porcupine.org
 
RIPEM
Riordan's Internet Privacy Enhanced Mail (RIPEM) improves the security of email by verifying the authenticity of the message sender among other things. ( Export restricted) Availability: anonymous ftp at ripem.msu.edu Additional Info: Information about RIPEM
 
Rpcbind
A modified version of rpcbind (System V.4 portmapper) that prevents intruders from bypassing NFS export restrictions. Availability: anonymous ftp at porcupine.org
 
Rscan
Rscan is a extensible network scanner that checks for common network problems and SGI specific vulnerabilities. Availability: anonymous ftp at ftp.vis.colostate.edu Additional Info: Rscan: Heterogeneous Network Interrogation
 
SARA
SARA, Security Auditor's Research Assitant, is a third generation security analysis tool that is based on the SATAN model, covered by the GNU GPL-like open license, fosters a collaberative environment and is updated periodically to address hte latest security threats. Availability and additional info: SARA
SATAN
SATAN is a program that gathers network information such the type of machines and services available on these machine as well as potential security flaws. Availability: anonymous ftp at ftp.porcupine.org. Also see wzv.win.tue.nl for a list of mirror sites. Additional Info: Cert Advisory CA-95:06.satan
 
Scan-Detector
Scan-detector determines when an automated scan of UDP/TCP ports is being done on a host running this program. Logs to either syslog or strerr. Availability: anonymous ftp at coast.cs.purdue.edu
Additional Info: COAST Projects' Tools
 
Sendmail
A replacement for the system sendmail. This version includes all of the latest patches.
Availability: anonymous ftp at ftp.cs.berkeley.edu
 
Sendmail Wrapper
The sendmail wrapper provides some protection against local sendmail attacks.
Availability: anonymous ftp at ftp.auscert.org.au
 
SENSS
A flexible, Java-based security tool that enables organizations to audit and secure their systems and networks in a modern, heterogeneous, corporate intranet. Availability and more info: Sun Enterprise Network Security Service
 
Shadow
This package includes everything that is necessary to use shadow password file.
Availability: anonymous ftp at ftp.cs.widener.edu
 
Simple Socksd
It is another implementation of Version 4 SOCKS protocol that is fast, easy to compile, and simple to configure. Availability: http at Simple SOCKS Daemon Additional Info: Simple SOCKS Daemon
 
SKey
S/Key generates one time passwords to gain authenticated access to computers.
Availability: anonymous ftp at thumper.bellcore.com or coast.cs.purdue.edu
 
Simple Key-Management For Internet Protocols (SKIP)
SKIP adds privacy and authentication at the network level. Availability: USA and Canada--via web form Availability: International--anonymous ftp at ftp.elvis.ru Additional Info: SKIP Information and SKIP in Russia
 
Smrsh
Smrsh is a restricted shell for sendmail to restrict the number of programs that can be executed by sendmail. Availability: anonymous ftp at ftp.nec.com
 
Socks
Socks is a package which allows various Internet service such as gopher, ftp and telnet to be used through a Firewall. Availability: anonymous ftp at ftp.nec.com Additional Info: Welcome to SOCKS
 
SSH
SSH (Secure Shell) is an enhance versions of rlogin, rsh and rcp that provides RSA authentication and encryption of communications as well as many other security improvements. ( Export restrictions)
Availability: anonymous ftp at ftp.cs.hut.fi Additional Info: Ssh (Secure Shell) Home Page or Ssh FAQ
 
STEL
STEL is a system replacement for telnet which provides strong mutual authentication and encryption.
Availability: anonymous ftp at idea.sec.dsi.unimi.it
 
Strobe
Strobe displays all active listening TCP port on remote hosts. It uses an algorithm that efficiently uses network bandwidth. Availability: anonymous ftp at suburbia.apana.org or minnie.cs.adfa.oz.au
 
Sudo
Sudo allows a system administrator to give limited root privileges to user and log their activities. This version of Sudo is also known as CU-sudo. Availability: anonymous ftp at ftp.cs.colorado.edu
Additional Info: Sudo - a utility to allow restricted root access
 
Swatch
Swatch is a package used to monitor and filter log files and executes a specified action depending of pattern in the log. Availability: anonymous ftp at ee.stanford.edu
 
Syn
Perl utility for tracking stealth port scanning Availability: anonymous ftp at Syn Additional Info: Syn
 
TCP Wrapper
Allows a Unix System Administrator to control access to various network services through the use of access control list. It also provides logging information of wrapped network services which may be used to prevent or monitor of network attacks. Availability: anonymous ftp at ftp.porcupine.org Additional Info: TCP Wrapper
 
Tcpdump
Tcpdump captures and dumps protocol packets to monitor or debug a network.
Availability: anonymous ftp at ftp.ee.lbl.gov
 
Tcpr
Tcpr is a set of perl scripts that forwards ftp and telnet commands across a firewall.
Availability: anonymous ftp at ftp.alantec.com
 
Tiger
Checks for known security vulnerabilities of Unix workstations. It is similar to Cops with many extensions. Availability: anonymous ftp at net.tamu.edu
 
TIS Firewall Toolkit
Firewall Toolkit is a software package to build and maintain a system which is used to protect networks from unwanted network activities. Availability: anonymous ftp at ftp.tis.com
Additional Info: TIS Firewall Toolkit Overview
 
Tripwire
Monitors for changes in system binaries.
Availability: anonymous ftp at coast.cs.purdue.edu Additional Info: Tripwire
 
TTY-Watcher
TTY-Watcher monitors, logs and interacts with all of the tty on a system.
Availability: anonymous ftp at coast.cs.purdue.edu Additional Info: TTY-Watcher
 
Wu-ftpd
A replacement ftp server for UNIX systems that has many features including extensive logging and as well as limiting the number of ftp users. Availability: anonymous ftp at wuarchive.wustl.edu
 
Xinetd
It's a replacement for inetd which has extensive logging and access control capabilities for both TCP and UDP services. Availability: anonymous ftp at qiclab.scn.rain.com
 
YPX
It is a utility to retrieve a NIS map from a host running NIS daemon.
Availability: anonymous ftp at ftp.uu.net or WWW server at mls.saic.com

Notify C0VERTl of any dead ftp/links and I will attempt to relocate the programs.