Network Security:

In this article, it talks about “Evil Twin”, a wi-fi phishing scam that makes users think they are connected to a legitimate web site.This article talks about identity management and what can happen if you are lax in security.
This article talks about intrusion detection systems and gives Network Computing’s analysis of nine systems that they tested.This CNN article details information that cyber-crime is more rampant than cyber-terror and gives some help with making your system more secure.This article tells about “click fraud”—how scammers can easily steal money with this click-fraud scheme.
A general discussion on protecting yourself from spyware, Tony Bradley offers 5 simple steps to protect yourself and your computer from numerous attacks by spyware and adware. He suggests that you only download from well known sites such as download.com. If and when you do download, be sure to read the EULA. If you receive a prompt or message on your desktop, make sure to read and understand the information instead of blind clicking. You must continuously protect your system with antivirus software and spyware/adware products such as Spybot Search and Destroy and Adaware.The Advantages of Dedicated Virtural Private Network Appliances - The white paper briefly examines several hybrid configurations including software, firewall, router, and dedicated and compares them w/ SafeNet's dedicated VPN appliance. The paper gives pros and cons of the different types of networks, in order to help Network Administrators and other professionals select the best solution for securring communication.Remote Access: VPN vs. Dial-Up - This is a summary of a test performance w/ 5 different vendors and a comparison of their remote access VPN Solutions (firewall, hardware based, ISP, NOS, and Software) to a traditional dial-up server. The outcomes showed that the dial-up can prove to be more cost efficient, manageable, and simple than VPN.
Distributed Denial of Service: Protecting Critical Systems By: Trinity Security Services; The article states that additional precautions should be taken to prevent DDoS Attacks because the Internet Service Providers are not taking the necessary precautions. The items explains different prevention mechanisms such as screening routers, Intrusion Detection System, and Firewalls. It also list some features that should be in products to help prevent DDoS Attacks.Fort Hood Selects Instrusion to Secure World’s Largest US Army Post - This article shows the importance of having a secure network. Fort Hood will be using SecureNEt and SpySnare to prevent hackers, viruses and Spyware from disrupting Army IT Operations. The 1st phase will cost $800,000.This is an interesting web site in that the main focus is the use of search engines such as Google as hacking tools. Although there is a book called "101 Google Hacks", the focus is significantly different than that of this web site. To use Google to hack web sites one only has to use precise keywords in a query to discover, for example, web sites that have account passwords stored in a web directory viewable to the public (i.e. password.txt intitle:index.of). Even more surprising is that in the case of the example above one doesn't necessarily need to visit the web site to obtain the passwords IF Google OR any other search engine has cached the web page of the directory containing password.txt (i.e. www.google.com./search?q=cache:www.h4x0r.com/admin/passwords.txt). There are several sections of the web site that include but are not limited to "a search engine hacking forum", and a download section where you can download text files, etc.
http://seclists.org/ - If you have never subscribed to or regularly read any of the mailing lists listed on this web site, prepare yourself because you may be overwhelmed! ;) Not only does this web site contain information on how to subscribe to the mailing lists on it, but maintains an enormous archive of messages exchanged in these mailing lists bulging with information!The link above points to part two of the column entitled "Blogs: Another Tool in the Security Pro's Toolkit" by Scott Granneman. By providing high quality information and uniqe perspectives blogs can help security professionals stay abreast in the realm of security. The first part of this column is an introduction to blogging, blogs, and considerations for security professionals who wish to begin their own blog. The second part continues with a "discussion, and focus on blogs that specialize in security".According to section 1.1 of this FAQ (Frequently Asked Questions), "Internet Firewalls: Frequently Asked Questions" attempts to answer FAQs that have "been compiled over a period of years, seeing which questions people ask about firewalls in such fora as Usenet, mailing lists, and Web sites". This FAQ, last updated in July of 2004, is pretty comprehensive and can probably save a lot of time when consulting the places listed above with regard to predominately "network" as well "host" and "personal" firewall related questions.
Phrack, the 20 year old, hacker e-zine that brought to us popular articles such as "Smashing the stack for fun and profit", is a free e-zine that discusses a broad range of topics which include, but are not limited to network security. In addition to the current release, previous issues can be found on phrack.org as well. Unfortunately, the next release of Phrack will be the last; so, don't miss it! :)A site dedicated to security issues. Provides articles on how to properly configure services, users can subscribe to their BugTraq mailing lists and receive emails on the latest vulnerabilities, and general articles related to the latest findings in computer security.You want to protect your computers, but do you begin? There are many ways hackers can use to attack your computer. What are the most common ways used to attack computers? Check out the link above to find out. The site lists the Top 10 Unix and Windows vulnerabilities.
Tired of all the hits you receive when you google for computer security? Infosyssec is a security portal with links to popular sites on computer security. The site also provides links to the latest news in computer security.This is an article in on the growing trend of convergence of physical and logical security. The article discusses the pitfalls of joining both types of security.This article is an introduction to security and breaks down security into two types, transit security and traffic security. The audience of this article is for the novice technical person. In the breakdown of the two types firewall, VPN and packet filtering are discussed.
This is a whitepaper advocating that more than one type of anti-virus is needed on the desktop to help prevent virus infection. The premise is defense in depth: if on antivirus engine misses the virus the other should be able to catch it.This article discusses Distributed firewalls and how to use them. Distributed firewalls use IPSec, a policy language, and system management tools, but is not dependant on network topology.The article I have presented from this link is “Six Security Threats”. This article describes how companies should formulate policies to fight against Security threats. Preventing network security threats is the primary aim of any IT concerned company. This article actually describes common security mistakes that make the IT departments wild and prone to attacks.
The article’s name is “USB FLASH DRIVERS: USEFUL DEVICE OR SECURITY THREAT? In this article the main focus is on the USB flash drivers. Though they are used alternative to floppy disks and zip drives, they are a security challenge to network administrators. So the discussion of the article is mainly focused on the issues that usb flash drivers are a useful tool for data sharing or a useful tool for malicious users to bypass network security policies.The article name is “Exploring Security Threats and Solutions”. The discussion here is that the internet has become a hackers playground. This article summary explores the security issues that concern the internet and web services community and finds solutions as to how to avoid these security threats.The article’s name is “Web Browser Vulnerabilities:Is Safe Surfing Possible?”. The discussion here is that all web browsers have security flaws.Here it is up to the network administrators to take the lead in educating users about the best security practices.
In “Security Threats Will Get Serious”, the main discussion is regarding the security threats that in the near future these Security threats will become more serious. So what really we need is the knowing of the threats beforehand through alert systems. Taking more sophisticated cyberatacks needs a new approach and a lot of security software and services.Securing End Users from Attack Summary: As corporate end users face a gamut of threats that endanger the network, from malicious code to social engineers, this article discusses how enterprises can secure themselves by securing their end-users.Common Security Vulnerabilities in e-commerce systems Summary: This article discusses some common attacks and vulnerabilities in e-commerce shopping cart systems along with countermeasures for dealing with these type of threats.
Threats and your Assets – What is really at Risk? Summary: This article covers some of the most important items that needs consideration when discussing, analyzing, designing or implementing a security posture within a place of business, or perhaps in a company that the reader may be servicing.The Perennial Problem with Patches Summary: This article argues that patches cannot be relied upon to deliver effective front-line security as they simply aren't applied in a consistent, effective and timely fashion. The explanation is substantiated with several examples such as Slammer and Fizzer.SQL Injection Security Threats Summary: The author discusses how SQL injection is a serious threat to any vendor’s SQL database in which applications use dynamic SQL and and what can be done to prevent successful attacks.
Port Knocking: An Overview of Concepts, Issues, and Implementations by Ben Maddock. September 2004. “Port knocking is a method of establishing a connection to a networked computer that has no open ports,” according to Martin Krzywinski. CIO Today. A website that caters to network security. Find the latest articles about patches, vulnerabilities, and security tools.CERT Coordination Center. This document looks at home security through the user’s eyes, and explains what home users should know about securing their network.
Bindview's RAZOR - A team of researches that produce news and information on network security and system vulnerabilitiesAntiOnline AO is a worldwide community of security, network and computer professionals, students and keen amateurs who come here to learn the principles and details of computer/network securityDemystifying Cisco Access Control Lists - Network Computing Workshop on using Cisco ACL's
Increasing Security on IP Networks - Cisco's Guide to network security using their productsThe Cost of Security on Cisco Routers - A Network Computing Tutorial on how implementing access control lists can impact Cisco routers
Network Information Systems: Protecting Against the Threat 2000 - This publication is provided by the Office of the National Counterintelligence Executive. It points out the paradox that we all live by today, the fact that as a society we live and die by the computer networks that are intertwined in our daily routines. While the computer networks make it possible for us to either have jobs or perform our functions more efficiently, they are also prone to attacks that will bring our work and life to a standstill. We rely more on computers and the possibility of threats increase also. The publication also provides information on the areas where protection needs improving and monitoring.Under the hood of the Internet: An overview of the TCP/IP Protocol SuiteStateful vs. Stateless IP Filtering
CERTW3C Security ResourcesSecuring Desktop Workstations
NT Security Microsoft Security SiteWindows Nt 4.0 and 2000 Security
RegistrysecretsTrusted System ServicesAll.Net Security Database
NT Security NewsNT Security SoftwareWindows NT Server Security Services
ICSASimply Secure Communications; BY SUSANNAH PATTON; VPN alternatives provide safe connections, ease and flexibilityNaval Postgraduate School Center for INFOSEC Studies and Research
Experimental Break-Ins Reveal Vulnerability In Internet, UNIX Computer Security Security in a Computer Network - by Shaun Bangay (1999); A comprehensive site covering topics in network security. The site begins with a historic look at network security. In addition the site includes information on topics such as host security (UNIX and NT), Firewalls, data authentication, cryptography, and WWW security topics.Securing Network Servers
Vulnerability Note VU#412115: Network device drivers reuse old frame buffer data to pad packets - This CERT Vulnerability Note describes a serious vulnerability associated with network device drivers for many network cardsCERT Coordination Center - Home Network Security - This document gives home users an overview of the security risks and countermeasures associated with Internet connectivity, especially in the context of “always-on” or broadband access services (such as cable modems and DSL). However, much of the content is also relevant to traditional dial-up users (users who connect to the Internet using a modem).Networked storage not yet secure - by Oliver Rist (2003) Businesses are rediscovering centralized storage. But they could end up discovering a security hazard.
Networks Risk Grounding Without Airport-Level Security - by Nigel Hawthorn (2002) The article compares airport security with the security of a network. The author discusses a need for a more sophisticated system "to tackle the emergence of a new loophole - port 80."Trend Micro Expands 'Mixed Threat' Computer Security - This article is about Trend Micro's new service to help network administrators eliminate threats from multiple sources.Got Broadband? You're Under Attack - This article describes the different threats involved in having a "always on" connection. It even has a section on preventive measures.
Future Hacking: How Vulnerable Is the Net? - by James Maguire (2002) In a recent report on terrorism, the CIA stated, "Cyberwarfare attacks against our critical infrastructure systems will become an increasingly viable option for terrorists." As a new safety precaution, the organizations that operate the Internet's root servers will add more servers to each system. This will make each location less vulnerable to DDoS attacks.The Day the Net Nearly Choked - by Alex Salkever (2002) The newsgroups and chat rooms in the computer-security biz are still buzzing about the Oct. 21 distributed denial of service attack (DDOS) that tried to clog the heart of the Internet. That attack used a constellation of hijacked computers to unleash a surging wave of bogus data traffic aimed at the 13 so-called root-level domain name servers (DNS) that function as the authoritative directory assistance for the Internet. Taking down these geographically dispersed servers, three of which are located outside the U.S., in Sweden, Britain, and Japan, would be the digital equivalent of turning off the traffic signals in Manhattan at rush hour.Security Firm @stake Says Your Network May Be Leaking Sensitive Data - by George V. Hulme (2003) The article discusses why security researchers at the firm @stake say they have found a flaw in how network device drivers send information that could create an "information leakage vulnerability" that may let hackers collect sensitive information sent from vulnerable devices. If successful, @stake says, hackers potentially could view "slices of previously transmitted packets or portions of kernel memory" over certain networks.
Handheld computers pose threat to security - by Alistair McPherson The article discusses how personal digital assistants (PDAs) have become increasingly popular as they have progressed in the public psyche from being an electronic gimmick for technophiles to a corporate must-have. According to the article, it is common practice among PDA users to download all their personal and business data, including PINs and passwords, on to the portable computer. However, recent research by Pointsec Mobile Technologies and Infosecurity Europe reveals that one in four users fail to protect their PDA with a password - even though 89 percent admitted using it as their corporate diary and 36 percent to store business information. This makes PDAs vulnerable.U. of Colorado at Boulder Adopts Encrypting Links for E-Mail Software - By VINCENT KIERNAN; January 21, 2003; The University of Colorado at Boulder recently changed their e-mail systems to require encryption on all e-mails. They began requiring encrypted links for FTP and Telnet also. Two other Universities who were also mentioned, The University of Washington and Stanford had already started encrypting e-mail, FTP, etc.Network Security: Best Practices; By Marcia J. Wilson - JANUARY 27, 2003
How Sharing Thwarts Hacks - Dennis Fisher (2003) This article is a review of a paper that 2 Harvard researchers wrote. Their paper is how enterprises that share attack data can help hinder attacks by potential hackers.Yaha Worm Wreaks Confusion - Dennis Fisher (2003) This in an interesting article about not only the Yaha Worm and the agravation it causes, but how the names of worms and viruses affect security. Instant Insecurity: Security Issues of Instant Messaging - This article is a real eye-opener for those of us who use IM! I had not heard about the vulnerabilities associated with IM and am beginning to see just how vulnerable a system is even when IP addresses change regularly. This article discusses how IM works, security threats, worms, backdoor trojan horses, hijacking and impersonation, denial of service and other issues associated with IM. The author, Neal Hindocha, discusses securing instant messaging and makes some conclusions for consideration.
The Instant Messaging Menace: Security Problems in the Enterprise and Some Solutions - Dan Frase January 31, 2002; An informative article about the security threat that is caused by running an instant messenger client in a business environment.The Strange Tale of the Denial of Service Attacks Against GRC.COM - by Steve Gibson, Gibson Research Corporation, 2002; detailed description of attack and response to a DDoS attackCisco - Network Security Policy: Best Practices White Paper - This is a white paper from Cisco on best network security practices.
LAYERED NETWORK SECURITY: A best-practices approach - I liked how this one approached each layer, and gave pros and cons of doing each.What is my Role in Information Survivability? Why Should I Care? - This site has a Power Point presentation on making networks survivable against attacks.Honeypots: Tracking Hackers - lots of information; links to whitepapers on honeypots as well as a FAQ
Intrusion Detection, Honeypots, and Incident Handling Resources - a website that discusses honeypots. I find this to be a very interesting topic.Network Security Library - network security library for windows issues. Its part of http://www.WindowSecurity.comInternet security: the Top 10 online blunders by Tom Salkield; Managing Director NetConnect; 06.01.04

 

Network Security Tools
Scanline - Scanline is a network security tool that improves on functions of windows such as ping and traceroute. It is operated from a command line prompt that allows the user to manipulate the commands via various switches. Scanline allows for file utilization for input of IP addresses and exporting of results to CSV file formats. Scanline also allows for port scanning through specific ports or a port list.Sniphere - This is a free product that allows the user to capture TCP traffic on a local area network. The creator states that the product is not perfect for monitoring all traffic on a network, but it is very good at monitoring traffic between specific devices. Once data is captured, it is displayed for the user in XML format. Sniphere can also display the data in ASCII at the preference of the user.Drivecrypt Plus Package DCPP is an encryption tool that provides a level of security to the user without impeding their work process. The application provides Full Drive Encryption rather than file encryption. This encrypts all files including temporary storage files that are typically not encrypted. Data is decrypted and re-crypted as the information is accessed by the user. The user does not have to perform this operation as the software does it without the users knowledge. For complete security, pcpp provides boot authentication that will require password authentication to boot the computer.
IDS phantom - IDS phantom is similar to an intrusion detection system, it actually works in conjunction with an IDS such as Snort. Once installed, it monitors the open ports on the host system and provides the user with 3D model display. It also accepts the input from an IDS such as Snort and displays the active systems that are being affected by an attack. This web page provides a direct download of the Windows version of Netcat. Netcat is an awesome little tool that "reads and writes data across network connections" using TCP/IP. As simple as it's description sounds it definitely has some applicability in the realm of Honeypots. For example, one can have netcat function as a daemon by listening on a port, and executing a program once an inbound connection has been made. There are versions of Netcat for many UNIX based and Windows platforms.This is a good tutorial on how to determine if your Windows NT/2000/XP system has been hacked. The author gives a list of tools that can be used to: List processes, the TCP ports being used, and the program listening on the port, view hidden files stored on your computer, and search the registry of entries created by Hackers. They have a total of 68 tutorials on the site.
Angry IP Scanner - Angry IP Scanning is a utility that can be useful in determining basic network connections and open ports on computers. The program scans the ip addresses provided in the input range by pinging them. It then can check for open ports and net bios information. The program is very user friendly and very simple to use.Tools Tools ToolsThis article is a tutorial in how to implement Tripwire capabilities on a Windows workstation. Tripwire is a UNIX based integrity checking software. The article uses InstallWatch. It describes how to configure Install Watch to act like Tripwire.
PuttySSH - This is the download site for PuTTY, a free Windows compatible client for SSH, telnet, and rlogin. It's free, comes in a Windows binary (not a self install). You just download it and run it. I've been using it since last year and I've never had any sort of problem with it.SSH - This is a general links page for SSH. This includes an introduction to SSH as well as a link to the SSH RFC. This is focused mainly on UNIX.OpenSSH - A link to OpenSSH, which is a free SSH protocol suite of network connectivity tools. It encrypts all traffic (including passwords) to eliminate eavesdropping, connection hijacking, and other network-level attacks.
NMAP -- The Network MapperFreeS/WAN is an implementation of IPSEC & IKEPedestal Software. Detects changes in files, registry and configuration settings. NT.
ISS's Internet Scanner™SATANUNIX Security Software
Unix, Microsoft NT and Windows-95 Security ToolsBestCrypt for Windows NTKane Security
Trinux - Linux Security ToolsGnuPG (GnuPrivacyGuard)Windows NT Tools
ISS SafeSuiteNetwork-1NTManage
www.DNSstuff.com - I found this website to be so interesting because it puts so much information at your fingertips. You can not only lookup IPs, but perform tracerts, WHOIS,time to look up, check to see if an address is vulnerable to spam, and lots more. SomarSoftTrendMicro
Intrusion Prevention Systems – Security's Silver Bullet? - Dinesh Sequeira November 14, 2002; An article that focuses on controls to prevent attacks into network systems. The article contains information on firewalls, anti-virus software, intrusion detection systems as well as the intrusion prevention system approach to security.PuTTY: A Free Win32 Telnet/SSH Client - This is the download site for PuTTY, a free Windows compatible client for SSH, telnet, and rlogin. It's free, comes in a Windows binary (not a self install). You just download it and run it. I've been using it since last year and I've never had any sort of problem with it.OpenSSH - A link to OpenSSH, which is a free SSH protocol suite of network connectivity tools. It encrypts all traffic (including passwords) to eliminate eavesdropping, connection hijacking, and other network-level attacks.
Honeypots

 

Wireless Security
Weaknesses in the Key Scheduling Algorithm of RC4Mesh networking: Protecting the homeland - Two mesh networking companies have moved forward with design wins, tailoring their first products toward homeland security operations. Mesh networking proponents say their technology is uniquely suited to provide a robust, self-healing wireless network infrastructure in the case of an emergency. Moreover, even almost three years after 9/11, security budgets remain high.Security is in Wi-Fi Management's Future - Cirond Corp is shifting focus from managing to securing wireless LANs. They are changing their whole focus to security rather than management. This article discusses the reasons why.
Exploiting and Protecting Wireless NetworksQuickstudy: Securing Wireless NetworksYour 802.11 Wireless Network has No Clothes
802.11 Security Vulnerabilities (University of Maryland) - excellent site that describes eight papers on wireless attacks in detailMinimizing WLAN Security Threats - by Jim Geier - Dated September of 2002, this article discusses how wireless LANs are susceptible to hackers. Topics include spread spectrum not secure, SSIDs are useless, DHCP hurts security, man-in-the-middle attacks, problems with WEP, and denial of service attacks. As the article points out, how one needs to handle these concerns depends greatly on your security requirements. While one person may be able to keep the network open, another may need much more security.Security Fix for Wireless
Securing a Wireless Network    PowerPoint802.11b Access Points In and Around the Research Triangle Park, NCWireless Network Security Tips
NetStumblerWarchalkingwardriving.com
War driving by the Bay - Wireless network hacking turns cyber attack into street crime. By Kevin Poulsen, SecurityFocus Apr 12 2001Airtouch Networks War Driving Kit - By Jim Geier; describes the use of a war driving kitWireless LAN Security - Threats and Countermeasures - Powerpoint presentation
WorldWide WarDrive"Wi-Fi Encryption Fix Not Perfect"DOD IT projects come under fire - Wireless LAN security lapse at defense agency - By BOB BREWIN, MAY 20, 2002; This article talks about how one of the DoDs wireless networks were left unsecure. The article goes into how they are fixing the security problems. There is also a follow-on article about the army using 128-bit wireless networks for support battlefield logistics systems
Wireless: wide open to attack - By Oliver Descoeudres; October 22, 2002; a site that discusses the vulnerabilities of wireless networks and ways to tighten securityInformation Assurance in Wireless Residential Networking Technology: A Survey of IEEE and Bluetooth- by Dr. Rayford B. Vaughn, Mississippi State University and Ambareen Siraj, Mississippi State University; Defense Department Magazine article about software development. This article refer to information assurance and wireless standards.

 

Linux Security
System HardeningMandrake updates - Regularly keep your system up to dategrSecurity - grSecurity is a multi-layered detection, prevention, and containment model. It is licensed under the GPL. It offers: An intelligent Role-Based Access Control (RBAC) system that can generate least privilege policies with no configuration; Change root (chroot) hardening; /tmp; race prevention; Extensive auditing; Prevention of entire classes of exploits related to address space bugs (from the PaX project); Additional randomness in the TCP/IP stack; A restriction that allows a user to only view his/her processes; Every security alert or audit contains the IP address of the person that caused the event
trinux - Trinux is a ramdisk-based (or embedded if you like) Linux distribution that was first released in April of 1998 and has been maintained on and off since then. Like other Linux distributions it consists of a Linux kernel, base utilities, and a variety of packages. SE Linux - Security Enhanced Linux is under development by the NSA It enforces fine-grained mandatory access control by restricting user programs and system servers to the minimum amount of privilege they require to do their jobs. It has no concept of a "root" super-user, and does not share the well-known shortcomings of the traditional Linux security mechanisms. The ability of user programs and system daemons to cause harm when compromised (via buffer overflows or misconfigurations, for example) is reduced or eliminated. This mechanism operates independently of the traditional Linux access control mechanisms. The Security-enhanced Linux's new features are designed to enforce the separation of information based on confidentiality and integrity requirements.Linux Intrusion Detection System (LIDS) - Linux Intrusion Detection System is a kernel patch and admin tool that enhances the kernel's security by implementing Mandatory Access Control (MAC). Even for root, this controls system network administration operations, file, raw device, memory, and I/O access. Thus, in this implementation, an executable cannot be executed when the user is not trusted (i.e., it is not in the trusted ACL) and the executable is not in the trusted path.
The Digital Underground - Computer and Technology articles, and a members page for the "digital underground" community with text, programs, and security information.Dranch: TrinityOS - Step by step, example driven, HOWTO on building a Linux box with an aim towards strong security. Also, links to resources and mailing lists. Exploit World - Linux Section - Known vulnerabilities on the Linux system with detailed description.
Googgun Technologies Praetor module - Praetor is a kernel-based "Security Enabler" for Linux that provides fine-grained access control.Hacking Linux Exposed - Companion Website to Hacking Linux Exposed, Osborne/McGraw-Hill. Source code from the book, updates, and other tools to secure your Linux system.Linux Audit and Intrusion Detection - InterSect Alliance are the creators of the SNARE Linux C2-style Audit module, and have a consulting background in advanced audit analysis, intrusion detection systems, and forensics for Unix and other operating systems.
The Linux Kernel Auditing Project - The project that aims to audit the Linux kernel for security vulnerabilities and other bugs.Linux Security - Information collected from many sources: feature articles, advisories, news, documentation, forums, links. Bastille Linux - Attempts to "harden" (tighten the configuration of) a Red Hat or Mandrake Linux installation.
Linux Security - Linux Security, server hardening, 1U server, 24x7 server admin, monitoring, IDS, NDS, firewallsLinuxbroker - Security - Linuxbroker provides all types of resources you need like Linux newsgroups search engine, daily news, howtos, applications releases tracking and security alerts.LinuxSecure - This site on Linux and security covers firewalls (iptables), intrusion detection systems (snort), securing services, and Linux security in general. The aim is to provide information about protection, detection, and reaction with respect to attacks.
New Security Features in Linux 2.4 - Selective privileges (capabilities), cryptography, random number devices.NiftyBox Advisor - Open-source security tools including "Advisor" to automatically notify an admin when a security advisory affects an installed package.Password Management System - Designed for System Administrators, to handle user logins for several computers running Linux. It works with a console interface, based on the CDK library that uses ncurses. Import data from csv files and export to text files with a free definable format.
LINUX SECURITY SOFTWAREPenetrator Megablaster - A kernel module that detects and stops overflow attacks, like Linux Buffer Overflow attack security, which aim to get an interactive access to the system.Sardonix.org - DARPA-funded community project to audit the source of all Linux applications for security vulnerabilities.
SSH, the Secure Shell: The Definitive Guide This is a companion website for "SSH: The Secure Shell The Definitive Guide" by Daniel Barrett and Richard Silverman (O'Reilly, 2003). It contains technical details on the SSH as well as sample book material.StegFS - A Steganographic File System for Linux - Not only does it encrypt data, it also hides it such that it cannot be proved to be there.Virtual eXecuting Environment for Linux - Open Source virtual-machine-type security system for Linux servers.


Back to Information Assurance e-Library Index   Back to Information Assurance e-Library Index


Click here to return to Wayne's World's homepage: return to Wayne's World


written by Wayne Summers summers_wayne@ColumbusState.edu