|
|
|
Linux Security - News  |
[Debian GNU Linux Security Information] - this page addresses Debian's status with respect to various known security holes, which could potentially affect Debian.
[SUSE Linux: Security Announcements] - This page regularly informs you about security issues concerning SUSE Linux.
[Red Hat Security Resource Center] - provides a variety of ways to help improve the security of your Linux- based IT infrastructure.
[MandrakeSecure] - this site exists to provide you with meaningful information about security in the Mandrake Linux distribution.
[Gentoo] - Security Announcements.
[Linuxsecurity News].
[LinuxSecurity.com Advisories] - Scouring the Web for those critical security advisories and updates? Find the information you need for your favorite open source distribution all in one place on this Advisories page.
[Pro-Linux Sicherheitsservice] - Auf diesen Seiten finden Sie alle Sicherheitsmeldungen, die von den wichtigsten Distributionen herausgegeben werden.
[SecurityFocus - Unix].
[SecurityFocus - Bugtraq Archive].
|
| Linux Security Howtos |
[Security Quick-Start HOWTO for Linux] - This document is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction.
[Security Quick-Start HOWTO for Redhat Linux] - is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction.
[Securing Debian Manual] - describes security in the Debian project. Starting with the process of securing and hardening the default Debian GNU/Linux distribution installation. It also covers some of the common tasks to set up a secure network environment using Debian GNU/Linux, gives additional information on the security tools available and talks about how security is enforced in Debian by the security team..
[Anleitung zum Absichern von Debian] - Dieses Dokument beschreibt den Prozess, eine Debian- Standard- Installation abzusichern und abzuhaerten. Es deckt die alltaegliche Arbeit, eine sichere Netzwerkumgebung mit Debian GNU/Linux zu schaffen ab, und gibt zusaetzlich Informationen über verfuegbare Sicherheits- Tools und die Arbeit des Debian Sicherheit-Teams.
[Linux Security HOWTO] - This document is a general overview of security issues that face the administrator of Linux systems. It covers general security philosophy and a number of specific examples of how to better secure your Linux system from intruders.
[Secure Your Unix/Linux OS] - Articles and information to help you understand the holes and vulnerabilities that might be present in a Unix or Linux operating system and the tools and utilities commonly used with them as well as how you can configure your system to be as secure as possible..
[UNIX Configuration Guidelines] - This document describes commonly exploited UNIX system configuration problems and recommends practices that can be used to help deter several types of break-ins.
[Sicherheit in Netzen] - ist eine hervorragende Arbeit zum Thema Sicherheit in Netzen in deutsch.
[Linuxsecurity Howtos] - Need a step-by-step guide to get your firewall up and running? This and many other specific and practical guides to setting up secure services from Asterisk to Zend can be found in this HOWTO section.
[Firewall-Architekturen] - beschreibt eine Vielzahl von Methoden, Firewall-Komponenten zusammenzusetzen, und befasst sich mit deren Vor- und Nachteilen.
[Packet-Filtering-HOWTO] - ist eine deutsche Uebersetztung des Linux 2.4 Packet Filtering HOWTO. "Dieses HOWTO wechselt zwischen einer leichten Einfuehrung und rohen Enthuellungen".
[NAT-HOWTO] - beschreibt auf deutsch, wie man Masquerading, transparente Proxies, Port Forwarding und andere Formen der Network Address Translation mit dem 2.4er Linuxkernel einsetzen kann.
[netfilter/iptables FAQ] - contains the Frequently Asked Questions as encountered on the netfilter mailing list.
[LinuxGuruz Netfilter IPTABLES Firewall Page] - offers many links to iptables- scripts, FAQs, Howtos, Tutorials and other Network Security Sites.
[iptables - Die Firewall des Kernels 2.4] - Dieses Howto von Wolfgang Kinkeldei vermittelt kompakt und verstaendlich die zur Verfuegung stehenden Parameter.
[Sicherheit im Kabelnetzwerk] - 10 Gebote fuer den Schutz der elektronischen Privatsphaere im Breitbandinternet (Kabelmodem, xDSL, ISDN und andere).
[PGP documentation] - "If you don't understand the basic principles behind public key cryptography, then you may very well jeopardize both your own and other people's security, and PGP will only give you a false sense of safety".
|
| Linux Security - Downloads |
[Packetstorm] - is an extremely large and current security tools resource. Packetstorm is a non-profit organization comprised of security professionals dedicated to providing the information necessary to secure the World's networks.
[Network Monitoring Tools] - This is a list of tools used for Network (both LAN and WAN) Monitoring tools and where to find out more about them. The audience is mainly network administrators.
[Openwall Project] - security/hacking tools.
[Secureroot.com] - Computer Security Resource. Exploits, Hacking, Anonymity, Cracking, Encryption, Phreaking, OS Security, Virii ... and Books devoted to computer security.
[Nomad Mobile Research Center] - Most of the stuff here deals with computer security. All of NMRC's hack and cracks will bring forth the idea that you cannot secure a system for long -- sooner or later someone will find a way around the obstacle.
[Security-enhanced Linux] - is a research prototype of the Linux kernel and a number of utilities with enhanced security functionality designed simply to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux.
[tcpdump] - is a powerful tool for network monitoring and data acquisition. This program allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface, filter packets that match a certain expression.
[Ettercap] - is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis, that are integrated with a easy-to-use and pleasureful ncurses interface.
[Security Administrator's Tool for Analyzing Networks (SATAN)] - is a tool to help systems administrators. It recognizes several common networking-related security problems, and reports the problems without actually exploiting them.
[SAINT] - the "Security Administrator's Integrated Network Tool" is a vulnerability-assessment scanner. SAINT has been released under the original SATAN license and conforms to the Open Source Definition.
[Ethereal] - is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
[Nmap Security Scanner] - is a utility for network exploration or security auditing. It supports ping scanning, many port scanning techniques, and TCP/IP fingerprinting. Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more. Console and X-Window versions are available.
[Nessus] - is a free, powerful, up-to-date and easy to use remote security scanner. Nessus is currently rated among the top products of its type throughout the security industry and is endorsed by professional information security organizations such as the SANS Institute.
[Angst] - is an active sniffer, based on libpcap and libnet. It provides methods for aggressive sniffing on switched local area network environments. It dumps the payload of all the TCP packets received on the specified ports.
[chkrootkit] - is a tool to locally check for signs of a rootkit.
[Rootkit Hunter] - (rkhunter) scans for rootkits, backdoors and local exploits.
[The Coroner's Toolkit (TCT)] - is a collection of tools that are either oriented towards gathering or analyzing forensic data on a Unix system. It is primarily designed for Unix systems, but it can some small amount of data collection & analysis from non-Unix disks/media.
[samhain] - is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). It has been designed to monitor multiple hosts with potentially different operating systems from a central location, although it can also be used as standalone application on a single host.
[Sleuth Kit] - (previously known as TASK) is a collection of UNIX- based command line file system and media management forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non- intrusive fashion.
[TCP Flow Recorder] - captures data transmitted as part of TCP connections (flows), and stores data in a way that is convenient for protocol analysis or debugging. tcpflow understands TCP sequence numbers and will reconstruct data streams regardless of retransmissions.
[The Autopsy Forensic Browser] - is a graphical interface to The Sleuth Kit (TASK). Autopsy allows one to view allocated and deleted file system content in a "File Manager" style interface and perform key word searches.
[Carbonite] - is an LKM that is designed to investigate and detect rootkits. Carbonite even works with LKM rootkits that patch calls to /proc. It works like lsof and ps at the kernel level, querying every process in Linux's task_struct, which is the kernel structure that maintains information on every running process in Linux.
[Foremost] - is a linux tool for conducting forensic examinations. Although intended for law enforcement purposes, it may be useful to other members of the community. Foremost reads through a file, such as a dd image file or a disk partition and extracts file.
[Snort] - is a cross-platform, lightweight network intrusion detection tool that can be deployed to monitor small TCP/IP networks and detect a wide variety of suspicious network traffic as well as outright attacks.
[Tripwire] - is a (commercial) tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc.
[Sentry Tools] - provide host-level security services for the Unix platform. PortSentry, LogSentry, and HostSentry protect against portscans, automate log file auditing, and detect suspicious login activity on a continuous basis.
[SNARE] - (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralised analysis of audit log data. Agents are available for Linux, Windows, Solaris, IIS, Lotus Notes, Irix, AIX, ISA/IIS & more.
[Kismet] - is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
[AirSnort] - is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions then computing the encryption key when enough packets have been gathered.
[Fake AP] - generates thousands of counterfeit 802.11b access points and therefore confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables.
[WEPCrack] - is an open source tool for breaking 802.11 WEP secret keys using the latest discovered weakness of RC4 key scheduling.
[aircrack] - aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact aircrack is a set of tools for auditing wireless networks. Aircrack-ng is the next generation of aircrack with lots of new features (planned and wanted).
[WepLab] - is a tool designed to teach how WEP works, what different vulnerabilities has, and how they can be used in practice to break a WEP protected wireless network.
[WepAttack] - is a WLAN open source Linux tool for breaking 802.11 WEP keys. This tool is based on an active dictionary attack that tests millions of words to find the right key.
[John the Ripper] - is a fast password cracker, currently available for many flavors of Unix. Its primary purpose is to detect weak Unix passwords.
[Offline NT Password & Registry Editor] - This is a utility to (re)set the password of any user that has a valid (local) account on your NT system by a single floppy that uses Linux as the OS.
[netfilter/iptables] - The netfilter/iptables project is the Linux 2.4.x or above firewalling subsystem. It delivers you the functionality of packet filtering (stateless or stateful), all different kinds of NAT (Network Address Translation) and packet mangling.
[IPmenu] - is a user interface to netfilter/iptables and Linux policy routing or traffic control, allowing you to edit firewall rules and configure the firewall to "mark" packets for policy routing or for class based queueing (CBQ).
[gShield] - is an iptables firewall for use with the 2.4.x series of the Linux kernel. It is easily configured through a single, well commented configuration file. gShield is released under the GNU General Public License (GPLv2).
[Firestarter] - is an Open Source visual firewall program. The software aims to combine ease of use with powerful features, therefore serving both Linux desktop users and system administrators.
[Shorewall] - The Shoreline Firewall, more commonly known as "Shorewall", is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system.
[Seattle Firewall] - is an ipchains based firewall that can be used on a dedicated masquerading firewall machine (including LRP), a multi-function masquerade gateway/server or on a standalone Linux system.
[BullDog] - is a powerful but lightweight firewall for heavy use systems. Be prepared to spend some time setting this up. If you are looking for a "quick fix", then you are on the wrong site. BullDog is NOT a quick fix, but rather one step in a complete security policy. It supports ipchains and iptables.
[fBuilder] - is a web-based utility for building and configuring your ipchains or iptables based Linux firewall. InnerTek Software currently offers two versions of fBuilder: fBuilder Lite - a free version of fBuilder that includes a standard set of features and fBuilder Plus.
[Mason] - is a tool that interactively builds a firewall using Linux' ipfwadm or ipchains firewalling.
[Knetfilter] - is a KDE application designed to manage the netfilter functionalities that come with the kernels 2.4 and later. In Princip, all standard firewall system administration activities can be done just using knetfilter. But there is not just a GUI to iptables comand line, it is possible also some monitoring with tcpdump and nmap (nmap is slow) interfaces.
[Firewall Builder] - is multi-platform firewall configuration and management tool. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX.
[Easy Firewall Generator for IPTables] - is designed to easily generate a full-featured iptables configuration script with a variety of the most commonly desired options.
[PuTTY] - is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator.
[OpenSSH for Windows] - is a free package that installs a minimal OpenSSH server and client utilities in the Cygwin package without needing the full Cygwin installation.
[OpenSSH] - is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.
[MindTerm] - is a client that implements the SSH1 and SSH2 protocols. It is written in pure Java. MindTerm can be used as stand alone software to access standard SSH-aware hosts. Like any SSH client MindTerm can also be used as a client to an AppGate Server system for extended Authorization, Authentication and VPN functionality.
[GnuPG] - is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
[Seahorse] - is a Gnome interface for GnuPG. It's main purpose is to be a PGP/GPG Key Manager, though it has other components including a text editor and file manager.
[PGP] - Here you may download the latest freeware PGP version, whether you want the international or the US variant.
[KGPG] - is a simple, free, open source KDE frontend for gpg. It will be part of the official KDE 3.2.
[pwsafe] - is a command line password database program for Unix. It is compatible with Counterpane's Win32 Password Safe software. It can also copy the passwords into the X selection and clipboard, but it doesn't open a visible window. The database is encrypted with blowfish, and a single passphrase decrypts it all.
[PwManager] - With PwManager you can easily manage your passwords. PwManager saves your passwords blowfish- encrypted in one file, so you have to remember only one master- password instead of all. Instead of the master- password you can use a chipcard, so you don't have to remember a password to access the list.
[MyPasswordSafe] - is a straight- forward, easy- to- use password manager that maintains compatibility with Password Safe files.
[KisKis] - is an easy-to-use password manager written in JAVA. So it runs on any platform provided that there is an appropriate Java- Virtual- Machine available.
[Official OpenAntiVirus.org Projects] - offers specialized Open Source anti-virus, computer security and network security software.
[Clam AntiVirus] - is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning).
[Anomy sanitizer] - can scan email attachments for viruses. Other things it can do: block or "mangle" attachments based on their file names, disable potentially dangerous HTML code, such as javascript, within incoming email, and more.
[F-Prot Antivirus for Linux] - is available in many versions (products and services to suit both the home user as well as the corporate user). The Version for Workstations is FREE for Home Users.
[Avira AntiVir] - is a comprehensive, flexible anti-virus program. Without a license key AntiVir will run in a restricted Demo mode only. For further testing you can order an evaluation key for free.
[Free avast! Linux Home Edition] - represents an antivirus solution for the increasingly popular Linux platform. This software is designed exclusively for home users and non-commercial use. Both of these conditions should be met!
[Norman Virus Control (NVC) for Linux] - offers both On- access and On- demand scanning of files residing on the servers or workstations.
[Panda Antivirus for Linux] - is an antivirus designed to be managed from the command line or console. It scans files using both string searches and heuristic methods.
[Sophos Anti-Virus] - protects your network, desktop and even remote laptop computers from viruses and spam.
[BitDefender Antivirus] - Complete virus defense solutions designed for easy virus prevention on Linux systems.
[Viralator] - is a Perl script that virus scans http downloads request on a UNIX server after passing through the Squid proxy server.
[SquidClamAV Redirector] - is a Squid helper Script, to get Virus scanning for defined Extensions. The Script was tested with Python, pyclamav, ClamAV and Squid.
[DansGuardian] - is an Open Source web content filter. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering.
[DansGuardian Anti-Virus Plugin] - is a GPL addon that takes Virus Scanning capabilities and integrates them into the content filtering web proxy DansGuardian.
[SquidGuard] - is a free (GPL), flexible and ultra fast filter, redirector and access controller plugin for squid. It lets you define multiple access rules with different restrictions for different user groups on a squid cache. squidGuard uses squid's standard redirector interface.
[Privoxy] - is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious junk.
|
|
|
|
|
