LinuxBasis.org Security LinuxBasis.org
[Linux Security - News & Howtos] [Linux Security - Downloads]

Linux Security - News & Howtos     Security-Menu
News
[Debian GNU Linux Security Information]  - this page addresses Debian's status with respect to various known security holes, which could potentially affect Debian.
[SUSE Linux: Security Announcements]  - This page regularly informs you about security issues concerning SUSE Linux.
[Red Hat Security Resource Center]  - provides a variety of ways to help improve the security of your Linux- based IT infrastructure.
[MandrakeSecure]  - this site exists to provide you with meaningful information about security in the Mandrake Linux distribution.
[Gentoo]  - Security Announcements.
[Linuxsecurity News].
[LinuxSecurity.com Advisories]  - provides a centralized security advisory resource to members of the Linux / BSD / Open Source communites.
[Pro-Linux Sicherheitsservice]  - Auf diesen Seiten finden Sie alle Sicherheitsmeldungen, die von den wichtigsten Distributionen herausgegeben werden.
[SecurityFocus - Unix].
[SecurityFocus - Bugtraq Archive].
Howtos
[Security Quick-Start HOWTO for Linux]  - This document is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction.
[Security Quick-Start HOWTO for Redhat Linux]  - is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction.
[Securing Debian Manual]  - describes security in the Debian project. Starting with the process of securing and hardening the default Debian GNU/Linux distribution installation. It also covers some of the common tasks to set up a secure network environment using Debian GNU/Linux, gives additional information on the security tools available and talks about how security is enforced in Debian by the security team.
[Anleitung zum Absichern von Debian]  - Dieses Dokument beschreibt den Prozess, eine Debian- Standard- Installation abzusichern und abzuhaerten. Es deckt die alltaegliche Arbeit, eine sichere Netzwerkumgebung mit Debian GNU/Linux zu schaffen ab, und gibt zusaetzlich Informationen über verfuegbare Sicherheits- Tools und die Arbeit des Debian Sicherheit-Teams.
[Linux Security HOWTO]  - This document is a general overview of security issues that face the administrator of Linux systems. It covers general security philosophy and a number of specific examples of how to better secure your Linux system from intruders.
[Secure Your Unix/Linux OS]  - Articles and information to help you understand the holes and vulnerabilities that might be present in a Unix or Linux operating system and the tools and utilities commonly used with them as well as how you can configure your system to be as secure as possible..
[UNIX Configuration Guidelines]  - This document describes commonly exploited UNIX system configuration problems and recommends practices that can be used to help deter several types of break-ins.
[Linux Systemsicherheitsguide]  - beschaeftigt sich mit der Absicherung und generellen Aspekten der Computer- Sicherheit eines Linux-Systems.
[Sicherheit in Netzen]  - ist eine hervorragende Arbeit zum Thema Sicherheit in Netzen in deutsch.
[Linuxsecurity Resources]  - Many documentations.
[Firewall-Architekturen]  - beschreibt eine Vielzahl von Methoden, Firewall-Komponenten zusammenzusetzen, und befasst sich mit deren Vor- und Nachteilen.
[Personal/Desktop-Firewall und Firewall-Ecke]  - bietet: Allgemeines zu Firewalls, Literaturlisten, Mailinglisten, Newsgroups, FAQs, Produktinformationen.
[de.comp.security.firewall FAQ]  - in deutsch & english.
[de.comp.security.misc FAQ]  - in deutsch.
[Firewall and Proxy Server HOWTO]  - This document is designed to describe the basics of firewall systems and give you some detail on setting up both a filtering and proxy firewall on a Linux based system.
[Linux IPCHAINS-HOWTO]  - This document aims to describe how to obtain, install and configure the enhanced IP firewalling chains software for Linux, and some ideas on how you might use them.
[Linux Firewall and Security Site]  - offers a "Firewall Design Tool", iptables Tutorial, Firewall Scripts and links to Reference Papers, Information Sites, Security Software Sites and much more.
[SHREKS iptables-Skripte]  - fuer den Hausgebrauch. Die Regeln sind zwar in der Grundkonfiguration von aussen dicht, erlauben aber lokalen Usern allerhand, was im prof. Umfeld unerwuenscht ist.
[Easy Firewall Generator for IPTables]  - generates an iptables firewall script for use with the 2.4 linux kernel.
[Iptables Tutorial]  - This document will guide you through the setup process of netfilter/iptables step by step.
[Linux 2.4 Packet Filtering HOWTO]  - This document from Rusty Russell describes how to use iptables to filter out bad packets for the 2.4 Linux kernels.
[Linux 2.4 NAT HOWTO]  - describes how to do masquerading, transparent proxying, port forwarding, and other forms of Network Address Translations.
[Packet-Filtering-HOWTO]  - ist eine deutsche Uebersetztung des Linux 2.4 Packet Filtering HOWTO. "Dieses HOWTO wechselt zwischen einer leichten Einfuehrung und rohen Enthuellungen".
[NAT-HOWTO]  - beschreibt auf deutsch, wie man Masquerading, transparente Proxies, Port Forwarding und andere Formen der Network Address Translation mit dem 2.4er Linuxkernel einsetzen kann.
[netfilter/iptables FAQ]  - contains the Frequently Asked Questions as encountered on the netfilter mailing list.
[Introduction to netfilter/iptables]  - Configuring firewalls for Linux (kernel 2.4.x) using netfilter/iptables.
[LinuxGuruz Netfilter IPTABLES Firewall Page]  - offers many links to iptables- scripts, FAQs, Howtos, Tutorials and other Network Security Sites.
[iptables - Die Firewall des Kernels 2.4]  - Dieses Howto von Wolfgang Kinkeldei vermittelt kompakt und verstaendlich die zur Verfuegung stehenden Parameter.
[Sicherheit im Kabelnetzwerk]  - 10 Gebote fuer den Schutz der elektronischen Privatsphaere im Breitbandinternet (Kabelmodem, xDSL, ISDN und andere).
[PGP documentation]  - "If you don't understand the basic principles behind public key cryptography, then you may very well jeopardize both your own and other people's security, and PGP will only give you a false sense of safety".
Linux Security - Downloads     Security-Menu
[Packetstorm]  - is an extremely large and current security tools resource. Packetstorm is a non-profit organization comprised of security professionals dedicated to providing the information necessary to secure the World's networks.
[Network Monitoring Tools]  - This is a list of tools used for Network (both LAN and WAN) Monitoring tools and where to find out more about them. The audience is mainly network administrators.
[Openwall Project]  - security/hacking tools.
[Host Security]  - Scanners, Access Control, Auditing ....
[Secureroot.com]  - Computer Security Resource. Exploits, Hacking, Anonymity, Cracking, Encryption, Phreaking, OS Security, Virii ... and Books devoted to computer security.
[Linux Downloads: Security]  - Security/Hacking Tools like: Scanner, Intrusion Detection System , Password Cracker, SSH and many more.
[Nomad Mobile Research Center]  - Most of the stuff here deals with computer security. All of NMRC's hack and cracks will bring forth the idea that you cannot secure a system for long -- sooner or later someone will find a way around the obstacle.
[Security-enhanced Linux] - is a research prototype of the Linux kernel and a number of utilities with enhanced security functionality designed simply to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux.
[tcpdump]  - is a powerful tool for network monitoring and data acquisition. This program allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface, filter packets that match a certain expression.
[Ettercap]  - is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis, that are integrated with a easy-to-use and pleasureful ncurses interface.
[Security Administrator's Tool for Analyzing Networks (SATAN)]  - recognizes several common networking-related security problems, and reports the problems without actually exploiting them.
[SAINT]  - the "Security Administrator's Integrated Network Tool" is a vulnerability-assessment scanner. SAINT has been released under the original SATAN license and conforms to the Open Source Definition.
[Ethereal]  - is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
[Nmap Security Scanner]  - is a utility for network exploration or security auditing. It supports ping scanning, many port scanning techniques, and TCP/IP fingerprinting. Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more. Console and X-Window versions are available.
[Angst]  - is an active sniffer, based on libpcap and libnet. It provides methods for aggressive sniffing on switched local area network environments. It dumps the payload of all the TCP packets received on the specified ports.
[Sniffit]  - is a packetsniffer, develloped on LINUX, ported to SunOS/SOLARIS, IRIX and FreeBSD. Sniffit has various functions that aren't offered in any other non- commercial sniffer.
[Nessus]  - is a free, powerful remote security scanner.
[chkrootkit]  - is a tool to locally check for signs of a rootkit.
[The Coroner's Toolkit (TCT)]  - is a collection of tools that are either oriented towards gathering or analyzing forensic data on a Unix system. It is primarily designed for Unix systems, but it can some small amount of data collection & analysis from non-Unix disks/media.
[samhain]  - is a file system integrity and intrusion detection tool that allows to trace what changes have occured on a file system, when these changes have occured, and who was logged into the system at the respective time.
[rkdet]  - is a daemon intended to catch someone installing a rootkit or running a packet sniffer. It is designed to run continually with a small footprint under an innocuous name. When triggered, it sends email, appends to a logfile, and disables networking or halts the system.
[Sleuth Kit]  - (previously known as TASK) is a collection of UNIX- based command line file system and media management forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non- intrusive fashion.
[TCP Flow Recorder]  - captures data transmitted as part of TCP connections (flows), and stores data in a way that is convenient for protocol analysis or debugging. tcpflow understands TCP sequence numbers and will reconstruct data streams regardless of retransmissions.
[The Autopsy Forensic Browser]  - is a graphical interface to The Sleuth Kit (TASK). Autopsy allows one to view allocated and deleted file system content in a "File Manager" style interface and perform key word searches.
[Carbonite]  - is an LKM that is designed to investigate and detect rootkits. Carbonite even works with LKM rootkits that patch calls to /proc. It works like lsof and ps at the kernel level, querying every process in Linux's task_struct, which is the kernel structure that maintains information on every running process in Linux.
[Foremost]  - is a linux tool for conducting forensic examinations. Although intended for law enforcement purposes, it may be useful to other members of the community. Foremost reads through a file, such as a dd image file or a disk partition and extracts file.
[Snort]  - is a cross-platform, lightweight network intrusion detection tool that can be deployed to monitor small TCP/IP networks and detect a wide variety of suspicious network traffic as well as outright attacks.
[Tripwire]  - is a tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc.
[Sentry Tools]  - provide host-level security services for the Unix platform. PortSentry, LogSentry, and HostSentry protect against portscans, automate log file auditing, and detect suspicious login activity on a continuous basis.
[SNARE]  - (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralised analysis of audit log data. Agents are available for Linux, Windows, Solaris, IIS, Lotus Notes, Irix, AIX, ISA/IIS & more.
[Kismet]  - is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
[AirSnort]  - is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions then computing the encryption key when enough packets have been gathered.
[Fake AP]  - generates thousands of counterfeit 802.11b access points and therefore confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables.
[WEPCrack]  - is an open source tool for breaking 802.11 WEP secret keys using the latest discovered weakness of RC4 key scheduling.
[aircrack]  - is a 802.11 WEP key cracker. It implements the so-called Fluhrer - Mantin - Shamir (FMS) attack, along with some new attacks by a talented hacker named KoreK.
[WepLab]  - is a tool designed to teach how WEP works, what different vulnerabilities has, and how they can be used in practice to break a WEP protected wireless network.
[WepAttack]  - is a WLAN open source Linux tool for breaking 802.11 WEP keys. This tool is based on an active dictionary attack that tests millions of words to find the right key.
[John the Ripper]  - is a fast password cracker, currently available for many flavors of Unix. Its primary purpose is to detect weak Unix passwords.
[Offline NT Password & Registry Editor]  - This is a utility to (re)set the password of any user that has a valid (local) account on your NT system by a single floppy that uses Linux as the OS.
 
[netfilter/iptables]  - The netfilter/iptables project is the Linux 2.4.x or above firewalling subsystem. It delivers you the functionality of packet filtering (stateless or stateful), all different kinds of NAT (Network Address Translation) and packet mangling.
[IPmenu]  - is a user interface to netfilter/iptables and Linux policy routing or traffic control, allowing you to edit firewall rules and configure the firewall to "mark" packets for policy routing or for class based queueing (CBQ).
[gShield]  - is an iptables firewall for use with the 2.4.x series of the Linux kernel. It is easily configured through a single, well commented configuration file. gShield is released under the GNU General Public License (GPLv2).
[Firestarter]  - is an Open Source visual firewall program. The software aims to combine ease of use with powerful features, therefore serving both Linux desktop users and system administrators.
[Shorewall]  - The Shoreline Firewall, more commonly known as "Shorewall", is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system.
[Seattle Firewall]  - is an ipchains based firewall that can be used on a dedicated masquerading firewall machine (including LRP), a multi-function masquerade gateway/server or on a standalone Linux system.
[BullDog]  - is a powerful but lightweight firewall for heavy use systems. Be prepared to spend some time setting this up. If you are looking for a "quick fix", then you are on the wrong site. BullDog is NOT a quick fix, but rather one step in a complete security policy. It supports ipchains and iptables.
[fBuilder]  - is a web-based utility for building and configuring your ipchains or iptables based Linux firewall. InnerTek Software currently offers two versions of fBuilder: fBuilder Lite - a free version of fBuilder that includes a standard set of features and fBuilder Plus.
[Mason]  - is a tool that interactively builds a firewall using Linux' ipfwadm or ipchains firewalling.
[Knetfilter]  - is a KDE application designed to manage the netfilter functionalities that come with the kernels 2.4 and later.
[Firewall Builder]  - is multi-platform firewall configuration and management tool. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX.
[Easy Firewall Generator for IPTables]  - is designed to easily generate a full-featured iptables configuration script with a variety of the most commonly desired options.
[PuTTY]  - is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator.
[OpenSSH for Windows]  - is a free package that installs a minimal OpenSSH server and client utilities in the Cygwin package without needing the full Cygwin installation.
[OpenSSH]  - is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.
[MindTerm]  - is a client that implements the SSH1 and SSH2 protocols. It is written in pure Java. MindTerm can be used as stand alone software to access standard SSH-aware hosts. Like any SSH client MindTerm can also be used as a client to an AppGate Server system for extended Authorization, Authentication and VPN functionality.
[GnuPG]  - is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
[Seahorse]  - is a Gnome interface for GnuPG. It's main purpose is to be a PGP/GPG Key Manager, though it has other components including a text editor and file manager.
[PGP]  - Here you may download the latest freeware PGP version, whether you want the international or the US variant.
[KGPG]  - is a simple, free, open source KDE frontend for gpg. It will be part of the official KDE 3.2.
[pwsafe]  - is a command line password database program for Unix. It is compatible with Counterpane's Win32 Password Safe software. It can also copy the passwords into the X selection and clipboard, but it doesn't open a visible window. The database is encrypted with blowfish, and a single passphrase decrypts it all.
[PwManager]  - With PwManager you can easily manage your passwords. PwManager saves your passwords blowfish- encrypted in one file, so you have to remember only one master- password instead of all. Instead of the master- password you can use a chipcard, so you don't have to remember a password to access the list.
[MyPasswordSafe]  - is a straight- forward, easy- to- use password manager that maintains compatibility with Password Safe files.
[KisKis]  - is an easy-to-use password manager written in JAVA. So it runs on any platform provided that there is an appropriate Java- Virtual- Machine available.
[Official OpenAntiVirus.org Projects]  - offers specialized Open Source anti-virus, computer security and network security software.
[Clam AntiVirus]  - is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning).
[Anomy sanitizer]  - can scan email attachments for viruses. Other things it can do: block or "mangle" attachments based on their file names, disable potentially dangerous HTML code, such as javascript, within incoming email, etc.
[F-Prot Antivirus for Linux]  - is available in many versions (products and services to suit both the home user as well as the corporate user). The Version for Workstations is FREE for Home Users.
[AntiVir for Linux and FreeBSD]  - is a comprehensive, flexible anti-virus program. Without a license key AntiVir will run in a restricted Demo mode only. For further testing you can order an evaluation key for free.
[avast! for Linux]  - is an antivirus solution for the Linux environment. Considering its robust design, it is primarily intended for Linux-based servers; however, it can easily be used on desktop computers as well.
[Norman Virus Control (NVC) for Linux]  - offers both On- access and On- demand scanning of files residing on the servers or workstations.
[Panda Antivirus for Linux]  - is an antivirus designed to be managed from the command line or console. It scans files using both string searches and heuristic methods.
[Sophos Anti-Virus]  - protects your network, desktop and even remote laptop computers from viruses and spam.