Section: .. / linux / security /
| /// File Name: |
ZoneMinder-1.22.3.tar.gz |
Description:
|
ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
| | Author: | Philip Coombes | | Homepage: | http://www.zoneminder.com | | Changes: | Mostly bug fixes with a couple of minor feature additions. | | File Size: | 1258311 | | Last Modified: | Dec 7 04:57:20 2006 |
| MD5 Checksum: | 4677739d31807339d621e6e04bc62790 |
|
| /// File Name: |
psad-1.4.8.tar.gz |
Description:
|
Port Scan Attack Detector (psad) is a collection of four lightweight daemons written in Perl and C that are designed to work with Linux firewalling code (iptables and ipchains) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, TCP flags and corresponding nmap options, email alerting, and automatic blocking of offending IP addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the TCP, UDP, and ICMP signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap. Psad also uses packet TTL, IP id, TOS, and TCP window sizes to passively fingerprint the remote operating system from which scans originate. Changelog available here.
| | Homepage: | http://www.cipherdyne.org | | Changes: | Bug fixes and some cool new features. | | File Size: | 698111 | | Last Modified: | Nov 30 03:57:57 2006 |
| MD5 Checksum: | ad500746d0991878816201f310239df5 |
|
| /// File Name: |
zeppoo-0.0.4.tar.gz |
Description:
|
Zeppoo is a tool that attempts to detect if a rootkit is installed on your system. It also makes it possible to detect hidden tasks, modules, syscalls, some corrupted symbols and also hidden connections.
| | Homepage: | http://www.zeppoo.net | | Changes: | Support for Redhat, Ubuntu added, support for amd64 architecture, various bugfixes. | | File Size: | 41276 | | Last Modified: | Nov 3 17:59:38 2006 |
| MD5 Checksum: | 15378e27d08dc883354748d2f1a177d2 |
|
| /// File Name: |
safebreaker.tar |
Description:
|
Safebreaker is a demonstration next-generation packet-sniffing backdoor, that doesn't require libpcap. It offers a full terminal support, comes with a tls encryption for the connection, and the authentication parameters are configurable.
| | Author: | Amir Alsbih | | Homepage: | http://www.informatik.uni-freiburg.de/%7Ealsbiha/code.htm | | File Size: | 30720 | | Last Modified: | Oct 25 18:03:54 2006 |
| MD5 Checksum: | ffa51e5800f9e95944c72eecae91bdbf |
|
| /// File Name: |
rsbac-common-1.3.0.tar.bz2 |
Description:
|
Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.
| | Homepage: | http://www.rsbac.org | | Changes: | Various updates and code fixes. | | File Size: | 361402 | | Last Modified: | Oct 18 19:59:23 2006 |
| MD5 Checksum: | 045b8ce1b4db9cbd87535a3949f56b8d |
|
| /// File Name: |
sysmask-1.08.tgz |
Description:
|
Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
| | Author: | XIAO Gang | | Homepage: | http://wims.unice.fr/sysmask/doc/index.html | | Changes: | Kernel patch update for 2.6.17.13 and 2.4.33.3. Fixed malformed kernel patch problem. | | File Size: | 226076 | | Last Modified: | Oct 4 23:56:57 2006 |
| MD5 Checksum: | 065a77e7fef6c08ad0d590c084610ab2 |
|
| /// File Name: |
rsbac-common-1.2.8.tar.bz2 |
Description:
|
Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.
| | Homepage: | http://www.rsbac.org | | Changes: | Change the i386 syscalls to the standard syscall3. New rsbac_printk / rsbac_syslog code from 1.3-pre as fix for logging related lockups on SMP systems. Changed RC and ACL default rights to UM GROUPs to include READ instead of GET_STATUS_DATA. | | File Size: | 375930 | | Last Modified: | Aug 30 04:29:37 2006 |
| MD5 Checksum: | f07465403dc074bc878d7f57275480a6 |
|
| /// File Name: |
linux-2.4.33-ow1.tar.gz |
Description:
|
The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.
| | Author: | Solar Designer | | Homepage: | http://www.openwall.com/linux | | Changes: | Minimal changes. | | File Size: | 35384 | | Last Modified: | Aug 27 02:43:10 2006 |
| MD5 Checksum: | c46b4701289deee81436e56a497b2a0a |
|
| /// File Name: |
grsecurity-2.1.9-2.4.33.2-200608231..> |
Description:
|
A new grsecurity patch has been released. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
| | Author: | spender | | Homepage: | http://www.grsecurity.net | | File Size: | 162213 | | Last Modified: | Aug 27 02:37:37 2006 |
| MD5 Checksum: | de2c3d1c8733bafe8b9a7d4db0eccc82 |
|
| /// File Name: |
StMichael_LKM-0.13-k2.6.tar.gz |
Description:
|
StMichael is a LKM that attempts to provide a level of protection against kernel-module rootkits. StMichael is designed to be loaded early in the system boot process, and is intended to be present and running on its host system prior to the introduction of malicious kernel modules. StMichael provides this protection by monitoring various portions of the kernel, and optionally the entire kernel text itself, for modifications that may indicate the presence of a malicious kernel module. If rootkit-like activity is detected, StMichael will attempt to recover the kernel's integrity by rolling back the changes made to a previously known-good state.
| | Author: | Rodrigo Rubira Branco | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Special 2.6 release for Defcon. Intended for developers who want to help improve the project but no longer care to work on the 2.4 kernel related release. | | File Size: | 198786 | | Last Modified: | Aug 17 05:03:30 2006 |
| MD5 Checksum: | 44ecd426b3f7a5cb9de7cda5bb696bce |
|
| /// File Name: |
StMichael_LKM-0.13.tar.gz |
Description:
|
StMichael is a LKM that attempts to provide a level of protection against kernel-module rootkits. StMichael is designed to be loaded early in the system boot process, and is intended to be present and running on its host system prior to the introduction of malicious kernel modules. StMichael provides this protection by monitoring various portions of the kernel, and optionally the entire kernel text itself, for modifications that may indicate the presence of a malicious kernel module. If rootkit-like activity is detected, StMichael will attempt to recover the kernel's integrity by rolling back the changes made to a previously known-good state.
| | Author: | Rodrigo Rubira Branco | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Last release under the 2.4 kernel series. Only bug fixes will be made after this point. | | File Size: | 40668 | | Last Modified: | Aug 17 05:02:31 2006 |
| MD5 Checksum: | b6a8b2beb27ce81cd202593b35c71df7 |
|
| /// File Name: |
multiadm-1.0.6.tar.bz2 |
Description:
|
The MultiAdmin security framework kernel module provides a means to have multiple root users with unique UIDs. This bypasses collation order problems with NSCD, allows you to have files with unique owners, and allows you to track the quota usage for every real user. It also implements a sub-admin, a partially restricted root user who has full read-only access to most subsystems, but write rights only to a limited subset, for example writing to files or killing processes only of certain users.
| | Author: | Jan Engelhardt | | Homepage: | http://alphagate.hopto.org/multiadm/ | | Changes: | Rediffed for linux-2.6.18-rc1. | | File Size: | 19586 | | Last Modified: | Jul 14 03:28:56 2006 |
| MD5 Checksum: | c9405ed6a85cdf6ad4aa599009a27c7c |
|
| /// File Name: |
rsbac-common-1.2.7.tar.bz2 |
Description:
|
Rule Set Based Access Control (RSBAC) is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) and provides a flexible system of access control implemented with the help of a kernel patch. All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions.
| | Homepage: | http://www.rsbac.org | | Changes: | Fixed spacing in debian changelog. | | File Size: | 381703 | | Last Modified: | Jun 12 03:19:58 2006 |
| MD5 Checksum: | bbf8a760689c2ff98904fa8eca7cbef3 |
|
| /// File Name: |
ZoneMinder-1.22.2.tar.gz |
Description:
|
ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
| | Author: | Philip Coombes | | Homepage: | http://www.zoneminder.com | | Changes: | Mostly bug fixes with a couple of minor feature additions. | | File Size: | 1246851 | | Last Modified: | Jun 4 23:07:26 2006 |
| MD5 Checksum: | b38ad6ff8c71c589e04d32f8352d2b9c |
|
| /// File Name: |
zeppoo-0.0.3.tar.gz |
Description:
|
Zeppoo is a tool that attempts to detect if a rootkit is installed on your system. It also makes it possible to detect hidden tasks, modules, syscalls, some corrupted symbols and also hidden connections.
| | Homepage: | http://www.zeppoo.net | | Changes: | Rewritten in C. | | File Size: | 15569 | | Last Modified: | May 22 02:15:45 2006 |
| MD5 Checksum: | 4983770db082ff67978de475dd92d53a |
|
| /// File Name: |
multiadm-1.0.5.tar.bz2 |
Description:
|
The MultiAdmin security framework kernel module provides a means to have multiple root users with unique UIDs. This bypasses collation order problems with NSCD, allows you to have files with unique owners, and allows you to track the quota usage for every real user. It also implements a sub-admin, a partially restricted root user who has full read-only access to most subsystems, but write rights only to a limited subset, for example writing to files or killing processes only of certain users.
| | Author: | Jan Engelhardt | | Homepage: | http://alphagate.hopto.org/multiadm/ | | Changes: | Most LSM hooks have been collapsed and unused arguments have been removed. capable() was slightly changed which made the patch smaller. The MultiAdmin module and kernel patch were updated to 2.6.17-rc3. | | File Size: | 19686 | | Last Modified: | May 2 02:29:30 2006 |
| MD5 Checksum: | bb52729a71ea68c7b6f177ed1a85a738 |
|
| /// File Name: |
ZoneMinder-1.22.1.tar.gz |
Description:
|
ZoneMinder is a suite of applications intended for use in video camera security applications, including theft prevention and child or family member monitoring. It supports capture, analysis, recording, and monitoring of video data coming from one or more cameras attached to a Linux system. It also features a user-friendly Web interface which allows viewing, archival, review, and deletion of images and movies captured by the cameras. The image analysis system is highly configurable, permitting retention of specific events, while eliminating false positives. ZoneMinder supports both directly connected and network cameras and is built around the definition of a set of individual 'zones' of varying sensitivity and functionality for each camera. This allows the elimination of regions which should be ignored or the definition of areas which will alarm if various thresholds are exceeded in conjunction with other zones. All management, control, and other functions are supported through the Web interface.
| | Author: | Philip Coombes | | Homepage: | http://www.zoneminder.com | | Changes: | A few important features plus some minor enhancements, usability updates and bug fixes. | | File Size: | 1224703 | | Last Modified: | Apr 29 06:51:54 2006 |
| MD5 Checksum: | 9ee8b5b5d467323c254f465256e26404 |
|
| /// File Name: |
ext2hide-0.99.9.tar.gz |
Description:
|
ext2hide allows the user to save and restore an arbitrary number of files to and from the reserved space in an ext2/3 filesystem's primary and backup superblocks. Using ext2hide, you can use this reserved section to store an arbitrary number of files, where they will be completely invisible to normal filesystem utilities, but still residing in permanent storage on disk. This can be useful for passwords, public keys, anything you like.
| | Author: | Jason McManus | | Homepage: | http://sourceforge.net/projects/ext2hide/ | | File Size: | 34579 | | Last Modified: | Apr 10 20:27:03 2006 |
| MD5 Checksum: | 5fad72166dbdf5efe539ab97337fb75d |
|
| /// File Name: |
zeppoo-0.0.1.tar.gz |
Description:
|
Zeppoo is a tool that attempts to detect if a rootkit is installed on your system. It also makes it possible to detect hidden tasks, modules, syscalls, some corrupted symbols and also hidden connections. Written in Python.
| | Homepage: | http://www.zeppoo.net | | File Size: | 21430 | | Last Modified: | Mar 2 22:46:05 2006 |
| MD5 Checksum: | 25a91c8b134988ff4319ab0c667f72d3 |
|
| /// File Name: |
sysmask-1.06.tgz |
Description:
|
Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
| | Author: | XIAO Gang | | Homepage: | http://wims.unice.fr/sysmask/doc/index.html | | Changes: | Added skype configuration. Some minor fixes and improvements. | | File Size: | 183778 | | Last Modified: | Feb 8 00:42:48 2006 |
| MD5 Checksum: | 0b508e7103f184159c54d7e5cfd7d77a |
|
| /// File Name: |
kpatch.sh |
Description:
|
kpatch.sh is a shell script illustrating runtime kernel memory patching. For demonstration purposes it shows how to break the kguard module. kpatch does not create any files on the system it runs on. So it is even possible to patch the kernel memory without creating any file on the target machine. It only requires basic shell utilities to work.
| | Author: | kilian klimek | | File Size: | 4447 | | Last Modified: | Feb 5 22:56:17 2006 |
| MD5 Checksum: | e872f9b2a0a9779b9c9083cefc77e03b |
|
| /// File Name: |
dazuko-2.1.1.tar.gz |
Description:
|
Dazuko is a kernel module which provides 3rd-party applications with an interface for file access control. Useful for on-demand virus scanning, as a file-access monitor/logger or external security implementations. It operates by intercepting file-access calls and passing the file information to a 3rd-party application. The 3rd-party application then has the opportunity to tell the kernel module to allow or deny the file-access. The 3rd-party application also receives information about the file, such as type of access, process ID, user ID, etc.
| | Author: | John Ogness | | Homepage: | http://www.dazuko.org | | Changes: | 2.1.1 has been released and is now the recommended stable version. This release has focused on improving support for various Linux kernels, adding a "make install" for Linux, and some minor changes to improve portability. | | File Size: | 162359 | | Last Modified: | Jan 27 15:42:30 2006 |
| MD5 Checksum: | 35ff694434dedb25fe43dad8db4eb943 |
|
| /// File Name: |
multiadm-1.0.4.tbz2 |
Description:
|
The MultiAdmin security framework kernel module provides a means to have multiple root users with unique UIDs. This bypasses collation order problems with NSCD, allows you to have files with unique owners, and allows you to track the quota usage for every real user. It also implements a sub-admin, a partially restricted root user who has full read-only access to most subsystems, but write rights only to a limited subset, for example writing to files or killing processes only of certain users.
| | Author: | Jan Engelhardt | | Homepage: | http://alphagate.hopto.org/multiadm/ | | File Size: | 35106 | | Last Modified: | Jan 27 15:18:02 2006 |
| MD5 Checksum: | 2a30e3ea1cd0cbfd96c3b5ee01d5b1bf |
|
| /// File Name: |
grsecurity-2.1.8-2.6.14.6-200601211..> |
Description:
|
A new grsecurity patch has been released for the 2.6.14.6 Linux kernel series. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
| | Author: | spender | | Homepage: | http://www.grsecurity.net | | File Size: | 165773 | | Last Modified: | Jan 27 15:11:04 2006 |
| MD5 Checksum: | 327972c2f4e8fab890f58d67bb69e77f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
