Section: .. / linux / security /
| /// File Name: |
linux-2.2.18-stealth1.diff |
Description:
|
The Stealth Kernel Patch for Linux v2.2.18 makes the linux kernel discard the packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags. Does a very good job of confusing nmap and queso.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Fixed 2.2->2.4 connectivity problems and ported to kernel 2.2.18. | | File Size: | 17836 | | Last Modified: | Dec 20 16:03:03 2000 |
| MD5 Checksum: | a0a77e93859e7bd2b2dba329fc459516 |
|
| /// File Name: |
linux-2.2.17-stealth1.diff |
Description:
|
Patch for linux kernel 2.2.17 to discard packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Now works with kernel v2.2.17. | | File Size: | 17725 | | Last Modified: | Sep 5 22:01:30 2000 |
| MD5 Checksum: | 53833b817e53285259d8e0a1426920f4 |
|
| /// File Name: |
linux-2.2.14-stealth7.diff |
Description:
|
Patch for linux kernel 2.2.14 to discard packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Version 7 has added module sysctl support, and now blocks res1 and res2 packets (bogus flags). | | File Size: | 17717 | | Last Modified: | Mar 24 23:45:12 2000 |
| MD5 Checksum: | 6714a44ace69d33649002399050c669b |
|
| /// File Name: |
linux-2.2.16-stealth1.diff |
Description:
|
Patch for linux kernel 2.2.16 to discard packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets and packets with bogus flags.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Now works with kernel v2.2.16. | | File Size: | 17368 | | Last Modified: | Jun 8 15:45:21 2000 |
| MD5 Checksum: | 5d0d1cbdfbe5918267ee27122975c6c2 |
|
| /// File Name: |
stackshield0.7.tar.gz |
Description:
|
Stack Shield - A "stack smashing" technique protection tool for Linux. The "stack smashing" technique is the most common way used in exploits to break the security of programs. Stack Shield is a tool for adding protection to programs from this kind of attacks at compile time whitout changing a line of code. Stack Shield uses a more secure protection system than other tool like Immunix Stack Guard. Stack Shield is designed to support the GCC under a Linux Intel 386 class platform.
| | Author: | Vendicator | | Homepage: | http://www.angelfire.com/sk/stackshield/ | | File Size: | 17317 | | Last Modified: | Jan 7 17:42:41 2000 |
| MD5 Checksum: | a9bfc8664dce6ffe175fc19a74b38139 |
|
| /// File Name: |
xNBTscan-1.0.tar.gz |
Description:
|
xNBTScan is a GTK 2 interface to the NBTscan program, useful for locating netbios services on a network / penetration testing windows machines from Linux. It supports all options available in NBTscan v1.0.3.
| | Author: | Daten | | Homepage: | http://md2600.dyndns.org/~daten | | File Size: | 15793 | | Last Modified: | Jun 6 01:27:20 2002 |
| MD5 Checksum: | 8b3ae02c00697e196b14d4e35236dd38 |
|
| /// File Name: |
zeppoo-0.0.3.tar.gz |
Description:
|
Zeppoo is a tool that attempts to detect if a rootkit is installed on your system. It also makes it possible to detect hidden tasks, modules, syscalls, some corrupted symbols and also hidden connections.
| | Homepage: | http://www.zeppoo.net | | Changes: | Rewritten in C. | | File Size: | 15569 | | Last Modified: | May 22 02:15:45 2006 |
| MD5 Checksum: | 4983770db082ff67978de475dd92d53a |
|
| /// File Name: |
listener-0.8.tgz |
Description:
|
This program listens for sound. If it detects any, it starts recording automatically and also automatically stops when things become silent again.
| | Author: | Folkert van Heusden | | Homepage: | http://www.vanheusden.com/listener/ | | Changes: | Added external filter support. | | File Size: | 15272 | | Last Modified: | Dec 31 17:34:14 2004 |
| MD5 Checksum: | bb99dc9d440bd6a1c08f3470f5163bda |
|
| /// File Name: |
11logger-0.1.3.tar.gz |
Description:
|
11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.
| | Author: | Antirez | | Homepage: | http://www.kyuzz.org/antirez/sigsegv | | Changes: | This release fixes a problem with the kernel patch which didn't unlock the spin lock in signal.c, and segvdump now reports more information on i386. | | File Size: | 14925 | | Last Modified: | Oct 17 03:03:04 2000 |
| MD5 Checksum: | 8549e144fe49292e8d94bff8765b1cd4 |
|
| /// File Name: |
tcpspy-1.7.tar.gz |
Description:
|
tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.
| | Author: | Tim J Robbins | | Homepage: | http://box3n.gumbynet.org/~fyre/software | | Changes: | The syslog facility is no longer hardcoded, warnings are issued when running slowly, documentation updates, and a few minor bugfixes. | | File Size: | 14813 | | Last Modified: | Jun 1 19:55:18 2001 |
| MD5 Checksum: | 8bd8f850057990aacf105ae3b5b20127 |
|
| /// File Name: |
kstat.tar.gz |
Description:
|
Kstat is a tool for Linux which can find an attacker in your system by a direct analysis of the kernel via /dev/kmem, bypassing the hiding techniques of the intruder (kernel static recompilation/use of LKMs). Kstat can find the syscalls which were modified by a LKM, list the linked LKMs, query one or all the network interfaces of the system, list all the processes and much more.
| | Author: | Fusys | | Homepage: | http://www.s0ftpj.org | | File Size: | 14523 | | Last Modified: | Jan 4 17:54:20 2001 |
| MD5 Checksum: | f6314c81beecea2df666f5c49f166c38 |
|
| /// File Name: |
linux-2.2.14-stealth6.diff |
Description:
|
Patch for linux kernel 2.2.14 to discard packets that many OS detection tools use to query the TCP/IP stack. Includes logging of the dropped query packets.
| | Author: | Sean Trifero | | Homepage: | http://www.innu.org/~sean | | Changes: | Module support! | | File Size: | 14468 | | Last Modified: | Mar 1 16:26:27 2000 |
| MD5 Checksum: | 07aeb534f91f4e9c676972c8649306da |
|
| /// File Name: |
11logger-0.1.2.tar.gz |
Description:
|
11logger is a small kernel patch, a module and some userspace tools to add SIGSEGV logging and history capabilities to Linux 2.2.x. 11logger is very useful in security auditing and general debugging.
| | Author: | Antirez | | Homepage: | http://www.kyuzz.org/antirez/sigsegv | | File Size: | 14278 | | Last Modified: | Oct 15 16:17:33 2000 |
| MD5 Checksum: | 97cb589fc62c6686a733897e1eea8076 |
|
| /// File Name: |
tcpspy-1.6.tar.gz |
Description:
|
tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.
| | Author: | Tim J Robbins | | Homepage: | http://box3n.gumbynet.org/~fyre/software | | Changes: | Rules can now be read from a file. Also includes code cleanup and optimizations. | | File Size: | 14215 | | Last Modified: | Apr 27 16:49:42 2001 |
| MD5 Checksum: | a8338ef64c32e16054457b47c91b9a49 |
|
| /// File Name: |
tcpspy-1.5.tar.gz |
Description:
|
tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.
| | Author: | Tim J Robbins | | Homepage: | http://box3n.gumbynet.org/~fyre/software | | Changes: | Bug fixes. | | File Size: | 13875 | | Last Modified: | Mar 16 20:51:16 2001 |
| MD5 Checksum: | fa5d567c487fa7f63b73fd15e2f6eddf |
|
| /// File Name: |
appcap.tar.gz |
Description:
|
Appcap is an application for x86 Linux which allows root on a machine to attach and redirect standard input and output of any application to his actual tty. Appcap can help admins running a multiuser machine to snoop on users. It is especially very useful for tracing and monitoring ssh and telnet sessions.
| | Author: | Paul Starzetz | | Homepage: | http://appcap.ihaquer.com | | File Size: | 12930 | | Last Modified: | Feb 12 01:11:08 2002 |
| MD5 Checksum: | 57e5a96a36f90b00238f3757fa3e557b |
|
| /// File Name: |
memfetch-0.5.tgz |
Description:
|
Memfetch dumps the memory of a program without disrupting its operation, either immediately or on the nearest fault condition (such as SIGSEGV). It can be used to examine suspicious or misbehaving processes on your system, verify that processes are what they claim to be, and examine faulty applications using your favorite data viewer so that you are not tied to the inferior data inspection capabilities in your debugger.
| | Author: | Michal Zalewski | | Homepage: | http://lcamtuf.coredump.cx | | Changes: | Introduces script for easier regex lookups in memory snapshots, and some other minor fixes. | | File Size: | 12435 | | Last Modified: | Oct 21 13:31:12 2003 |
| MD5 Checksum: | cda6080b905436c11ec996e19c4a5563 |
|
| /// File Name: |
memfetch.tgz |
Description:
|
Unavailable.
| | File Size: | 11907 | | Last Modified: | Dec 15 17:46:08 2002 |
| MD5 Checksum: | 54e7ecc38d63b2dc07b2e963d36181ac |
|
| /// File Name: |
SuSEcompartment-0.5.tar.gz |
Description:
|
SuSE Compartment is a program to build secure compartments for running untrsted/insecure programs, and has got the usual uid/gid setting and chrooting abilitity, but the nice thing is the easy access to linux per process capabilities.
| | Author: | Marc | | Homepage: | http://www.suse.de/~marc | | File Size: | 11745 | | Last Modified: | Jan 4 03:49:07 2000 |
| MD5 Checksum: | 36dba996d9a965fbdfaa8da84ed672fb |
|
| /// File Name: |
arpwrap.linux.180701.tgz |
Description:
|
Arpwarp is a tool which attempts to detect ARP spoofing attacks before executing a unix command (such as SSH or Telnet). This is the linux version - The solaris version is available here.
| | Author: | Nicolas Monier | | File Size: | 11577 | | Last Modified: | Jul 19 20:00:26 2001 |
| MD5 Checksum: | 3561bd69e316cea6392f2ee4250bf40e |
|
| /// File Name: |
dspspy1.1.3.tar.gz |
Description:
|
dspspy is a sound recording utility for spying. dspspy waits until a sound is detected (input via /dev/dsp) and then it records it to a unique file. dspspy records sounds from the microphone to raw sound files. This can be used as a surveillance system.
| | Author: | Richard Svensson | | Homepage: | http://www.geocities.com/dvoid_2000/projects.html | | Changes: | Major code rewrite using the ncurses library. A pause feature using SPACE has been added. | | File Size: | 11202 | | Last Modified: | Jun 13 16:17:38 2000 |
| MD5 Checksum: | 6f5dba88451baa4fd5cd11564993e3e9 |
|
| /// File Name: |
viagra.pl |
Description:
|
Viagra.pl is a linux hardening script which implements the /proc suggestions in the article available at http://www.securityfocus.com/infocus/1711. Disables ICMP ping replies, broadcast replies, source routed packets, packet spoofing protection, ignores ICMP redirects, packet forwarding, changes ip fragmentation buffers, allowed local sockets, rate limit ICMP replies, reject new ARP entries, change arp timeouts, enables syncookies, and more.
| | Author: | Luke Macken | | File Size: | 11150 | | Last Modified: | Dec 15 01:07:09 2003 |
| MD5 Checksum: | 0cafdbb608cbd0c630175d54e4e1db13 |
|
| /// File Name: |
tcpspy-1.4.tar.gz |
Description:
|
tcpspy is a linux administrator's tool that logs information about incoming and outgoing TCP/IP connections: local address, remote address and, probably the most useful feature, the user name. The current version allows you to include and exclude certain users from logging - this may be useful if you suspect one of the users on your system is up to no good but do not want to violate the privacy of the other users.
| | Author: | Tim J Robbins | | Homepage: | http://box3n.gumbynet.org/~fyre/software | | Changes: | Can now log the filename of the executable that created or accepted connections. Assorted bug fixes and code cleanups. | | File Size: | 11051 | | Last Modified: | Dec 7 13:41:09 2000 |
| MD5 Checksum: | 320900fd99bc47d1f81a86cd78e934e7 |
|
| /// File Name: |
lsat-0.1.6.tgz |
Description:
|
Linux Security Auditing Tool (LSAT) is a post install security auditing tool for Red Hat. It is modular in design, so new features can be added quickly. It checks inetd entries and scans for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.
| | Homepage: | http://www.dimlight.org/~number9/lsat/ | | Changes: | checkinetd module now checks hosts.allow and hosts.deny files. Lots of documentation has been added to the main file and modules. A changelog has been added. | | File Size: | 10693 | | Last Modified: | Apr 6 03:10:01 2002 |
| MD5 Checksum: | ac439a1b22d6463531ae229b1afc6d55 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
