Console  GNOME   KDE   X11    Themes

This section contains programs to help you maintain security on your Linux box.

AIDE

• Version: Development 0.6
• Byte Size:  207.5 KB (212,475 bytes)
• License: GPL
• Revision Date: January 9th, 2000
• Home Page: http://www.cs.tut.fi/~rammer/aide.html
• Description: AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
  

Bastille Linux

• Version: Stable 1.0.3  /  Development 1.0.4 pre4
• Byte Size:  106.6 KB  /  141.3 KB
• License: GPL
• Revision Date: March 20th, 2000
• Home Page: http://bastille-linux.org/
• Description: Bastille Linux aims to be the most comprehensive, flexible, and educational Security Hardening Program for Red Hat Linux 6.0/6.1. Virtually every task it performs is optional, providing immense flexibility. It educates the installing admin regarding the topic at hand before asking any question. The interactive nature allows the program to be more thorough when securing, while the educational component produces an admin who is less likely to compromise the increased security.
  

BCWipe

• Version: Stable 0.1b
• Byte Size:  16.7 KB (17,064 bytes)
• License: GPL
• Revision Date: February 4, 2000
• Home Page: http://www.jetico.com/
• Binary: RPM
• Description: The BCWipe utility is designed to securely delete files from the disk. Standard file deletion leaves the contents of the "deleted" file on your disk. Unless it has been overwritten by files subsequently saved, it can be recovered using standard disk utilities.
  

Check.pl

• Version: Stable 1.0
• Byte Size:  3.8 KB (3,864 bytes)
• License: GPL
• Revision Date: May 12, 1999
• Home Page: http://opop.nols.com/index.shtml/
• Description: Check.pl runs through all of the files and directories that it is given as arguments and determines the permissions. It then sends a list of "dangerous" files to stdout which can be redirected to a file. This program should be run as a regular user to check for writeable directories, suid, guid, and writeable files. Helps admins sniff out files that have incorrect permissions.
  

FakeBO

• Version: Stable 0.4.1
• Byte Size:  105.9 KB (108,490 bytes)
• License: GPL
• Revision Date: June 03, 1999
• Home Page: http://cvs.linux.hr/fakebo/
• Binary: RedHat 0.4.1 Solaris PPC Source Alpha
• Description: Have you ever wanted to know who is trying to access your computer with Back Oriffice? This program fakes BO server and logs every attempt from BO client. It is possible to log attempts to /var/log/fakebo.log or stdout. It can send fake pings and replies back to BO client.
  

fcheck

• Version: Stable 2.07.45
• Byte Size:  23.3 KB (23,899 bytes)
• License: GPL
• Revision Date: November 13, 1999
• Home Page: http://sites.netscape.net/fcheck/
• Description: Fcheck is a PERL script providing intrusion detection and policy enforcement of Windows 95/98/NT/3.x and UNIX server administration through the use of comparative system snapshots. It can provide notification through your event management system, printer, and/or e-mail when any monitored file system changes
  

HostSentry

• Version: Stable 0.02
• Byte Size:  33.2 KB (33,983 bytes)
• License: GPL
• Revision Date: June 26, 1999
• Home Page: http://www.psionic.com/
• Note: This is part of the Abacus Project. http://www.psionic.com/abacus/
• Description: HostSentry is a host based intrusion detection tool that performs Login Anomaly Detection (LAD). This tool allows administrators to spot strange login behavior and quickly respond to compromised accounts and unusual behavior. HostSentry incorporates a dynamic database and actually "learns" the user login behavior. This behavior is then utilized by modular signatures to detect unusual events.
  

lsh

• Version: Development 0.9
• Byte Size:  593.2 KB (607,473 bytes)
• License: GPL
• Revision Date: February 23, 2000
• Home Page: http://www.lysator.liu.se/~nisse/
• Binary: RPM Source
• Description: lsh is a GPL'd replacement for ssh. ssh (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure networks.
  

mcrypt

• Version: Stable 2.5.1
• Byte Size:  228.0 KB (233,472 bytes)
• License: GPL
• Revision Date: March 13th, 2000
• Home Page: http://hq.hellug.gr/~mcrypt/
• Binary: RPM
• Description: mcrypt is a replacement for the old unix crypt(1). It uses the block algorithms DES, TripleDES, Blowfish, 3-WAY, SAFER-SK64, SAFER-SK128, TWOFISH, TEA, RC2, RC6, IDEA and GOST in CBC, OFB, CFB and ECB modes. It is compatible with the old unix crypt(1) and the solaris des(1).
  

MD5-based crypt

• Version: Stable 1.0
• Byte Size:  8.2 KB (8,366 bytes)
• License: GPL
• Revision Date: October 17, 1997
• Home Page: http://metalab.unc.edu/pub/Linux/apps/crypto
• Description: Support for FreeBSD- and glibc-compatible MD5-based encrypted passwords. Unlimited password length (instead of 8 characters in traditional DES-based passwords), more secure, no US export restrictions.
  

mod_ssl

• Version: Stable 2.6.2-1.3.12
• Byte Size:  715.6 KB (732,772 bytes)
• License: GPL
• Revision Date: March 3, 2000
• Home Page: http://www.modssl.org/
• Binary: RPM
• Description: mod_ssl provides provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1). It is based on the SSL/TLS toolkit OpenSSL.
  

Nmap

• Version: Stable 2.12  /  Development 2.3 BETA 14
• Byte Size:  321.8 KB  /  433.5 KB
• License: GPL
• Revision Date: June 26th, 1999
• Home Page: http://www.insecure.org/nmap/index.html
• Binary: 2.12 RPM, 2.2 b9 RPM PPC Source Alpha
• Description: Nmap is a utility for network exploration or security auditing. It supports ping scanning (determining which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, scanning, and more.
  

pgpgpg

• Version: Stable 0.13
• Byte Size:  51.9 KB (53,135 bytes)
• License: GPL
• Revision Date: July 16, 1999
• Home Page: http://www.nessie.de/mroth/pgpgpg/
• Binary: Source RPM PPC
• Description: Pgpgpg is a wrapper around Gnu Privacy Guard which takes PGP 2.6 command line options, translate them and then call GnuPG (Gnu Privacy Guard) to perform the desired action. PGP and GnuPG are encryption programs with high security encryption engines. However, PGP is available without a fee but is not really free software. GnuPG on the other hand is really free software and have additionally features but have a different command line syntax then PGP. The goal of pgpgpg is to plug in a command line syntax in front of GnuPG equal to PGP 2.6. With pgpgpg most scripts and applications written to use PGP 2.6 should normally work with GnuPG too. By using pgpgpg these applications also benefits from the fact that GnuPG doesn't use the patented and non free RSA nor IDEA algorithm.
  

PortSentry

• Version: Stable 1.0
• Byte Size:  42.0 KB (43,034 bytes)
• License: GPL
• Revision Date: December 3, 1999
• Home Page: http://www.psionic.com/
• Binary: RPM
• Description: PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. There are other port scan detectors that perform similar detection of scans, but PortSentry has some unique features that may make it worth looking into.
  

pyCA

• Version: Stable 0.6.3
• Byte Size:  65.1 KB (66,669 bytes)
• License: GPL
• Revision Date: December 30, 1999
• Home Page: http://sites.inka.de/ms/python/pyca/
• Description: A collection of scripts and CGI-BIN programs written in Python for setting up and maintaining a certification authority.
  

saint

• Version: Stable 1.5  /  Development 2.0.beta2
• Byte Size:  431.9 KB  /  596.0 KB
• License: OpenSource
• Revision Date: March 10th, 2000
• Home Page: http://www.wwdsi.com/saint/
• Binary: RPM Alpha
• Description: Saint is a security assessment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity and a feature rich HTML interface.
  

SBScan

• Version: Stable 0.05
• Byte Size:  25.5 KB (26,142 bytes)
• License: MIT
• Revision Date: October 5, 1999
• Home Page: http://www.coronus.com/~simonb/security/sbscan/
• Description: SBScan is a tool designed to assist system administrators who can't be bothered doing anything by hand. Currently this tool checks for the following; Anonymous FTP, Unpassworded accounts, Open Ports / l33t Open Ports, Entire Subnet Promisc Check, Local Machine Promisc Check, Suspicious Files, RHost files, Sniffer check - Log files, Suid programs in slash home, Evidence of a Rootkit, X Hosts allowed to connect, permissions on vital directories, log file permissions, NFS basic check, and it makes MD5 sums of common files
  

Secure Locate

• Version: Stable 2.1
• Byte Size:  32.8 KB (33,557 bytes)
• License: GPL
• Revision Date: October 19, 1999
• Home Page: http://pep.netnation.com/slocate/
• Binary: Debian, RPM
• Description: Secure Locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also check file permissions and ownership so that users will not see files they do not have access to.
  

Slinux

• Version: Stable 1.1-3
• Byte Size:  6.6 MB (6,921,806 bytes)
• License: GPL
• Revision Date: July 7, 1999
• Home Page: http://www.slinux.cx/
• Description: Slinux is modular Redhat security enhancement suite, which comes with it's own kernel. It's main design goal is to make things as modular as possible, whether you want to run your services in secured environment or perhaps turn your workstation into powerful network monitoring station/intrusion detector.
  

SSA Client/Server

• Version: Stable Server 1.2.6
• Byte Size:  747.1 KB (765,017 bytes)
• License: Shareware
• Revision Date: June 26, 1999
• Home Page: http://www.cyber.ee/ssa/
• Note: Client Also Available: Client 1.2.5
• Description: The SSA is a system for securing the insecure or insufficiently secure communication between the existing network applications. It provides almost any client/server application with strong cryptographic security, ensuring both integrity and confidentiality of the exchanged data as well as authenticating both the client and the server.
  

strobe-classb

• Version: Stable 1.8
• Byte Size:  12.2 KB (12,498 bytes)
• License: GPL
• Revision Date: July 16, 1999
• Home Page: ftp://typhaon.ucs.uwa.edu.au/pub/strobe-classb/
• Binary: RPM Alpha Sparc Source
• Description: strobe-classb is a small and fast network scanner for Linux. It works best on kernel 2.0.36. It was originally designed for scanning for open e-mail relays on your LAN, so that you can get the relevant people to fix them.
  

Sudo

• Version: Stable 1.6.2p3
• Byte Size:  268.0 KB (274,432 bytes)
• License: GPL
• Revision Date: March 13th, 2000
• Home Page: http://www.courtesan.com/sudo/
• Binary: RPM Alpha RPM
• Description: Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis, it is not a replacement for the shell.
  

Tripwire

• Version: Stable 2.0  /  Development 2.2.1
• Byte Size:  2.7 MB  /  2.4 MB
• License: Free For Non-Commercial Use
• Revision Date: March 8th, 1999
• Home Page: http://www.tripwiresecurity.com/
• Binary: RPM Sparc PPC Source
• Description: Tripwire is a straightforward tool with a single purpose: detect any variance in file integrity. This means that Tripwire can absolutely, unequivocally determine if a protected file has been altered in a way that violates the policy set by the administrator. Tripwire can also determine if files have been added to or deleted from protected system directories and much more.
  

ttc

• Version: Stable 3.1
• Byte Size:  32.9 KB (33,647 bytes)
• License: GPL
• Revision Date: August 18, 1999
• Home Page: http://metalab.unc.edu/pub/Linux/system/admin/login/
• Description: This program allows you to control the types of terminals logging into your system. It also has an option to set the timing.
  

ViperDB

• Version: Stable 0.9.1
• Byte Size:  12.0 KB (12,288 bytes)
• License: GPL
• Revision Date: March 13th, 2000
• Home Page: http://www.resentment.org/projects/viperdb/
• Description: ViperDB was created as a smaller & faster alternative to Tripwire. Tripwire while being a great product leaves something to be desired in the speed department and also, by default tripwire generates a report everytime it runs and directs that report to an email address. This hinders most people from running Tripwire every few minutes to do a system check. ViperDB is the answer to this problem.
  

Virtual eXecuting Environment

• Version: Stable 1.0
• Byte Size:  282.5 KB (289,292 bytes)
• License: GPL
• Revision Date: November 18, 1999
• Home Page: http://www.intes.odessa.ua/vxe
• Description: VXE (Virtual eXecuting Environment) protects UNIX servers from intruders, hacker attacks from network and so on. It protects software subsystems, such as: SMTP, POP, HTTP and any other subsystem, already installed on the server. There is no need to change configuration of existing software - just PROTECT it.
  

News   Contact   Advertise   CD ROM   Search   Upload   Help   Home Copyright © 2000 TUCOWS.COM Inc. TUCOWS.COM Inc. has no liability for any content or goods on the TUCOWS site or the Internet, except as set forth in the terms and conditions and privacy statement.