you are here: home > security > tools > hardening
Call trans opt: receveid. 9-18-99 14:32:31 REC:log>
WARNING: carrier anomaly
Trace program: running
> Welcome 213.186.33.16
16.05.2008 - 12:55 (10:55 GMT)
5orry, you have... NO MAIL.

Hardening : The Complete Toolsbox

  • This category contains 15 Tools
  • The last tool was added on 2007-02-12 (YYYY-MM-DD)
  • Use the Source Lucie!!! >:)

 Bastille Linux -v3.0.8

Published on 2005-09-12 - by Jon Lasser, ©Jon Lasser.

The Bastille Hardening System attempts to harden or tighten the Linux™ operating system. It currently supports Red Hat™ and Mandrake™ systems, with support on the way for Debian™, SuSE™, TurboLinux™ and HP-UX™. We attempt to provide the most secure, yet usable, system possible. The project is run by Jon Lasser, Lead Coordinator and Jay Beale, Lead Developer, and involves a number of developers, beta-testers and concept-creators.

 chkrootkit -v0.44

Published on 2004-11-05 - by Nelson Murilo, ©Nelson Murilo.

chkrootkit is a tool to locally check for signs of a rootkit.

 grsecurity -v2.1.1-2.4.29-200501

Published on 2005-01-24 - by Brad Spengler and Michael Dalton, ©Brad Spengler and Michael Dalton.

grsecurity is an innovative approach to security utilizing a multi-layered detection, prevention, and containment model. It is licensed under the GPL. It offers among many other features:

 IP Sentinel -v0.11

Published on 2004-12-16 - by Enrico Scholz, ©Enrico Scholz.

This program tries to prevent unauthorized usage of IPs within the local ethernet broadcastdomain by giving an answer to ARP-requests. After receiving such a faked reply, the requesting party stores the told MAC in its ARP-table and will send future packets to this MAC. Because this MAC is invalid, the host with the invalid IP can not be reached.

 jailed -v1.0.0

Published on 2004-04-29 - by Johan Lindh, ©Johan Lindh.

Implements a nonprivileged jailroot. Allows environment to be specified, does std(in/out/err) redirection and can restart a failed child.

 kstat -v1.1

Published on - by FuSyS, ©s0ftpr0ject.

This is a major update of kstat, since its release for the 2.2.x kernels. This runs on 2.4.x only, and can better assist in finding and removing troyan LKMs. It sports network socket dumps, sys_call fingerprinting, stealth modules scanning and more. This is not a 'signature-tool'. This requires a bit of expertise and knowledge of what is going on.

 ModSecurity -v1.8.5

Published on 2003-10-26 - by Ivan Ristic, ©Ivan Ristic.

ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding applications from attacks. ModSecurity supports Apache (both branches) today, with support for Java-based servers coming soon.

 mod_dosevasive -v1.9

Published on 2004 - by Jonathan A. Zdziarski, ©Jonathan A. Zdziarski.

mod_dosevasive is an evasive maneuvers module for Apache to provide evasive action in the event of an HTTP DoS or DDoS attack or brute force attack. It is also designed to be a detection and network management tool, and can be easily configured to talk to ipchains, firewalls, routers, and etcetera. mod_dosevasive presently reports abuses via email and syslog facilities.

 NetSPoC -v2.4

Published on 2005 - by Heinz Knutzen, ©Heinz Knutzen.

NetSPoC is a tool for security managment of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains.

NetSPoC provides its own language for describing the security policy and topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which not. NetSPoC is topology aware: a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.

 PIKT -v1.18.0

Published on 2005-01-10 - by Robert Osterlund, ©Robert Osterlund.

PIKTŪ is a cross-categorical, multi-purpose toolkit to monitor and configure computer systems, organize system security, format documents, assist command-line work, and perform other common systems administration tasks.

 psad -v1.4

Published on 2004-11-26 - by Michael B. Rash, ©Michael B. Rash.

The Port Scan Attack Detector (psad) is a program written in Perl that is designed to work with Linux firewalling code (iptables in the 2.4.x kernels, and ipchains in the 2.2.x kernels) to detect port scans. It features a set of highly configurable danger thresholds (with sensible defaults provided), verbose alert messages that include the source, destination, scanned port range, begin and end times, tcp flags and corresponding nmap options (Linux 2.4.x kernels only), email alerting, and automatic blocking of offending ip addresses via dynamic configuration of ipchains/iptables firewall rulesets. In addition, for the 2.4.x kernels psad incorporates many of the tcp signatures included in Snort to detect highly suspect scans for various backdoor programs (e.g. EvilFTP, GirlFriend, SubSeven), DDoS tools (mstream, shaft), and advanced port scans (syn, fin, Xmas) which are easily leveraged against a machine via nmap.

 rkdet -v0.54

Published on 2002-08-18 - by Andrew Daviel, ©Andrew Daviel.

This program is a daemon intended to catch someone installing a rootkit or running a packet sniffer. It is designed to run continually with a small footprint under an innocuous name. When triggered, it sends email, appends to a logfile, and disables networking or halts the system. it is designed to install with the minimum of disruption to a normal multiuser system, and should not require rebuilding with each kernel change or system upgrade.

 Rootkit Hunter -v1.2.1

Published on 2005-02-21 - by M. Boelen, ©M. Boelen.

Rootkit scanner is scanning tool to ensure you for about 99.9% you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

  • MD5 hash compare
  • Look for default files used by rootkits
  • Wrong file permissions for binaries
  • Look for suspected strings in LKM and KLD modules
  • Look for hidden files
  • Optional scan within plaintext and binary files

 Scrutinizer -v1.03

Published on 2005-01-10 - by remo ryter and markus roth, ©remo ryter and markus roth.

The scrutinizer is an OpenSource Project aimed to protect web application from HTTP (D)DoS Attacks. It's a toolkit consisting out of an analysis engine which analyses webserver access logfiles in almost real time, an Apache module which is able to block wrongdoers on the webserver, an extension to block offenders already on netfilter firewalls and a set of visualization tools.

 TCP Wrapper -v7.6

Published on 2003-01-12 - by Wietse Venema, ©Wietse Venema.

The package provides tiny daemon wrapper programs that can be installed without any changes to existing software or to existing configuration files. The wrappers report the name of the client host and of the requested service; the wrappers do not exchange information with the client or server applications, and impose no overhead on the actual conversation between the client and server applications.

Search: