| [Linux
Security - News & Howtos] |
[Linux
Security - Downloads] |
Linux Security - News &
Howtos  |
| News |
[Debian
GNU Linux Security Information] - this page
addresses Debian's status with respect to various known security holes,
which could potentially affect Debian.
|
[SUSE
Linux: Security Announcements] - This page
regularly informs you about security issues concerning SUSE Linux.
|
[Red Hat
Security Resource Center] - provides a variety of
ways to help improve the security of your Linux- based IT
infrastructure.
|
[MandrakeSecure]
- this site exists to provide you with meaningful information about
security in the Mandrake Linux distribution.
|
[Gentoo]
- Security Announcements.
|
[Linuxsecurity
News].
|
[LinuxSecurity.com
Advisories] - provides a centralized security
advisory resource to members of the Linux / BSD / Open Source
communites.
|
[Pro-Linux
Sicherheitsservice] - Auf diesen Seiten finden Sie
alle Sicherheitsmeldungen, die von den wichtigsten Distributionen
herausgegeben werden.
|
[SecurityFocus
- Unix].
|
[SecurityFocus
- Bugtraq Archive].
|
| Howtos |
[Security
Quick-Start HOWTO for Linux] - This document is a
an overview of the basic steps required to secure a Linux installation
from intrusion. It is intended to be an introduction.
|
[Security
Quick-Start HOWTO for Redhat Linux] - is a an
overview of the basic steps required to secure a Linux installation
from intrusion. It is intended to be an introduction.
|
[Securing
Debian Manual] - describes security in the Debian
project. Starting with the process of securing and hardening the
default Debian GNU/Linux distribution installation. It also covers some
of the common tasks to set up a secure network environment using Debian
GNU/Linux, gives additional information on the security tools available
and talks about how security is enforced in Debian by the security
team..
|
[Anleitung
zum Absichern von Debian] - Dieses Dokument
beschreibt den Prozess, eine Debian- Standard- Installation abzusichern
und abzuhaerten. Es deckt die alltaegliche Arbeit, eine sichere
Netzwerkumgebung mit Debian GNU/Linux zu schaffen ab, und gibt
zusaetzlich Informationen über verfuegbare Sicherheits- Tools
und die Arbeit des Debian Sicherheit-Teams.
|
[Linux
Security HOWTO] - This document is a general
overview of security issues that face the administrator of Linux
systems. It covers general security philosophy and a number of specific
examples of how to better secure your Linux system from intruders.
|
[Secure
Your Unix/Linux OS] - Articles and information to
help you understand the holes and vulnerabilities that might be present
in a Unix or Linux operating system and the tools and utilities
commonly used with them as well as how you can configure your system to
be as secure as possible..
|
[UNIX
Configuration Guidelines] - This document describes
commonly exploited UNIX system configuration problems and recommends
practices that can be used to help deter several types of break-ins.
|
[Linux
Systemsicherheitsguide] - beschaeftigt sich mit der
Absicherung und generellen Aspekten der Computer- Sicherheit eines
Linux-Systems.
|
[Sicherheit
in Netzen] - ist eine hervorragende Arbeit zum
Thema Sicherheit in Netzen in deutsch.
|
[Linuxsecurity
Resources] - Many documentations.
|
[Firewall-Architekturen]
- beschreibt eine Vielzahl von Methoden, Firewall-Komponenten
zusammenzusetzen, und befasst sich mit deren Vor- und Nachteilen.
|
[Personal/Desktop-Firewall
und Firewall-Ecke] - bietet: Allgemeines zu
Firewalls, Literaturlisten, Mailinglisten, Newsgroups, FAQs,
Produktinformationen.
|
[de.comp.security.firewall
FAQ] - in deutsch & english.
|
[de.comp.security.misc
FAQ] - in deutsch.
|
[Firewall
and Proxy Server HOWTO] - This document is designed
to describe the basics of firewall systems and give you some detail on
setting up both a filtering and proxy firewall on a Linux based system.
|
[Linux
IPCHAINS-HOWTO] - This document aims to describe
how to obtain, install and configure the enhanced IP firewalling chains
software for Linux, and some ideas on how you might use them.
|
[Linux Firewall
and Security Site] - offers a "Firewall Design
Tool", iptables Tutorial, Firewall Scripts and links to Reference
Papers, Information Sites, Security Software Sites and much more.
|
[SHREKS
iptables-Skripte] - fuer den Hausgebrauch.
Die Regeln sind zwar in der Grundkonfiguration von aussen dicht,
erlauben aber lokalen Usern allerhand, was im prof. Umfeld unerwuenscht
ist.
|
[Easy
Firewall Generator for IPTables] - generates an
iptables firewall script for use with the 2.4 linux kernel.
|
[Iptables
Tutorial] - This document will guide you through
the setup process of netfilter/iptables step by step.
|
[Linux
2.4 Packet Filtering HOWTO] - This document from
Rusty Russell describes how to use iptables to filter out bad packets
for the 2.4 Linux kernels.
|
[Linux
2.4 NAT HOWTO] - describes how to do masquerading,
transparent proxying, port forwarding, and other forms of Network
Address Translations.
|
[Packet-Filtering-HOWTO]
- ist eine deutsche Uebersetztung des Linux 2.4 Packet
Filtering HOWTO. "Dieses HOWTO wechselt zwischen einer
leichten Einfuehrung und rohen Enthuellungen".
|
[NAT-HOWTO]
- beschreibt auf deutsch, wie man Masquerading, transparente Proxies,
Port Forwarding und andere Formen der Network Address Translation mit
dem 2.4er Linuxkernel einsetzen kann.
|
[netfilter/iptables
FAQ] - contains the Frequently Asked Questions as
encountered on the netfilter mailing list.
|
[Introduction
to netfilter/iptables] - Configuring firewalls for
Linux (kernel 2.4.x) using netfilter/iptables.
|
[LinuxGuruz
Netfilter IPTABLES Firewall Page] - offers many
links to iptables- scripts, FAQs, Howtos, Tutorials and other Network
Security Sites.
|
[iptables
- Die Firewall des Kernels 2.4] - Dieses Howto von Wolfgang
Kinkeldei vermittelt kompakt und verstaendlich die zur
Verfuegung stehenden Parameter.
|
[Sicherheit
im Kabelnetzwerk] - 10 Gebote fuer den Schutz der
elektronischen Privatsphaere im Breitbandinternet (Kabelmodem, xDSL,
ISDN und andere).
|
[PGP
documentation] - "If you don't understand the basic
principles behind public key cryptography, then you may very well
jeopardize both your own and other people's security, and PGP will only
give you a false sense of safety".
|
| Linux Security - Downloads |
[Packetstorm]
- is an extremely large and current security tools resource.
Packetstorm is a non-profit organization comprised of security
professionals dedicated to providing the information necessary to
secure the World's networks.
|
[Network
Monitoring Tools] - This is a list of tools used
for Network (both LAN and WAN) Monitoring tools and where to find out
more about them. The audience is mainly network administrators.
|
[Openwall
Project] - security/hacking tools.
|
[Host
Security] - Scanners, Access Control, Auditing ....
|
[Secureroot.com]
- Computer Security Resource. Exploits, Hacking, Anonymity, Cracking,
Encryption, Phreaking, OS Security, Virii ... and Books devoted to
computer security.
|
[Linux
Downloads: Security] - Security/Hacking Tools like:
Scanner, Intrusion Detection System , Password Cracker, SSH and many
more.
|
[Nomad
Mobile Research Center] - Most of the stuff here
deals with computer security. All of NMRC's hack and cracks will bring
forth the idea that you cannot secure a system for long -- sooner or
later someone will find a way around the obstacle.
|
[Security-enhanced
Linux] - is a research prototype of the Linux kernel
and a number of utilities with enhanced security functionality designed
simply to demonstrate the value of mandatory access controls to the
Linux community and how such controls could be added to Linux.
|
[tcpdump]
- is a powerful tool for network monitoring and data acquisition. This
program allows you to dump the traffic on a network. It can be used to
print out the headers of packets on a network interface, filter packets
that match a certain expression.
|
[Ettercap]
- is a multipurpose sniffer/interceptor/logger for switched LAN. It
supports active and passive dissection of many protocols (even ciphered
ones) and includes many feature for network and host analysis, that are
integrated with a easy-to-use and pleasureful ncurses interface.
|
[Security
Administrator's Tool for Analyzing Networks (SATAN)]
- recognizes several common networking-related security problems, and
reports the problems without actually exploiting them.
|
[SAINT]
- the "Security Administrator's Integrated Network Tool" is a
vulnerability-assessment scanner. SAINT has been released under the
original SATAN license and conforms to the Open Source Definition.
|
[Ethereal]
- is a free network protocol analyzer for Unix and Windows. It allows
you to examine data from a live network or from a capture file on disk.
You can interactively browse the capture data, viewing summary and
detail information for each packet. Ethereal has several powerful
features, including a rich display filter language and the ability to
view the reconstructed stream of a TCP session.
|
[Nmap
Security Scanner] - is a utility for network
exploration or security auditing. It supports ping scanning, many port
scanning techniques, and TCP/IP fingerprinting. Nmap also offers
flexible target and port specification, decoy scanning, determination
of TCP sequence predictability characteristics, sunRPC scanning,
reverse-identd scanning, and more. Console and X-Window versions are
available.
|
[Nessus]
- is a free, powerful, up-to-date and easy to use remote security
scanner. Nessus is currently rated among the top products of its type
throughout the security industry and is endorsed by professional
information security organizations such as the SANS Institute.
|
[Angst]
- is an active sniffer, based on libpcap and libnet. It provides
methods for aggressive sniffing on switched local area network
environments. It dumps the payload of all the TCP packets received on
the specified ports.
|
[chkrootkit]
- is a tool to locally check for signs of a rootkit.
|
[Rootkit
Hunter] - (rkhunter) scans for
rootkits, backdoors and local exploits.
|
[The
Coroner's Toolkit (TCT)] - is a collection of tools
that are either oriented towards gathering or analyzing forensic data
on a Unix system. It is primarily designed for Unix systems, but it can
some small amount of data collection & analysis from non-Unix
disks/media.
|
[samhain]
- is a file system integrity and intrusion detection tool that allows
to trace what changes have occured on a file system, when these changes
have occured, and who was logged into the system at the respective time.
|
[rkdet]
- is a daemon intended to catch someone installing a rootkit or running
a packet sniffer. It is designed to run continually with a small
footprint under an innocuous name. When triggered, it sends email,
appends to a logfile, and disables networking or halts the system.
|
[Sleuth Kit]
- (previously known as TASK) is a collection of UNIX- based command
line file system and media management forensic analysis tools. The file
system tools allow you to examine file systems of a suspect computer in
a non- intrusive fashion.
|
[TCP Flow
Recorder] - captures data transmitted as part of
TCP connections (flows), and stores data in a way that is convenient
for protocol analysis or debugging. tcpflow understands TCP sequence
numbers and will reconstruct data streams regardless of retransmissions.
|
[The Autopsy
Forensic Browser] - is a graphical interface to The
Sleuth Kit (TASK). Autopsy allows one to view allocated and deleted
file system content in a "File Manager" style interface and perform key
word searches.
|
[Carbonite]
- is an LKM that is designed to investigate and detect rootkits.
Carbonite even works with LKM rootkits that patch calls to /proc. It
works like lsof and ps at the kernel level, querying every process in
Linux's task_struct, which is the kernel structure that maintains
information on every running process in Linux.
|
[Foremost]
- is a linux tool for conducting forensic examinations. Although
intended for law enforcement purposes, it may be useful to other
members of the community. Foremost reads through a file, such as a dd
image file or a disk partition and extracts file.
|
[Snort]
- is a cross-platform, lightweight network intrusion detection tool
that can be deployed to monitor small TCP/IP networks and detect a wide
variety of suspicious network traffic as well as outright attacks.
|
[Tripwire]
- is a (commercial) tool that checks to see what has changed on your
system. The program monitors key attributes of files that should not
change, including binary signature, size, expected change of size, etc.
|
[Sentry
Tools] - provide host-level security services for
the Unix platform. PortSentry, LogSentry, and HostSentry protect
against portscans, automate log file auditing, and detect suspicious
login activity on a continuous basis.
|
[SNARE]
- (System iNtrusion Analysis and Reporting Environment) is a series of
log collection agents that facilitate centralised analysis of audit log
data. Agents are available for Linux, Windows, Solaris, IIS, Lotus
Notes, Irix, AIX, ISA/IIS & more.
|
[Kismet]
- is an 802.11 layer2 wireless network detector, sniffer, and intrusion
detection system. Kismet will work with any wireless card which
supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a,
and 802.11g traffic.
|
[AirSnort]
- is a wireless LAN (WLAN) tool which recovers encryption keys.
AirSnort operates by passively monitoring transmissions then computing
the encryption key when enough packets have been gathered.
|
[Fake
AP] - generates thousands of counterfeit 802.11b
access points and therefore confuses Wardrivers, NetStumblers, Script
Kiddies, and other undesirables.
|
[WEPCrack]
- is an open source tool for breaking 802.11 WEP secret keys using the
latest discovered weakness of RC4 key scheduling.
|
[aircrack]
- is a 802.11 WEP key cracker. It implements the so-called Fluhrer -
Mantin - Shamir (FMS) attack, along with some new attacks by a talented
hacker named KoreK.
|
[WepLab]
- is a tool designed to teach how WEP works, what different
vulnerabilities has, and how they can be used in practice to break a
WEP protected wireless network.
|
[WepAttack]
- is a WLAN open source Linux tool for breaking 802.11 WEP keys. This
tool is based on an active dictionary attack that tests millions of
words to find the right key.
|
[John
the Ripper] - is a fast password cracker, currently
available for many flavors of Unix. Its primary purpose is to detect
weak Unix passwords.
|
[Offline NT
Password & Registry Editor] - This is a
utility to (re)set the password of any user that has a valid (local)
account on your NT system by a single floppy that uses Linux as the OS.
|
|
[netfilter/iptables]
- The netfilter/iptables project is the Linux 2.4.x
or above firewalling subsystem. It delivers you the functionality of
packet filtering (stateless or stateful), all different kinds of NAT
(Network Address Translation) and packet mangling.
|
[IPmenu]
- is a user interface to netfilter/iptables and
Linux policy routing or traffic control, allowing you to edit firewall
rules and configure the firewall to "mark" packets for policy routing
or for class based queueing (CBQ).
|
[gShield]
- is an iptables firewall for use with the 2.4.x
series of the Linux kernel. It is easily configured through a single,
well commented configuration file. gShield is released under the GNU
General Public License (GPLv2).
|
[Firestarter]
- is an Open Source visual firewall program. The software aims to
combine ease of use with powerful features, therefore serving both
Linux desktop users and system administrators.
|
[Shorewall]
- The Shoreline Firewall, more commonly known as "Shorewall", is an iptables
based firewall that can be used on a dedicated firewall system, a
multi-function masquerade gateway/server or on a standalone Linux
system.
|
[Seattle
Firewall] - is an ipchains
based firewall that can be used on a dedicated masquerading firewall
machine (including LRP), a multi-function masquerade gateway/server or
on a standalone Linux system.
|
[BullDog]
- is a powerful but lightweight firewall for heavy use systems. Be
prepared to spend some time setting this up. If you are looking for a
"quick fix", then you are on the wrong site. BullDog is NOT a quick
fix, but rather one step in a complete security policy. It supports ipchains
and iptables.
|
[fBuilder]
- is a web-based utility for building and configuring your ipchains
or iptables based Linux firewall. InnerTek Software
currently offers two versions of fBuilder: fBuilder Lite - a free
version of fBuilder that includes a standard set of features and
fBuilder Plus.
|
[Mason]
- is a tool that interactively builds a firewall using Linux' ipfwadm
or ipchains firewalling.
|
[Knetfilter]
- is a KDE application designed to manage the netfilter
functionalities that come with the kernels 2.4 and later.
|
[Firewall
Builder] - is multi-platform firewall configuration
and management tool. Firewall Builder currently supports iptables,
ipfilter, OpenBSD PF
and Cisco PIX.
|
[Easy
Firewall Generator for IPTables] - is designed to
easily generate a full-featured iptables
configuration script with a variety of the most commonly desired
options.
|
[PuTTY]
- is a free implementation of Telnet and SSH for Win32 and Unix
platforms, along with an xterm terminal emulator.
|
[OpenSSH
for Windows] - is a free package that installs a
minimal OpenSSH server and client utilities in the Cygwin package
without needing the full Cygwin installation.
|
[OpenSSH]
- is a FREE version of the SSH protocol suite of network connectivity
tools that increasing numbers of people on the Internet are coming to
rely on. OpenSSH encrypts all traffic (including passwords) to
effectively eliminate eavesdropping, connection hijacking, and other
network-level attacks.
|
[MindTerm]
- is a client that implements the SSH1 and SSH2 protocols. It is
written in pure Java. MindTerm can be used as stand alone software to
access standard SSH-aware hosts. Like any SSH client MindTerm can also
be used as a client to an AppGate Server system for extended
Authorization, Authentication and VPN functionality.
|
[GnuPG]
- is a complete and free replacement for PGP. Because it does not use
the patented IDEA algorithm, it can be used without any restrictions.
GnuPG is a RFC2440 (OpenPGP) compliant application.
|
[Seahorse]
- is a Gnome interface for GnuPG. It's main purpose is to be a PGP/GPG
Key Manager, though it has other components including a text editor and
file manager.
|
[PGP]
- Here you may download the latest freeware PGP version, whether you
want the international or the US variant.
|
[KGPG]
- is a simple, free, open source KDE frontend for gpg. It will be part
of the official KDE 3.2.
|
[pwsafe]
- is a command line password database program for Unix. It is
compatible with Counterpane's Win32 Password Safe software. It can also
copy the passwords into the X selection and clipboard, but it doesn't
open a visible window. The database is encrypted with blowfish, and a
single passphrase decrypts it all.
|
[PwManager]
- With PwManager you can easily manage your passwords. PwManager saves
your passwords blowfish- encrypted in one file, so you have to remember
only one master- password instead of all. Instead of the master-
password you can use a chipcard, so you don't have to remember a
password to access the list.
|
[MyPasswordSafe]
- is a straight- forward, easy- to- use password manager that maintains
compatibility with Password Safe files.
|
[KisKis]
- is an easy-to-use password manager written in JAVA. So it runs on any
platform provided that there is an appropriate Java- Virtual- Machine
available.
|
[Official
OpenAntiVirus.org Projects] - offers specialized
Open Source anti-virus,
computer security and network security software.
|
[Clam
AntiVirus] - is an anti-virus toolkit for UNIX. The
main purpose of this software is the integration with mail servers
(attachment scanning).
|
[Anomy
sanitizer] - can scan email attachments for
viruses. Other things it can do: block or "mangle" attachments based on
their file names, disable potentially dangerous HTML code, such as
javascript, within incoming email, and more.
|
[F-Prot
Antivirus for Linux] - is available in many
versions (products and services to suit both the home user as well as
the corporate user). The Version for Workstations is FREE for Home
Users.
|
[AntiVir
for Linux and FreeBSD] - is a comprehensive,
flexible anti-virus program. Without a license key AntiVir will run in
a restricted Demo mode only. For further testing you can order an
evaluation key for free.
|
[avast!
for Linux] - is an antivirus solution for the Linux
environment. Considering its robust design, it is primarily intended
for Linux-based servers; however, it can easily be used on desktop
computers as well.
|
[Norman
Virus Control (NVC) for Linux] - offers both On-
access and On- demand scanning of files residing on the servers or
workstations.
|
[Panda
Antivirus for Linux] - is an antivirus designed to
be managed from the command line or console. It scans files using both
string searches and heuristic methods.
|
[Sophos
Anti-Virus] - protects your network, desktop and
even remote laptop computers from viruses and spam.
|
[BitDefender
Antivirus] - Complete virus defense solutions
designed for easy virus prevention on Linux systems.
|
[Viralator]
- is a Perl script that virus scans http downloads request on a UNIX
server after passing through the Squid proxy server.
|
[SquidClamAV
Redirector] - is a Squid helper Script, to get
Virus scanning for defined Extensions. The Script was tested with
Python, pyclamav, ClamAV and Squid.
|
[DansGuardian]
- is an Open Source web content filter. It filters the actual content
of pages based on many methods including phrase matching, PICS
filtering and URL filtering.
|
[DansGuardian
Anti-Virus Plugin] - is a GPL addon that takes
Virus Scanning capabilities and integrates them into the content
filtering web proxy DansGuardian.
|
[squidGuard]
- is a combined filter, redirector and access controller plugin for
Squid. It is free, very flexible, extremely fast, easily installed and
portable. squidGuard has many powerful configuration options.
|
[Privoxy]
- is a web proxy with advanced filtering capabilities for protecting
privacy, filtering web page content, managing cookies, controlling
access, and removing ads, banners, pop-ups and other obnoxious junk.
|
|
|
|
