Projects tagged ‘linux’, ‘security’, and ‘tools’

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. (Wireshark was known as Ethereal until June 09, 2006)

Clam AntiVirus (ClamAV) is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a ... [More] tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. [Less]

Filesystem in Userspace is a simple interface for userspace programs to export a virtual filesystem to the Linux kernel. It also aims to provide a secure method for non privileged users to create and mount their own filesystem implementations.

Advanced Web Statistics (AWStats) is a free powerful Web server logfile analyzer (Perl script) that shows you all your Web statistics including visits, unique visitors, pages, hits, rush hours, search engines, keywords used to find your site, robots ... [More] , broken links, and more. It works with both IIS 5.0+ and Apache Web server log files as a CGI and/or from the command line. It also supports multiple languages including English, French, Dutch, Spanish, Italian, German, Polish, and Greek. [Less]

Nagios (formerly Netsaint) is a daemon written in C that is designed to monitor networked hosts and services. It has the ability to notify contacts (via email, pager or other methods) when problems arise and are resolved. Host and service checks are ... [More] performed by external "plugins", making it easy to write custom checks in your language of choice. Several CGIs are included in order to allow you to view the current and historical status via a Web browser, and a WAP interface is also provided to allow you to acknowlege problems and disable notifications from an internet-ready cellphone. [Less]

Snort® is an open source network intrusion prevention and detection system using a flexible rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is ... [More] the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry. [Less]

Bacula is a set of programs that allow you to manage the backup, recovery, and verification of computer data across a network of different computers. It is based on a client/server architecture and is efficient and relatively easy to use, while ... [More] offering many advanced storage management features that make it easy to find and recover lost or damaged files. [Less]

Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also ... [More] possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN. [Less]

Zenoss is an IT infrastructure monitoring product that allows you to monitor your entire infrastructure within a single, integrated software application.Key features include: Monitors the entire stack: networks, servers, applications, services, power, environment, etc.

Zabbix is software that monitors your servers and applications. Polling and trapping techniques are both supported. It has a simple, yet very flexible notification mechanism, and a Web interface that allows quick and easy administration. It can be ... [More] used for logging, monitoring, capacity planning, availability and performance measurement, and providing the latest information to a helpdesk. [Less]

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. ... [More] Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. [Less]

SystemRescueCd is a Linux system available from a bootable CDROM that provides an easy way to perform administrative tasks on your computer, such as creating and editing the partitions of the hard disk or backing up data. It contains a lot of system ... [More] utilities (such as parted, partimage, and fstools), and basic programs (such as editors, midnight commander, and network tools). It also includes QtParted, a Partition Magic clone that makes editing partitons easy with its Qt graphical user interface. This CDROM aims to be very easy to use and accessible to everybody. [Less]

Etherboot is a free software package for making boot ROMs for booting Linux and other operating systems on x86, Itanium, Hammer, and Hyperstone machines over a network using Internet protocols, namely DHCP and tftp.

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

Centreon is a network, system, applicative supervision and monitoring tool, it is based upon the most effective Open Source monitoring engine : Nagios. Centreon provides a new frontend and new functionnalities to Nagios. It allows you to be more ... [More] efficient in your network monitoring, but also allows you to make your supervision information readable by a largest range of users. Indeed, a non technical user can now use the Centreon/Nagios couple to easily understand your network infrastructure thanks to charts and graphical representations of the gathered information. Skilled users still have access to specific and technical information collected by Nagios though. [Less]

Firestarter is a firewall tool for Linux, and uses GNOME. You can use the wizard to create a basic firewall, then streamline it further using the dynamic rules. You can open and close ports with a few clicks, or stealth your services giving access ... [More] only to a select few. It features a real-time hit monitor which you can watch as attackers probe your machine for open ports. [Less]

Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and grids. It is based on a hierarchical design targeted at federations of clusters. Ganglia is currently in use on over 500 clusters around the world and has scaled to handle clusters with 2000 nodes.

Prelude is an Hybrid IDS framework, that is, it is a product that enable all available security application, be it opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion ... [More] Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using an unified language. Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, honeyd, Nessus Vulnerability Scanner, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events. Prelude is commited to providing an Hybrid IDS that offers the ability to unify currently available tools. [Less]

ALT Linux is a set of Linux distributions that are based on Sisyphus, an APT-enabled RPM package repository that aims to achieve feature completeness, usability, and security in a sensible and manageable mixture.

sshproxy is a pure python implementation of an ssh authenticating proxy. It allows users to connect to remote sites without having to know the password or key of the remote sites. ACL rules can be set up to allow or deny users based on ... [More] different parameters like their IP address or the time of the day. Access attempts are logged via syslog, and an enhanced "action log" system is under development. The client is the standard ssh client. [Less]

Wellenreiter is a GTK/Perl wireless network discovery and auditing tool. Prism2, Lucent, and Cisco based cards are supported. It is the easiest to use Linux scanning tool. No card configuration has to be done anymore. The whole look and feel is ... [More] pretty self-explaining. It can discover networks (BSS/IBSS), and detects ESSID broadcasting or non-broadcasting networks and their WEP capabilities and the manufacturer automatically. DHCP and ARP traffic are decoded and displayed to give you further information about the networks. An ethereal/tcpdump-compatible dumpfile and an Application savefile will be automaticly created. gpsd can be used to track the location of the discovered networks. [Less]

inoclam uses inotify to watch user specified directories. When a file is created, changed or copied to one of the monitored directories, the file is virus checked with ClamAV. If a virus is detected, the file is optionally removed from the file system and the administrator is optionally notified.

ITVal is an open source utility for testing, and debugging iptables firewall policies. It can detect many different kinds of errors, such as typos, out-of-order rules, faulty understanding of the firewall, or poor assumptions about the policy logic. ... [More] ITVal can also generate a "policy map" that illustrates how the firewall treats various groups of hosts on the network. This grouping is automatically calculated from the policy and can make it very easy to spot anomalies in the policy. Current development on ITVal focuses on ways to partially automate repair of the policy. [Less]

phpRemoteShell is an all-in-one Web application to manage servers remotely. It contains a full-featured file manager, the ability to execute shell commands or PHP code, crontab management, and zombie management. It can also host itself into existing ... [More] files and auto-deploy during their execution. In case it has been previously encrypted, it is able to self-decrypt on the fly. [Less]

Sawmill is a log analysis tool which can be used to analyze Web site traffic, proxy usage, ftp usage, and much more. Major features include a persistent database for long-term tracking of statistics, hierarchical data mining features, and many security features appropriate for use in a multi-user environment.

openMosix is a a set of extensions to the standard Linux kernel allowing you to build a cluster of out of off-the-shelf PC hardware. openMosix scales perfectly up to thousands of nodes. You do not need to modify your applications to benefit from your ... [More] cluster (unlike PVM, MPI, Linda, etc.). Processes in openMosix migrate transparently between nodes and the cluster will always auto-balance. [Less]

mkCDrec (Make CD-ROM Recovery) makes a bootable (El Torito) disaster recovery image, including backups of the Linux system to one or more CD-ROM(s) (multi-volume sets). Otherwise, the backups can be stored on another disk, NFS/CIFS disk, or (remote) ... [More] tape. After a disk crash or system intrusion, the system can be booted from the CD-ROM and one can restore the complete system as it was. It also features disk cloning, which allows one to restore a disk to another disk (the destination disk does not have to be of the same size, as it calculates the partition layout itself). Currently, ext2, ext3, minix, MS-DOS, FAT, VFAT, Reiserfs, XFS, and JFS filesystems are supported. It can restore disks in Software RAID and LVM mode. It supports the One Button Disaster Recovery (OBDR) mode, which simulates a bootable CD-ROM on tape. [Less]

Andutteye is an open source systems management platform that automates enterprise data centers and keeps them running. Andutteye contains different modules that targets different tasks of systems management. With Andutteye you get in control of your ... [More] systems in your data center and can from a central point of operations manage all your systems. Andutteye gives your company all needed functionality, features and modularity that professional IT systems management requires of a systems management tool. From a single point of operations you can monitor, manage and execute all range of tasks needed for centralized systems management. [Less]

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. You can then run ... [More] the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided. [Less]

Un framework en PHP escrito en español. --- A PHP framework in spanish.