Section: .. / linux / security /
| /// File Name: |
safebreaker.tar |
Description:
|
Safebreaker is a demonstration next-generation packet-sniffing backdoor, that doesn't require libpcap. It offers a full terminal support, comes with a tls encryption for the connection, and the authentication parameters are configurable.
| | Author: | Amir Alsbih | | Homepage: | http://www.informatik.uni-freiburg.de/%7Ealsbiha/code.htm | | File Size: | 30720 | | Last Modified: | Oct 25 18:03:54 2006 |
| MD5 Checksum: | ffa51e5800f9e95944c72eecae91bdbf |
|
| /// File Name: |
SAStk-0.1.1.tar.gz |
Description:
|
SAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what each daemon does.
| | Homepage: | http://sourceforge.net/projects/sastk | | File Size: | 352639 | | Last Modified: | Feb 6 15:32:59 2001 |
| MD5 Checksum: | 31ae891b30c7596bc412a9ab6b6570b3 |
|
| /// File Name: |
SAStk-0.1.2.0.tgz |
Description:
|
SAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what each daemon does.
| | Homepage: | http://sourceforge.net/projects/sastk | | Changes: | Bugfixes with rc.local and some new functionality in suauth. | | File Size: | 642857 | | Last Modified: | Feb 15 18:20:37 2001 |
| MD5 Checksum: | d1a4c52f0fc566b39bfd1463e31b6538 |
|
| /// File Name: |
SAStk-0.1.2.1.tgz |
Description:
|
SAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what each daemon does.
| | Homepage: | http://sourceforge.net/projects/sastk | | Changes: | This release fixes an installer issue and a potential race condition, includes more documentation, clarified XFree86 versions (not updated for X 4.0 yet), and removes shell limits. | | File Size: | 649515 | | Last Modified: | Apr 16 12:15:03 2001 |
| MD5 Checksum: | bc2e7ea2041115c1bcb96f7ccd57112b |
|
| /// File Name: |
SAStk-0.1.3.1.tgz |
Description:
|
SAStk (Slackware Administrators Security tool kit) aims to provide a set of tools and utilities to install and maintain a reasonable level of security for the Slackware GNU/Linux distribution. At the same time, it should ease administration with a new centralized initialization setup and background information on what each daemon does.
| | Homepage: | http://sourceforge.net/projects/sastk | | Changes: | Fixed a bug in 0.1.3.0 which set the wrong permissions for the system's root directory. The pkgmake.sh script has been fixed, along with the directory permissions. | | File Size: | 696012 | | Last Modified: | Jan 7 21:29:33 2002 |
| MD5 Checksum: | 75ae29add97cb811bac8fa6c6d8734d9 |
|
| /// File Name: |
scandetect.tar.gz |
Description:
|
Scan Detect prevents attackers from running TCP port scanners against your Linux system by listening on a given TCP port and if any host on the internet connects to that TCP port, Scan Detect will use Ipchains to block that host completely.
| | Author: | Ryan Mann | | Homepage: | http://personal.mia.bellsouth.net/mia/k/f/kf4dez | | File Size: | 1531 | | Last Modified: | Jul 27 13:18:41 2000 |
| MD5 Checksum: | f8a50e5fa7da5758967174ea523038bf |
|
| /// File Name: |
slog.c |
Description:
|
Slog.c is a simple linux keystroke logger without function hooking. Tested on Redhat 7.2.
| | Author: | Slacko | | File Size: | 2200 | | Last Modified: | Sep 5 01:21:52 2002 |
| MD5 Checksum: | 1527a47b813bd458beebc7b2d9ffad18 |
|
| /// File Name: |
snare-core-0.9.1.tar.gz |
Description:
|
SNARE (System iNtrusion Analysis and Reporting Environment) is a loadable kernel module and daemon that provide a host intrusion detection facility and C2-style auditing/event logging capability for Linux similar to the Basic Security Module (BSM) for Solaris.
| | Homepage: | http://www.intersectalliance.com/projects/Snare | | Changes: | Core package was restructured, leading to better stability under extreme audit loads. Many changes recommended by the RedHat kernel team have been implemented. | | File Size: | 185551 | | Last Modified: | Sep 20 12:13:47 2002 |
| MD5 Checksum: | e59faea7c2e028a85d0e6f36e8926427 |
|
| /// File Name: |
snoopy-1.2.tar.gz |
Description:
|
Snoopy is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.
| | Author: | Mike Baker | | Changes: | A fix for a very manacing bug. | | File Size: | 10126 | | Last Modified: | Oct 15 18:54:20 2000 |
| MD5 Checksum: | 4013da8d2d80503ce7c9c4923adacbe9 |
|
| /// File Name: |
snoopy-1.3.tar.gz |
Description:
|
Snoopy is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.
| | Author: | Mike Baker | | Changes: | Integrity checking, a new method of logging, and faster logging. | | File Size: | 10686 | | Last Modified: | Dec 21 00:21:59 2000 |
| MD5 Checksum: | 2a74982e2830a16159a7a6754476c6ee |
|
| /// File Name: |
spfx.c |
Description:
|
spfx.c is a linux kernel module which stops many exploits by protecting the system from code running on the stack.
| | File Size: | 2166 | | Last Modified: | Apr 9 01:22:45 2001 |
| MD5 Checksum: | cd17bdbfe61fba08502ab59be605cc97 |
|
| /// File Name: |
spfx2.c |
Description:
|
spfx2.c is a linux kernel module which stops many exploits by protecting the system from code running on the stack. Works by limiting the use of key system calls to library functions. Although spfx2 does not prevent buffer-overflow related crashes, it does make it very difficult to break security with with a buffer-overflow attack, preventing most root compromises.
| | Author: | Justin Lesarge | | File Size: | 4754 | | Last Modified: | Apr 19 17:48:19 2001 |
| MD5 Checksum: | 4672dab270ac42e0779ae8e7752cdbcb |
|
| /// File Name: |
stackshield0.7.tar.gz |
Description:
|
Stack Shield - A "stack smashing" technique protection tool for Linux. The "stack smashing" technique is the most common way used in exploits to break the security of programs. Stack Shield is a tool for adding protection to programs from this kind of attacks at compile time whitout changing a line of code. Stack Shield uses a more secure protection system than other tool like Immunix Stack Guard. Stack Shield is designed to support the GCC under a Linux Intel 386 class platform.
| | Author: | Vendicator | | Homepage: | http://www.angelfire.com/sk/stackshield/ | | File Size: | 17317 | | Last Modified: | Jan 7 17:42:41 2000 |
| MD5 Checksum: | a9bfc8664dce6ffe175fc19a74b38139 |
|
| /// File Name: |
stealth-2.2.17.diff |
Description:
|
Stealth IP Stack is a kernel patch for Linux 2.2.17 which makes your machine almost invisable on the network without impeding normal network operation. Many denial of service attacks, such as stream, are much less effective with this patch installed, and port scanners slow to a crawl. It works by restricting TCP RST packets (no "Connection Refused"), restricting ICMP_UNREACH on udp (Prevents UDP portscans), restricting all ICMP and IGMP requests. A sysctl interface is used so these features can be turned on ande off on the fly.
| | Author: | Robert Salizar | | Homepage: | http://www.energymech.net/madcamel/fm | | File Size: | 7725 | | Last Modified: | Sep 18 16:14:40 2000 |
| MD5 Checksum: | 0372ec661f9d9bcf82f9185203c75632 |
|
| /// File Name: |
stealth-2.2.18.diff |
Description:
|
Stealth IP Stack is a kernel patch for Linux 2.2.18 which makes your machine almost invisible on the network without impeding normal network operation. Many denial of service attacks, such as stream, are much less effective with this patch installed, and port scanners slow to a crawl. It works by restricting TCP RST packets (no "Connection Refused"), restricting ICMP_UNREACH on udp (Prevents UDP portscans), restricting all ICMP and IGMP requests. A sysctl interface is used so these features can be turned on and off on the fly.
| | Author: | Robert Salizar | | Homepage: | http://www.energymech.net/madcamel/fm | | Changes: | Ported to Linux 2.2.18. | | File Size: | 7043 | | Last Modified: | Dec 13 00:02:12 2000 |
| MD5 Checksum: | 50a37ed3eb2e15a3dcdd2d76310cada7 |
|
| /// Directory: |
/ stjude / |
Description:
|
Unavailable.
| | Total Files: | 15 | | Last Modified: | Sep 5 22:26:24 2007 |
|
| /// File Name: |
StMichael_LKM-0.01.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | File Size: | 3656 | | Last Modified: | May 8 18:47:08 2001 |
| MD5 Checksum: | caa99d3b4772a1cc15352b72f6680686 |
|
| /// File Name: |
StMichael_LKM-0.02.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Fixed an inverted match which could cause kernel to hang on attempt to unload StMichael. | | File Size: | 3769 | | Last Modified: | May 9 20:35:42 2001 |
| MD5 Checksum: | 531d16989e7b893bef78cffdbf033f81 |
|
| /// File Name: |
StMichael_LKM-0.03.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Added md5 checksums to the contents of system calls, added cloaking to hide the presence of StMichael, and its symbols. Since StMichael cause the rootkits to not work as expected, we do not want to give away any useful debugging information. | | File Size: | 9494 | | Last Modified: | Jun 5 18:53:13 2001 |
| MD5 Checksum: | 5b4c791c22c5fa58c904835a96f0389e |
|
| /// File Name: |
StMichael_LKM-0.04.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. This is a experimental version, and a spin off from the Saint Jude Project.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Added the SHA1 checksum to complement the md5's, added timers to periodically revalidate the kernel, added a configuration script, and added some demos which will trigger StMichael. | | File Size: | 18715 | | Last Modified: | Jul 11 05:01:54 2001 |
| MD5 Checksum: | 617e56ab882299f50e8b27bf0fd267f4 |
|
| /// File Name: |
StMichael_LKM-0.05.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Added Checks to Detect modules hiding their presence, Added Read-Only /dev/kmem, and Added VFS checking. | | File Size: | 23606 | | Last Modified: | Jul 12 04:16:03 2001 |
| MD5 Checksum: | fda543690273352eaa367dd9d0fbdb92 |
|
| /// File Name: |
StMichael_LKM-0.06.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Began code and signature obfuscation work to conceal commonly found strings, Introduced permanent immutability to files on ext2 fs, and other misc code beautification. | | File Size: | 27115 | | Last Modified: | Oct 24 23:57:23 2001 |
| MD5 Checksum: | 9f0d2f9612b1daa97a68c9678fde0348 |
|
| /// File Name: |
StMichael_LKM-0.07.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Fixed a serious bug that could cause a kernel Oops if StMichael was not the first module loaded into the system. | | File Size: | 25698 | | Last Modified: | Oct 30 03:19:16 2001 |
| MD5 Checksum: | e5cb4205fd25c95563a84be8b4fa8cf6 |
|
| /// File Name: |
StMichael_LKM-0.08.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Addition of ability to restore a system attacked using kernel modification techniques such as a Silvio Stealth syscall by reloading the kernel without a reboot. Addition of Checks to detect the possible subversion of the kernel at loadtime. Now does Full Kernel Text Validation. | | File Size: | 30545 | | Last Modified: | Jan 22 00:37:53 2002 |
| MD5 Checksum: | 56b40532ec8f1f3089de8ec4fe7f5f4f |
|
| /// File Name: |
StMichael_LKM-0.10.tar.gz |
Description:
|
StMichael is a LKM that attempts to detect and divert attempts to install a kernel-module backdoor into a running linux system. This is done by monitoring the init_module and delete_module process for changes in the system call table. Detects most modern LKM's, including KIS.
| | Author: | Tim Lawless | | Homepage: | http://www.sourceforge.net/projects/stjude | | Changes: | Really Immutable filesystem support for ext3 fs added, Added in Kernel Licensing Code to Identify the Kernel License for newer kernels, Backup kernel is now obscured from string searches using the weak crypt function, Added needed modifications to support the newer Alan Cox Kernels, with the different VM system, fixed lots of compilation issues, and better docs. | | File Size: | 31492 | | Last Modified: | Mar 30 14:03:13 2002 |
| MD5 Checksum: | 16b42d7707d5dfa25214d8cd3768e7fa |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
