Section: .. / linux / security /
| /// File Name: |
snare-core-0.9.1.tar.gz |
Description:
|
SNARE (System iNtrusion Analysis and Reporting Environment) is a loadable kernel module and daemon that provide a host intrusion detection facility and C2-style auditing/event logging capability for Linux similar to the Basic Security Module (BSM) for Solaris.
| | Homepage: | http://www.intersectalliance.com/projects/Snare | | Changes: | Core package was restructured, leading to better stability under extreme audit loads. Many changes recommended by the RedHat kernel team have been implemented. | | File Size: | 185551 | | Last Modified: | Sep 20 12:13:47 2002 |
| MD5 Checksum: | e59faea7c2e028a85d0e6f36e8926427 |
|
| /// File Name: |
sysmask-1.06.tgz |
Description:
|
Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
| | Author: | XIAO Gang | | Homepage: | http://wims.unice.fr/sysmask/doc/index.html | | Changes: | Added skype configuration. Some minor fixes and improvements. | | File Size: | 183778 | | Last Modified: | Feb 8 00:42:48 2006 |
| MD5 Checksum: | 0b508e7103f184159c54d7e5cfd7d77a |
|
| /// File Name: |
sysmask-1.04.tgz |
Description:
|
Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
| | Author: | XIAO Gang | | Homepage: | http://wims.unice.fr/sysmask/doc/index.html | | Changes: | Some minor fixes and improvements. | | File Size: | 177317 | | Last Modified: | Aug 26 02:05:33 2005 |
| MD5 Checksum: | 180cca0394264f471ca36e24b8e5197b |
|
| /// File Name: |
sysmask-1.02.tgz |
Description:
|
Sysmask is a security package for Linux systems that can prevent arbitrary malicious codes from causing permanent damage. It protects the system against daemon exploits and user accounts against viruses and worms, whether known or unknown, without requiring the recompilation of existing software.
| | Author: | XIAO Gang | | Homepage: | http://wims.unice.fr/sysmask/doc/index.html | | File Size: | 176924 | | Last Modified: | Aug 24 03:30:02 2005 |
| MD5 Checksum: | b4c9d16ad0aa5ead3e5bb1e4ff383db3 |
|
| /// File Name: |
umbrella-0.7.tar.bz |
Description:
|
The Umbrella security mechanism implements a combination of process-based Mandatory Access Control (MAC) and authentication of files through Digital Signed Binaries (DSB) for Linux based consumer electronics devices ranging from mobile phones to settop boxes. Umbrella is implemented on top of the Linux Security Modules (LSM) framework. The MAC scheme is enforced by a set of restrictions on each process. This policy is distributed with a binary in form of execute restrictions (in the file signature) and within the program, where the developer has the opportunity of making a restricted fork.
| | Homepage: | http://umbrella.sourceforge.net/ | | Changes: | Various fixes. | | File Size: | 176658 | | Last Modified: | Jun 1 02:57:38 2005 |
| MD5 Checksum: | c260b14578e7b8f577e71b0067696cbc |
|
| /// File Name: |
syscalltrack-0.64.tar.gz |
Description:
|
Syscall Tracker is a powerful tool for Linux 2.2 and 2.4 which allows you to write rules to track system calls. Currently only logging the invocation is supported, but in the future, you will be able to fail the system call (i.e. force it to return some error code), or suspend the process executing it. Allows you find out info that is hard to find, for instance to determine which process touched a certain file.
| | Homepage: | http://syscalltrack.sourceforge.net | | Changes: | Better support for filter expressions, better error messages, Unary operators ('~', '!') are now working. Fixed some crash bugs and memory leaks. | | File Size: | 168734 | | Last Modified: | Dec 8 23:18:51 2001 |
| MD5 Checksum: | d79f3e7472347cd637a544d6fb80a6ec |
|
| /// File Name: |
umbrella-0.6.tar.bz2 |
Description:
|
The Umbrella security mechanism implements a combination of process-based Mandatory Access Control (MAC) and authentication of files through Digital Signed Binaries (DSB) for Linux based consumer electronics devices ranging from mobile phones to settop boxes. Umbrella is implemented on top of the Linux Security Modules (LSM) framework. The MAC scheme is enforced by a set of restrictions on each process. This policy is distributed with a binary in form of execute restrictions (in the file signature) and within the program, where the developer has the opportunity of making a restricted fork.
| | Homepage: | http://umbrella.sourceforge.net/ | | Changes: | Complete integration with GNU Privacy Guard to authenticate binaries. Hash tables for storing restrictions is replaced by the new, fast and simple FSR data structure, that mimics the 'dentry' structs in the kernel. The Umbrella system call is eliminated and completely replaced by a /proc filesystem interface. The Umbrella code is now completely independent of all architectures and kernel subversions. | | File Size: | 166919 | | Last Modified: | Mar 22 01:12:59 2005 |
| MD5 Checksum: | 9cebc8b0fdf122d8b1079c29ec3a5d18 |
|
| /// File Name: |
grsecurity-2.1.8-2.6.14.6-200601211..> |
Description:
|
A new grsecurity patch has been released for the 2.6.14.6 Linux kernel series. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
| | Author: | spender | | Homepage: | http://www.grsecurity.net | | File Size: | 165773 | | Last Modified: | Jan 27 15:11:04 2006 |
| MD5 Checksum: | 327972c2f4e8fab890f58d67bb69e77f |
|
| /// File Name: |
dazuko-2.1.1.tar.gz |
Description:
|
Dazuko is a kernel module which provides 3rd-party applications with an interface for file access control. Useful for on-demand virus scanning, as a file-access monitor/logger or external security implementations. It operates by intercepting file-access calls and passing the file information to a 3rd-party application. The 3rd-party application then has the opportunity to tell the kernel module to allow or deny the file-access. The 3rd-party application also receives information about the file, such as type of access, process ID, user ID, etc.
| | Author: | John Ogness | | Homepage: | http://www.dazuko.org | | Changes: | 2.1.1 has been released and is now the recommended stable version. This release has focused on improving support for various Linux kernels, adding a "make install" for Linux, and some minor changes to improve portability. | | File Size: | 162359 | | Last Modified: | Jan 27 15:42:30 2006 |
| MD5 Checksum: | 35ff694434dedb25fe43dad8db4eb943 |
|
| /// File Name: |
grsecurity-2.1.9-2.4.33.2-200608231..> |
Description:
|
A new grsecurity patch has been released. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
| | Author: | spender | | Homepage: | http://www.grsecurity.net | | File Size: | 162213 | | Last Modified: | Aug 27 02:37:37 2006 |
| MD5 Checksum: | de2c3d1c8733bafe8b9a7d4db0eccc82 |
|
| /// File Name: |
lomac-v1.1.1.tar.gz |
Description:
|
LOMAC is a dynamically-loadable security module for Free UNIX kernels that uses Low Water-Mark Mandatory Access Control (MAC) to protect the integrity of processes and data from viruses, Trojan horses, malicious remote users, and compromised network server daemons. The LOMAC loadable kernel module can be used to harden Linux systems without any changes to existing kernels, applications, or configuration files. Due to its simplicity, LOMAC itself requires no configuration, regardless of the users and applications present on the system. Whitepapers available here and here.. Manual available here.
| | Homepage: | http://www.pgp.com/research/nailabs/secure-execution/lomac.asp | | Changes: | Capability and protection improvements. Changelog available | | File Size: | 156911 | | Last Modified: | Jul 17 18:05:34 2001 |
| MD5 Checksum: | 803f7faeb797ea4816478c29a335107d |
|
| /// File Name: |
grsecurity-2.1.8-2.4.32-20060121164..> |
Description:
|
A new grsecurity patch has been released for the 2.4.32 Linux kernel series. It implements a detection/prevention/containment strategy. It prevents most forms of address space modification, confines programs via its Role-Based Access Control system, hardens syscalls, provides full-featured auditing, and implements many of the OpenBSD randomness features. It was written for performance, ease-of-use, and security. The RBAC system has an intelligent learning mode that can generate least privilege policies for the entire system with no configuration. All of grsecurity supports a feature that logs the IP of the attacker that causes an alert or audit.
| | Author: | spender | | Homepage: | http://www.grsecurity.net | | File Size: | 151780 | | Last Modified: | Jan 27 15:07:40 2006 |
| MD5 Checksum: | 77e5fd7d8bb0eeb8ed8e9d0a4bff5cde |
|
| /// File Name: |
ippersonality-20010724-2.4.7.tar.gz |
Description:
|
The IP Personality project is a patch to Linux 2.4 kernels that adds netfilter features: it enables the emulation of other OSes at network level, thus fooling remote OS detection tools such as nmap that rely on network fingerprinting. The characteristics that can be changed are TCP Initial Sequence Number (ISN), TCP initial window size, TCP options (their types, values and order in the packet), IP ID numbers, answers to some pathological TCP packets, and answers to some UDP packets.
| | Author: | Gael Roualland and Jean-Marc Saffroy | | Homepage: | http://ippersonality.sourceforge.net | | Changes: | This release adds new manglings to fool latest versions of nmap (2.54BETA), and has lots of code improvement. Ported to kernel v2.4.7. | | File Size: | 150069 | | Last Modified: | Jul 29 05:22:40 2001 |
| MD5 Checksum: | 47004368805cffd9ff53ac4079961c9b |
|
| /// File Name: |
gspy-0.1.2-src.tar.gz |
Description:
|
Gspy retrieves images from a video4linux device and processes these into a daily mpeg movie on the disk drive. Each image is recorded with a time stamp to insure accurate real world correlation. Special motion detection algorithms are used to reduce the size of the daily movies by eliminating pictures with similar content as well as the normal compression obtained via the mpeg process. The result is a time lapse video per day with nonlinear time compression using only the images of interest. Screenshot available here.
| | Author: | Lawrence P. Glaister | | Homepage: | http://gspy.sourceforge.net | | File Size: | 145920 | | Last Modified: | Jul 22 00:26:36 2000 |
| MD5 Checksum: | 48e012647be50f3b40f1dc5039a4dd5a |
|
| /// File Name: |
motiontrack-0.1.3.tar.gz |
Description:
|
Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.
| | Author: | Corvus V Corax | | Homepage: | http://motiontrack.sourceforge.net/ | | Changes: | Added SMP support. | | File Size: | 136592 | | Last Modified: | Dec 11 15:27:26 2004 |
| MD5 Checksum: | d5ac6bd18bdf4dae8c552d0b2707395e |
|
| /// File Name: |
motiontrack-0.1.2.tar.gz |
Description:
|
Motiontrack is a set of tools that detects motion between two images. It is able to successfully distinguish random flicker from real object movement by applying a set of filters to the images, and can optionally ignore given colors and/or image regions. The roadmap provides for being able to identify objects by pattern detection and AI routines. Currently, this tool is able to turn line-art images into ASCII-art text as a demo feature.
| | Author: | Corvus V Corax | | Homepage: | http://motiontrack.sourceforge.net/ | | Changes: | Speed and documentation improvements, executables have been renamed, the sectorcheck now outlines sectors with detected movement in its output image. | | File Size: | 129818 | | Last Modified: | Oct 27 00:51:01 2004 |
| MD5 Checksum: | f364521a0d693e5e165b79670b46b8a2 |
|
| /// File Name: |
medusa-0.8.1-alpha.tar.gz |
Description:
|
Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
| | Author: | Marek Zelem and Martin Ockajak | | Homepage: | http://medusa.fornax.sk | | Changes: | Improved code that handles privilege elevation during execve(), added several missing permission checks to System V IPC code, fixed some missing dputs() in VFS code, and included alpha support for 2.4.x kernels. | | File Size: | 125604 | | Last Modified: | Aug 4 07:28:11 2001 |
| MD5 Checksum: | cfbcaca932c36688c54ab63434c57ef2 |
|
| /// File Name: |
medusa-0.9.0.tar.gz |
Description:
|
Medusa DS9 is a tool used to increase Linux's security. It consists of two major parts - Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
| | Author: | Marek Zelem and Martin Ockajak | | Homepage: | http://medusa.fornax.sk | | Changes: | Patched for 2.2.20 and 2.4.15. Includes a bunch of bugfixes. | | File Size: | 121002 | | Last Modified: | Nov 24 23:29:34 2001 |
| MD5 Checksum: | 5546ab7e67b2b95244aa8c5550afd35a |
|
| /// File Name: |
medusa-0.8.2.tar.gz |
Description:
|
Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
| | Author: | Marek Zelem and Martin Ockajak | | Homepage: | http://medusa.fornax.sk | | Changes: | Fixed a hard link bug in kernel v2.4. | | File Size: | 119805 | | Last Modified: | Sep 18 22:36:32 2001 |
| MD5 Checksum: | dd0ee6c3c66cd860779bbe488b8b9a63 |
|
| /// File Name: |
medusa-0.8.1.tar.gz |
Description:
|
Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
| | Author: | Marek Zelem and Martin Ockajak | | Homepage: | http://medusa.fornax.sk | | Changes: | This version contains Constable and the VS monitor (kernel patch) for Linux 2.2.19 and 2.4.7, along with several bugs found in the alpha which were fixed. | | File Size: | 119746 | | Last Modified: | Aug 10 16:38:08 2001 |
| MD5 Checksum: | 110d536f9f29999d0427ec9637b62270 |
|
| /// File Name: |
medusa-0.7.12.tar.gz |
Description:
|
Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets.
| | Author: | Marek Zelem and Martin Ockajak | | Homepage: | http://medusa.fornax.sk | | Changes: | Filesystem capabilities support has been added to the constable, a fix for a compilation problem when syscall tracing is disabled, new sample configuration file, and documentation changes. | | File Size: | 119194 | | Last Modified: | Aug 18 15:04:03 2000 |
| MD5 Checksum: | 91c7927fe6eb6ac586c83efed60c1760 |
|
| /// File Name: |
lomac-v1.1.0.tar.gz |
Description:
|
LOMAC is a security enhancement for Linux that uses Low Water-Mark Mandatory Access Control to protect the integrity of processes and data from viruses, Trojan horses, malicious remote users, and compromised root daemons. LOMAC is implemented as a loadable kernel module - no kernel recompilations or changes to existing applications are required. Although not all the planned features are currently implemented, it presently provides sufficient protection to thwart script-kiddies, and is stable enough for everyday use. Whitepaper available here. Manual available here.
| | Homepage: | http://www.pgp.com/research/nailabs/secure-execution/lomac.asp | | Changes: | Added mediation of directory modification operations, improving protection. | | File Size: | 114458 | | Last Modified: | May 11 20:00:13 2001 |
| MD5 Checksum: | 84d56b8af44184a4e7a5616c42c4b842 |
|
| /// File Name: |
medusa-0.6.3.tar.gz |
Description:
|
Medusa is a package, which improves overall security of Linux OS by extending standard Linux security architecture, but preserving backward compatibility. There is a small kernel patch and a user space security daemon.
| | Homepage: | http://medusa.fornax.sk | | File Size: | 111820 | | Last Modified: | Nov 4 13:13:05 1999 |
| MD5 Checksum: | 757162ba7102988e261ef024765c5776 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
