Security Resources

Many free and commercial programs can enhance system security. Some of these are listed in Table C-1. Many of these sites have links to other, interesting sites that are worth looking at.

Table C-1. Security resources

Tool	What it does	Where to get it
AIDE	Advanced Intrusion Detection Environment. Similar to tripwire with extensible verification algorithms.	sourceforge.net/projects/aide
bugtraq	A moderated mailing list for the announcement and detailed discussion of all aspects of computer security vulnerabilities.	www.securityfocus.com/archive/1
CERT	Computer Emergency Response Team. A repository of papers and data about major security events and a list of security tools.	www.cert.org
chkrootkit	Checks for signs of a rootkit indicating that the machine has been compromised.	www.chkrootkit.org
dsniff	Sniffing and network audit tool suite. Free.	monkey.org/~dugsong/dsniff
ethereal	Network protocol analyzer. Free.	www.ethereal.com
freefire	Supplies free security solutions and supports developers of free security solutions.	www.freefire.org
fwtk	Firewall toolkit. A set of proxies that can be used to construct a firewall.	www.fwtk.org
GIAC	A security certification and training Web site.	www.giac.org
hping	Multipurpose network auditing and packet analysis tool. Free.	www.hping.org
ISC2	Educates and certifies industry professionals and practitioners under an international standard.	www.isc2.org
John	John the Ripper: a fast, flexible, weak password detector.	www.openwall.com/john
Kerberos	Complete, secure network authentication system.	web.mit.edu/kerberos/www
LIDS	Intrusion detection and active defense system.	www.lids.org
LinuxSecurity.com	A solid news site dedicated to Linux security issues.	www.linuxsecurity.com
LWN.net	Security alert database for all major Linux distributions.	lwn.net/Alerts
Microsoft Security	Microsoft security information.	www.microsoft.com/security
nessus	A plugin-based remote security scanner that can perform more than 370 security checks. Free.	www.nessus.org
netcat	Explores, tests, and diagnoses networks.	freshmeat.net/projects/netcat
nmap	Scans hosts to see which ports are available. It can perform stealth scans, determine operating system type, find open ports, and more.	nmap.org
RBAC	Role Based Access Control. Assigns roles and privileges associated with the roles.	csrc.nist.gov/groups/SNS/rbac
Red Hat Security	Red Hat security information.	www.redhat.com/security
SAINT	Security Administrator’s Integrated Network Tool. Assesses and analyzes network vulnerabilities. This tool follows satan.	www.saintcorporation.com
samhain	A file integrity checker. Has a GUI configurator, client/server capability, and real-time reporting capability.	www.la-samhna.de/samhain
SANS	Security training and certification.	sans.org
SARA	The Security Auditor’s Research Assistant security analysis tool.	www-arc.com/sara
Schneier, Bruce	Security visionary.	www.schneier.com
Secunia	Monitors a broad spectrum of vulnerabilities.	secunia.com
SecurityFocus	Home for security tools, mail lists, libraries, and cogent analysis.	www.securityfocus.com
snort	A flexible IDS.	www.snort.org
srp	Secure Remote Password. Upgrades common protocols, such as TELNET and FTP, to use secure password exchange.	srp.stanford.edu
ssh	A secure rsh, ftp, and rlogin replacement with encrypted sessions and other options. Supplied with Fedora/RHEL.	www.ssh.org openssh.org
swatch	A Perl-based log parser and analyzer.	sourceforge.net/projects/swatch
Treachery	A collection of tools for security and auditing.	www.treachery.net/tools
tripwire	Checks for possible signs of intruder activity. Supplied with Fedora/RHEL.	www.tripwire.com