Looking through some directories, I found a list of some programs and web page addresses that deal with network security. So I decided to write this article that aims to help network administrators and not only to have a server as secure as possible.

I'll start with a list of programs and various security tools, which can be boring at times, but useful when you need these tools.
- ipfilter: (http://cheops.anu.edu.au/~avalon/ip-filter.htm) is a program with which you can filter IPs
- freestone: (ftp://ftp.soscorp.com / pub / sos / freestone) firewall
- deslogin: (ftp://ftp.uu.net/pub/security/des) remote login
- satan: (http://www.fish.com/satan) Security Adminstration Tool for Analyzing Networks
- Coutney: (ftp://ftp.auscert.org.au/pub/mirrors/ciac.llnl.gov/sectools/unix/courtney/) Monitors the network and identifies the source machine of a SATAN attack / scan
- Merlin: (ftp://ciac.llnl.gov/pub/ciac/sectools/unix/merlin/) graphical interface for COPS, Tiger, Crack and Tripwire security programs
- rsaeuro: (ftp: //ftp.ox. ac.uk/pub/crypto/misc) encryption tools
- COPS: (ftp://ftp.cerias.purdue.edu/pub/tools/unix/scanners/cops/) check the security of UNIX systems
- SARA: (http: //www-arc.com/sara/sara.html) Security Auditor's Research Assistant, scanner to detect network vulnerabilities
- SAINT: (http://www.wwdsi.com/products/saint_engine.html) search network computers , scans ports and provides the user with a security report (commercial product)
- Tiger: (http://www.net.tamu.edu/network/tools/tiger.html) Scans UNIX systems for security issues, similar to COPS

Securing connections: SSH (Secure Shell) and SSL (Secure Socket Layer)
- ssh.com: (http://www.ssh.com/products/ssh) Secure Shell
- OpenSSH: (http://www.openssh.org ) the 'open' version of ssh; required
- OpenSSL: (http://www.openssl.org) Secure Socket Layer (required OpenSSH)
- zlib: (http://www.gzip.org/zlib.tar.gz) (required OpenSSH)
- ssh: ( http://www.cs.hut.fi/ssh/) commercial versions for SSH1 and SSH2
- SSL: (ftp://ftp.tu-chemnitz.de/pub/Local/informatik/sec_tel_ftp/) Encrypted Telnet
- Clients Windows
- PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html) client for Telnet, SSH, SCP, SFTP
- WinSCP (http://winscp.vse.cz/eng /) SCP client (Secure CoPy)

Below I will present some audit programs. What is an audit? In a few words, this term designates a preventive control over the network security (in our case). Some of the most used audit programs are: Nessus, Chkrootkit, AdminForce CGI Auto Audit (http://www.linuxforce.net).

Nessus will try to detect holes in the security of the system trying to take advantage of the various weaknesses known in general. It will identify the various services running on the system and try to find security 'leaks'. If any vulnerabilities are found, upgrade recommendations or configuration changes will be made. It will also tell you what to worry about and why your system is vulnerable. It can give you these reports in various formats, among which the one in HTML contains graphics and links to security stats or where you can find upgrades. Nessus checks the vulnerabilities of UNIX, Linux and Windows systems and can be found at http://Nessus.org or http://freshrmps.net. Caution: Scanning a system other than your own is illegal.
Chkrootkit will check the system against intruder programs or Trojans and viruses. The program can be found at www.chkrootkit.org, being in fact a shell script and some programs in the C language.

Another danger to which a system can be exposed is the open ports. For port verification there are programs such as:
- nmap (http://www.insecure.org/index.html) this program is a port scanner and security investigation tool;
- nmapFe (http://codebox.net/nmapfe.html) a graphical interface for nmap;
- ndiff (http://www.vinecorp.com/ndiff) compares the various results obtained by nmap to determine the changes that have taken place;
- strobe (http://freshmeat.com/projects/strobe-classb/) scans the network
- portscan (http://www.perl.com/CPAN-local/authors/id/RBOW/portscan-1.0) a script in the Pearl language that searches for open ports.

Even if Linux operating systems are not as exposed to viruses as those produced by Microsoft, this should not be overlooked. Here are some useful links, where you can find antivirus programs and information:

http://www.fsecure.com/, http://symantec.com/, http://www.mcafee.com/ etc.

I hope that everything I have presented to you in this article will be useful for you to have quieter nights, when you do not personally supervise your server and it is exposed to cracker attacks. Indeed, the saying that the safest computer is the one that is off is true, but in a world where the Internet is more and more present in our lives, it can no longer be applied and therefore measures must be taken accordingly.

  • What is your reaction?
  • powered by Verysign
  • like gnulinux.ro
  • unmoved gnulinux.ro
  • amused gnulinux.ro
  • excited gnulinux.ro
  • angry gnulinux.ro
  • sad gnulinux.ro
TENDINTA  |  SystemRescue 8.00
John Doe                   gnulinux.ro
John Doe
Articole publicate de la contributori ce nu detin un cont pe gnulinux.ro. Continutul este verificat sumar, iar raspunderea apartine contributorilor.
250 articole

  • Comment
  • powered by Verysign

Nici un comentariu inca. Fii primul!