munitions - cryptographic software for linux
This is one of the several public mirrors of the linux cryptography archives known as munitions.
Thursday, February 28, 2002
Wednesday, February 27, 2002
Security and Encryption FAQ-Revision 15
"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."
Article 12 Universal Declaration of Human Rights
"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks."
Article 12 Universal Declaration of Human Rights
BRIK
BRIK Asset Control provides the company administrator with the necessary tools to track the location and usage of company computer assets. If the computer is stolen or lost, BRIK Asset Control will assist in determining the location of the stolen equipment such that the proper authorities may retrieve the stolen property.
BRIK Asset Control provides the company administrator with the necessary tools to track the location and usage of company computer assets. If the computer is stolen or lost, BRIK Asset Control will assist in determining the location of the stolen equipment such that the proper authorities may retrieve the stolen property.
S/MIME Freeware Library (SFL)
The S/MIME Freeware Library (SFL) implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It supports all of the optional ESS security features such as signed receipts, security labels, secure mail list information, and signing certificate attributes. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification.
The S/MIME Freeware Library (SFL) implements the IETF S/MIME v3 RFC 2630 Cryptographic Message Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. It supports all of the optional ESS security features such as signed receipts, security labels, secure mail list information, and signing certificate attributes. It also implements portions of the RFC 2633 Message Specification and RFC 2632 Certificate Handling document. When used in conjunction with the Crypto freeware library, the SFL implements the RFC 2631 Diffie-Hellman (D-H) Key Agreement Method specification.
Security Testing
This document describes a methodology for using network-based tools for testing systems for vulnerabilities. The primary aim of the document is to help administrators and managers get started with a program for testing on a routine basis. The methodology recommends focusing first on those systems that are accessible externally, e.g., firewalls, web servers, etc., and then moving on to other systems as resources permit. The document includes many pointers to various testing applications and contains more detailed descriptions of several of the more popular test tools.
This document describes a methodology for using network-based tools for testing systems for vulnerabilities. The primary aim of the document is to help administrators and managers get started with a program for testing on a routine basis. The methodology recommends focusing first on those systems that are accessible externally, e.g., firewalls, web servers, etc., and then moving on to other systems as resources permit. The document includes many pointers to various testing applications and contains more detailed descriptions of several of the more popular test tools.
Tuesday, February 26, 2002
APTools - Detect Wireless Access Points over the wire
APTools is a utility that queries ARP Tables and Content-Addressable Memory (CAM) for MAC Address ranges associated with 802.11b Access Points. It will also utilize Cisco Discovery Protocol (CDP) if available. If a Cisco Aironet MAC Address is identified, the security configuration of the Access Point is audited via HTML parsing.
APTools is a utility that queries ARP Tables and Content-Addressable Memory (CAM) for MAC Address ranges associated with 802.11b Access Points. It will also utilize Cisco Discovery Protocol (CDP) if available. If a Cisco Aironet MAC Address is identified, the security configuration of the Access Point is audited via HTML parsing.
Storage Media Archival and Recovery Toolkit
SMART can perform a complete backup / restore of numerous systems including DOS, Macintosh, Windows 9x, WindowsNT, Windows2000, WindowsME, HPFS, OS/2, Linux, many flavors of Unix, Solaris and more... all from one application on one platform!
SMART is the perfect tool for backing up, upgrading or cloning hard drives, deploying site licensed software updates and distributing "baseline" software configurations across multiple platforms.
SMART allows you to quickly partition, repartition, format, initialize, backup, restore, explore and search virtually any hard disk drive.
SMART provides fast and powerful features for finding files based on multiple criteria (including contents), file compare, graphic file preview mode and many more useful tools for file management and system administration.
SMART allows you to look inside many types of compressed files, so if the file or data you are looking for is in a zip (or tar or gzip) file, you can still find it.
SMART allows you to copy files to and from DOS, FAT, VFAT, HFS, NTFS, HPFS, OS2, Linux EXT2, EXT3, Reiser, NFS, ISO9660, CDFS and UFS volumes with a simple drag and drop interface.
SMART supports disk images (with compression and segmentation options), and allows you to mount numerous file systems together on one common desktop.
SMART supports files over 2 gigabytes, allowing you to copy a 60 gigabyte hard drive as a single file... no voodoo, just poi
SMART can perform a complete backup / restore of numerous systems including DOS, Macintosh, Windows 9x, WindowsNT, Windows2000, WindowsME, HPFS, OS/2, Linux, many flavors of Unix, Solaris and more... all from one application on one platform!
SMART is the perfect tool for backing up, upgrading or cloning hard drives, deploying site licensed software updates and distributing "baseline" software configurations across multiple platforms.
SMART allows you to quickly partition, repartition, format, initialize, backup, restore, explore and search virtually any hard disk drive.
SMART provides fast and powerful features for finding files based on multiple criteria (including contents), file compare, graphic file preview mode and many more useful tools for file management and system administration.
SMART allows you to look inside many types of compressed files, so if the file or data you are looking for is in a zip (or tar or gzip) file, you can still find it.
SMART allows you to copy files to and from DOS, FAT, VFAT, HFS, NTFS, HPFS, OS2, Linux EXT2, EXT3, Reiser, NFS, ISO9660, CDFS and UFS volumes with a simple drag and drop interface.
SMART supports disk images (with compression and segmentation options), and allows you to mount numerous file systems together on one common desktop.
SMART supports files over 2 gigabytes, allowing you to copy a 60 gigabyte hard drive as a single file... no voodoo, just poi
Dave Dittrich
I'm a Senior Security Engineer and Consultant for the University of Washington's Computing & Communications Client Services group, dealing primarily with security incident response and system security. My background is in programming and UNIX system administration on several platforms.
I'm a Senior Security Engineer and Consultant for the University of Washington's Computing & Communications Client Services group, dealing primarily with security incident response and system security. My background is in programming and UNIX system administration on several platforms.
Computer Security
This paper is a discussion of computer security. Rather than detailing the standard weaknesses in computer security (which have been detailed many times in the past), this paper discusses a few recent vulnerabilities and details of where further information on computer security can be found. This information includes a large number of papers and books where more general discussions on computer security can be found.
This paper is a discussion of computer security. Rather than detailing the standard weaknesses in computer security (which have been detailed many times in the past), this paper discusses a few recent vulnerabilities and details of where further information on computer security can be found. This information includes a large number of papers and books where more general discussions on computer security can be found.
Improving Computer Security through Network Design The concept of a security domain that is introduced in this paper is not new. Many computer security practitioners have been (either explicitly or implicitly) using the ideas presented here for many years in protecting their networks.
What is required by all organisations is a more formal approach to the definition and protection of the various security domains. Failure to do this leaves an organisation open to attack and abuse. The purpose of this paper is to introduce the reader to a more formal concept of a security domain, how to recognise one, the dangers of sharing two domains of differing security requirements, and how to design a network to use and protect security domains.
A brief introduction to the three security requirements is used to provide a better understanding of the risk assessment process. This process helps to identify the differing security requirements for different parts of the information processing infrastructure, and hence to define the security domains.
What is required by all organisations is a more formal approach to the definition and protection of the various security domains. Failure to do this leaves an organisation open to attack and abuse. The purpose of this paper is to introduce the reader to a more formal concept of a security domain, how to recognise one, the dangers of sharing two domains of differing security requirements, and how to design a network to use and protect security domains.
A brief introduction to the three security requirements is used to provide a better understanding of the risk assessment process. This process helps to identify the differing security requirements for different parts of the information processing infrastructure, and hence to define the security domains.
Site Security Handbook
This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet (however, the information provided should also be useful to sites not yet connected to the Internet). This guide lists issues and factors that a site must consider when setting their own policies. It makes a number of recommendations and provides discussions of relevant areas.
This handbook is a guide to setting computer security policies and procedures for sites that have systems on the Internet (however, the information provided should also be useful to sites not yet connected to the Internet). This guide lists issues and factors that a site must consider when setting their own policies. It makes a number of recommendations and provides discussions of relevant areas.
Collecting Electronic Evidence After a System Compromise
Collecting forensic evidence for the purposes of investigation and/or prosecution is difficult at the best of times, but when that evidence is electronic an investigator faces extra complexities. Generally, electronic evidence has none of the permanence that conventional evidence has, and is more difficult to present in a way that can be readily understood. The purpose of this paper is to highlight these difficulties and to suggest strategies to overcome them. Note that no legal advice is given here – different regions have different legislation. This paper will not address everything you need to know for your particular circumstances – it is a guide only. Always seek further information, including legal advice, for your specific circumstances.
Collecting forensic evidence for the purposes of investigation and/or prosecution is difficult at the best of times, but when that evidence is electronic an investigator faces extra complexities. Generally, electronic evidence has none of the permanence that conventional evidence has, and is more difficult to present in a way that can be readily understood. The purpose of this paper is to highlight these difficulties and to suggest strategies to overcome them. Note that no legal advice is given here – different regions have different legislation. This paper will not address everything you need to know for your particular circumstances – it is a guide only. Always seek further information, including legal advice, for your specific circumstances.
Windows NT Intruder Detection Checklist
This document outlines suggested steps for determining whether or not your system has been compromised. System administrators can use this information to look for several types of break-ins.
This document outlines suggested steps for determining whether or not your system has been compromised. System administrators can use this information to look for several types of break-ins.
CERT®/CC Steps for Recovering from a UNIX or NT System Compromise
This document sets out suggested steps for responding to a UNIX or NT system compromise.
This document sets out suggested steps for responding to a UNIX or NT system compromise.
Monday, February 25, 2002
chkrootkit -- locally checks for signs of a rootkit
chkrootkit: shell script that checks system binaries for rootkit modification.
chkrootkit: shell script that checks system binaries for rootkit modification.
Ettercap
Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN.
It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.
It's possible to sniff in four modes.
IP Based, the packets are filtered on IP source and dest
MAC Based, packets filtered on mac address, useful to sniff connections through gateway
ARP based, uses arp poisoning to sniff in switched lan between two hosts (full-duplex).
PublicARP based, uses arp poisoning to sniff in switched lan from a victim host to all other hosts (half-duplex).
Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN.
It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.
It's possible to sniff in four modes.
IP Based, the packets are filtered on IP source and dest
MAC Based, packets filtered on mac address, useful to sniff connections through gateway
ARP based, uses arp poisoning to sniff in switched lan between two hosts (full-duplex).
PublicARP based, uses arp poisoning to sniff in switched lan from a victim host to all other hosts (half-duplex).
Foundstone Ultimate Web Hacking
course
You can’t forget the Web when it comes to your network’s security. This course focuses on techniques to exploit and defend your Web-based applications. See if you’re up to the challenge of 3 instructors using everything in their arsenal to penetrate your e-commerce liabilities. Collectively, your instructors have performed hundreds of Web and e-commerce security assessments, managing security programs at 3 of the Big 5 consulting firms, the United States Air Force, and on Wall Street.
Malicious hackers can be waiting to attack the minute your Web applications come online and e-businesses go live. To secure and monitor your Web-enabled enterprise, you need to know every vulnerability that can be exploited internally and externally. Attackers no longer need back doors or sophisticated tools to compromise a system. In the Web era, the way into a network is often right through the lobby.
This ultimate Web security class from Global Knowledge and Foundstone provides students with the knowledge and tools to recognize present vulnerabilities and perform ongoing assessments. Unique in the security-training industry, Ultimate Web Hacking demonstrates the latest techniques for exploiting Web-based applications, as well as defenses for these weaknesses. Explore CGI, ASP, and Cold Fusion vulnerabilities and exploits such as buffer and input-field overflows.
course
You can’t forget the Web when it comes to your network’s security. This course focuses on techniques to exploit and defend your Web-based applications. See if you’re up to the challenge of 3 instructors using everything in their arsenal to penetrate your e-commerce liabilities. Collectively, your instructors have performed hundreds of Web and e-commerce security assessments, managing security programs at 3 of the Big 5 consulting firms, the United States Air Force, and on Wall Street.
Malicious hackers can be waiting to attack the minute your Web applications come online and e-businesses go live. To secure and monitor your Web-enabled enterprise, you need to know every vulnerability that can be exploited internally and externally. Attackers no longer need back doors or sophisticated tools to compromise a system. In the Web era, the way into a network is often right through the lobby.
This ultimate Web security class from Global Knowledge and Foundstone provides students with the knowledge and tools to recognize present vulnerabilities and perform ongoing assessments. Unique in the security-training industry, Ultimate Web Hacking demonstrates the latest techniques for exploiting Web-based applications, as well as defenses for these weaknesses. Explore CGI, ASP, and Cold Fusion vulnerabilities and exploits such as buffer and input-field overflows.
Foundstone Ultimate Hacking
course
Powerful 4-day course from the experts who wrote the book "Hacking Exposed" - offered exclusively by Global Knowledge.
Learn to defend your systems, networks, and applications. Over the course of 4 days, Global Knowledge and Foundstone will walk you through dozens of attacks, exploits, and other hacker techniques. We will show you the tools and methods to defend against these attempts. More importantly, you will exercise techniques in non-stop, hands-on labs so that you can protect your networks in the real world.
Expert instructors will walk you through "footprinting" your organization’s Internet presence, and then show you how to identify, exploit, and secure well-known and little-known vulnerabilities in Windows NT, Windows 2000, and UNIX systems.
You will explore common weaknesses in router and firewall installations, learning ways to circumvent traditional and "hardened" security filters or firewalls. In the final exercise, you will assess and attempt to exploit a simulated "secure" network with multiple operating systems and security mechanisms.
course
Powerful 4-day course from the experts who wrote the book "Hacking Exposed" - offered exclusively by Global Knowledge.
Learn to defend your systems, networks, and applications. Over the course of 4 days, Global Knowledge and Foundstone will walk you through dozens of attacks, exploits, and other hacker techniques. We will show you the tools and methods to defend against these attempts. More importantly, you will exercise techniques in non-stop, hands-on labs so that you can protect your networks in the real world.
Expert instructors will walk you through "footprinting" your organization’s Internet presence, and then show you how to identify, exploit, and secure well-known and little-known vulnerabilities in Windows NT, Windows 2000, and UNIX systems.
You will explore common weaknesses in router and firewall installations, learning ways to circumvent traditional and "hardened" security filters or firewalls. In the final exercise, you will assess and attempt to exploit a simulated "secure" network with multiple operating systems and security mechanisms.
C S R C - Guidance Publications Library
Organizations in all sectors of the economy depend upon information systems and communications networks, and share common requirements to protect sensitive information. ITL works with industry and government to establish secure information technology systems for protecting the integrity, confidentiality, reliability, and availability of information.
Under the Computer Security Act of 1987 (P.L. 100-235), the Computer Security Division of the Information Technology Laboratory (ITL) develops computer security prototypes, tests, standards, and procedures to protect sensitive information from unauthorized access or modification. Focus areas include cryptographic technology and applications, advanced authentication, public key infrastructure, internetworking security, criteria and assurance, and security management and support.
These publications present the results of NIST studies, investigations, and research on information technology security issues.
Organizations in all sectors of the economy depend upon information systems and communications networks, and share common requirements to protect sensitive information. ITL works with industry and government to establish secure information technology systems for protecting the integrity, confidentiality, reliability, and availability of information.
Under the Computer Security Act of 1987 (P.L. 100-235), the Computer Security Division of the Information Technology Laboratory (ITL) develops computer security prototypes, tests, standards, and procedures to protect sensitive information from unauthorized access or modification. Focus areas include cryptographic technology and applications, advanced authentication, public key infrastructure, internetworking security, criteria and assurance, and security management and support.
These publications present the results of NIST studies, investigations, and research on information technology security issues.
Subscribe to:
Posts (Atom)
