Proactive tools
@Stake LC5
LC4 is a password auditing and recovery application. It helps administrators secure Windows-authenticated networks through comprehensive auditing of Windows NT and Windows 2000 user account passwords. LC4 recovers Windows user account passwords to streamline migration of users to another authentication system or to access accounts whose passwords are lost.
@STAKE security tools list
This is another list with security related tools, maintained by former l0pht, now @stake. Some known *nix- and win-tools, but also some interesting tools for PalmOS.
AbuseHelper
AbuseHelper is toolkit for CERT and Abuse teams. It is a modular, (hopefully) scalable and robust framework to help you in your abuse handling. With Abuse Helper you can retrieve Internet Abuse Handling related information via several sources, you can then aggregate that information based on different keys, such as AS numbers or country codes and send out reports in different formats, via different transports and using different timings.
AIS Alarms
The AIS Alarms-Unix System provides network and host-based computer security event monitoring, assessment, and response. It is implemented as a collection of distributed software modules that provide active monitoring, and to a limited degree, automatic response to suspicious activities (so called "attacks") that typically indicate attempts to gain or use unauthorized access to a computer or computer network.
Argus (Audit Record Generation and Utilisation System)
Argus is a network monitoring system that can track the status and performance of transactions on the network it monitors. Information is recorded in a standard format; records can be analyzed after capture to measure performance or look for anomalies, including signs of intrusions or other unauthorised use.
Assuria Auditor
Assuria Auditor provides deep configuration and vulnerability scanning, inventory reporting, compliance assessment and powerful change detection through an extensible and flexible architecture. It provides vital information assurance and protection for critical business servers and helps maintain systems in a secure ‘known state’. Assuria Auditor utlises a comprehensive built-in Knowledge Base of known security vulnerabilities, security control configurations, up to date patch checks and security best practice information to enable organisations to easily bring their IT infrastructures up to high standards of security, especially servers. Internal IT security knowledge or experience is not necessary, because the built-in Assuria Auditor knowledge base includes not only the thousands of individual checks for a wide range of operating platforms, but also explanations of the implications of each vulnerability and step by step instructions on remediation.
BGP Ranking
BGP ranking is a free software and free services to calculate the security ranking of Internet Service Provider (ASN).
Bogon Reference
A bogon prefix is a route that should never appear in the Internet routing table. A packet routed over the public Internet (not including over VPNs or other tunnels) should never have a source address in a bogon range. These are commonly found as the source addresses of DDoS attacks. We have attempted to make the task of maintaining bogon filters simpler for network operators by providing a wide range of formats and methods through which you can receive this data, which are all updated on the same interval, and based on the authoritative sources of the data (the relevant RFCs, the IANA IPv4 allocation list, and RIR data). Changes in all of these sources are constantly monitored and quickly reflected within the documents we provide. Bogon tracking and alerting is currently available through HTTP, BGP Peering, Routing Registries (RADb and RIPE NCC) and DNS.
Dmalloc - Debug Malloc Library
The debug memory allocation or dmalloc library has been designed as a drop in replacement for the system's malloc, realloc, calloc, free and other memory management routines while providing powerful debugging facilities configurable at runtime. These facilities include such things as memory-leak tracking, fence-post write detection, file/line number reporting, and general logging of statistics.
Ethereal
Ethereal is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
