(Page 1 of 4) 1 2 3 4 Next > Category: Hardening GeSWall Server Edition Added 2006-04-03 With GeSWall Server Edition, you can harden your Web, Mail and SQL Servers. Hardening implies an isolation security policy that prevents damage from targeted intrusions and effectively precludes various attacks, known and unknown. Built on proven technology, GeSWall Server Edition provides powerful features to manage its security policy by means of Microsft Windows Group Policy and Active Directory. Security Cloak Added 2006-03-09 Allows you to spoof your OS in order to fool passive fingerprinting techniques (twenty different OSs are supported). Also helps prevent information leakage via timestamp options. dotDefender Added 2006-02-06 dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). easily installed, dotDefender requires minimal administrator maintanance and updates via a "live update" functionality that keeps its rule set up to date, enabling it to secure the Web environment from the moment it is deployed. dotDefender is cost-effective and is available for a 30 day evaluation period at www.dotdefender.com Windows Permission Identifier Added 2006-01-18 This tool enables administrators and penetration testers to review and audit the permissions of users on a windows machine. Windows Permission Identifier can check; File ACLs Folder ACLs Registry ACLs Services Permissions Shares Installation rights Internet Access and so on. The GUI enables the administrator to create policies that can be saved in XML format. The windows machines permissions are then checked against this policy. This enables administrators to run checks against existing organisational windows security baseline documents. Policies can be saved in XML format and all results can be exported for further use. WARNING: The policy that is included is a sample of the functionality of the tool. It is not a security policy that should be followed. Report Bugs & send your own policy files : nhouse[at]stationx.net It would be very useful to the community if you send me any policies you create. For example, Web server, desktop, domain controller or what ever you create. I will upload your policy files to the site and credit you. dotDefender Added 2005-12-19 dotDefender secures websites against a broad range of HTTP-based attacks, including Session attacks (e.g. Denial of Service), Web application attacks (e.g. SQL injection, Cross-site scripting, and known attack signatures), as well as requests originating from known attack sources ( e.g. spammer bots and compromised servers). dotDefender installs within moments on the Web server along with a predefined, configurable rule-base - enabling it to secure the Web environment from the moment it is deployed, with virtually no administrator intervention. dotDefender retails at a fraction of the cost of conventional web application firewalls, and is available for evaluation via a free 30-day trial. fortifie Added 2005-09-06 Fortifie is designed as a security tool for Windows computers running Internet Explorer 4 or greater, which will provide peace of mind as you surf the web, and confidence that you are protected from many internet borne threats, such as covert software installation. Proactive Password Auditor Added 2005-07-30 Proactive Password Auditor is a password security test tool that's designed to allow Windows NT, Windows 2000, Windows XP and and Windows Server 2003-based systems administrators to identify and close security holes in their networks. Proactive Password Auditor helps secure networks by executing an audit of account passwords, and exposing insecure account passwords. If it is possible to recover the password within a reasonable time, the password is considered insecure. The software supports a few different methods of obtaining password hashes for further attack/audit: from dump files (generated by 3rd party tools like pwdump/pwdump2/pwdump3), Registry of local computer, binary Registry files (SAM and SYSTEM), memory of local computer, and memory of remote computers (Domain Controllers), including ones running Active Directory. The product features brute-force and dictionary attacks on LM and NTLM password hashes, effectively optimized for speed, plus "rainbow" attack, that uses pre-computed hash tables that allow to find most passwords in minutes instead of days or weeks. Umbrella Added 2005-04-20 Umbrella is a security mechanism that implements a combination of Process-Based Access Control (PBAC) and authentication of binaries through Digital Signed Binaries (DSB). The scheme is designed for Linux-based consumer electronic devices ranging from mobile phones to settop boxes. Umbrella is implemented on top of the Linux Security Modules (LSM) framework. The PBAC scheme is enforced by a set of restrictions on each process. DigSig Added 2005-01-25 DigSig Linux kernel load module checks the signature of a binary before running it. It inserts digital signatures inside the ELF binary and verify this signature before loading the binary. Therefore, it improves the security of the system by avoiding a wide range of malicious binaries like viruses, worms, Torjan programs and backdoors from running on the system. Sherpa Added 2004-11-30 Sherpa is a tool for configuring and then checking system security via the console. Written in perl, it allows an admin to maintain a custom database of file and directory permissions and ownership attributes as local needs dictate. Any changes from the prescribed layout will be detected each time Sherpa is run. Also, Sherpa does some basic system checks (world-writable files, .rhosts and hosts.equiv files, etc.) that help the busy admin keep on top of a system. Browse by category |
|
Privacy Statement |