|Linux Security - News
Debian GNU Linux Security Information - this page addresses Debian's status with respect to various known security holes, which could potentially affect Debian.
SUSE Linux Enterprise Security - This page regularly informs you about security issues concerning SUSE Linux.
Mandriva Security - Mandriva provides timely security advisories to users of Mandriva Linux and related products to ensure users a safe computing experience, regardless of whether the chosen product is used as a desktop system or server..
Gentoo - Security Announcements.
LinuxSecurity.com Advisories - Scouring the Web for those critical security advisories and updates? Find the information you need for your favorite open source distribution all in one place on this Advisories page.
Freefire Project - Besides beeing a Starting-Point in the Web for seeking free IT Security Solutions a main goal for the Project is to support Developers, Designers and Security Experts in the usage of free Software. In addition to this pages (where you can find Information and Tools) there is a mailing list, dedicated to security software developers and security experts.
Pro-Linux Sicherheitsservice - Auf diesen Seiten finden Sie alle aktuellen Sicherheitsmeldungen der wichtigsten Distributionen mit Angabe der Distribution, des Veroeffentlichungsdatums und der behandelten Sicherheitsluecke.
SecurityFocus - Unix.
SecurityFocus - Bugtraq Archive.
|Linux Security Howtos
Security Quick-Start HOWTO for Linux - This document is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction.
Security Quick-Start HOWTO for Redhat Linux - is a an overview of the basic steps required to secure a Linux installation from intrusion. It is intended to be an introduction.
Securing Debian Manual - describes security in the Debian project. Starting with the process of securing and hardening the default Debian GNU/Linux distribution installation. It also covers some of the common tasks to set up a secure network environment using Debian GNU/Linux, gives additional information on the security tools available and talks about how security is enforced in Debian by the security team..
Anleitung zum Absichern von Debian - Dieses Dokument beschreibt den Prozess, eine Debian- Standard- Installation abzusichern und abzuhaerten. Es deckt die alltaegliche Arbeit, eine sichere Netzwerkumgebung mit Debian GNU/Linux zu schaffen ab, und gibt zusaetzlich Informationen über verfuegbare Sicherheits- Tools und die Arbeit des Debian Sicherheit-Teams.
Linux Security HOWTO - This document is a general overview of security issues that face the administrator of Linux systems. It covers general security philosophy and a number of specific examples of how to better secure your Linux system from intruders.
Linux Administrator's Security Guide - by Kurt Seifried.
Secure Your Unix/Linux OS - Articles and information to help you understand the holes and vulnerabilities that might be present in a Unix or Linux operating system and the tools and utilities commonly used with them as well as how you can configure your system to be as secure as possible..
UNIX Configuration Guidelines - This document describes commonly exploited UNIX system configuration problems and recommends practices that can be used to help deter several types of break-ins.
Sicherheit in Netzen - ist eine hervorragende Arbeit zum Thema Sicherheit in Netzen in deutsch.
Linuxsecurity Howtos - Need a step-by-step guide to get your firewall up and running? This and many other specific and practical guides to setting up secure services from Asterisk to Zend can be found in this HOWTO section.
Firewall-Architekturen - beschreibt eine Vielzahl von Methoden, Firewall-Komponenten zusammenzusetzen, und befasst sich mit deren Vor- und Nachteilen.
Packet-Filtering-HOWTO - ist eine deutsche Uebersetztung des Linux 2.4 Packet Filtering HOWTO. "Dieses HOWTO wechselt zwischen einer leichten Einfuehrung und rohen Enthuellungen".
NAT-HOWTO - beschreibt auf deutsch, wie man Masquerading, transparente Proxies, Port Forwarding und andere Formen der Network Address Translation mit dem 2.4er Linuxkernel einsetzen kann.
netfilter/iptables FAQ - contains the Frequently Asked Questions as encountered on the netfilter mailing list.
LinuxGuruz Netfilter IPTABLES Firewall Page - offers many links to iptables- scripts, FAQs, Howtos, Tutorials and other Network Security Sites.
Workshop: Firewall & Sicherheit - Dieses Dokument behandelt die Einrichtung einer Paketfilter-Firewall unter dem Betriebssystem Linux. Nach einer kurzen Einführung und der Erklärung wichtiger Begriffe folgt ein Überblick über mögliche Angriffe. In den weiteren Kapiteln folgt die Einrichtung der Firewall sowie weiterer Sicherheitsvorkehrungen.
Sicherheit im Kabelnetzwerk - 10 Gebote fuer den Schutz der elektronischen Privatsphaere im Breitbandinternet (Kabelmodem, xDSL, ISDN und andere).
How to Remove Windows Viruses with Linux - By booting from a Linux Live CD or USB, you can remove the offending programs manually or with a Linux-based anti-virus program. This guide will cover creation of a bootable USB Linux system as well as a comparison of the antivirus software options.
|Linux Security - Downloads
Packetstorm - is an extremely large and current security tools resource. Packetstorm is a non-profit organization comprised of security professionals dedicated to providing the information necessary to secure the World's networks.
Freefire Security Tools List - This is a list of many security tools.
Network Monitoring Tools - This is a list of tools used for Network (both LAN and WAN) Monitoring tools and where to find out more about them. The audience is mainly network administrators.
Openwall Project - security/hacking tools.
Secureroot.com - Computer Security Resource. Exploits, Hacking, Anonymity, Cracking, Encryption, Phreaking, OS Security, Virii ... and Books devoted to computer security.
Nomad Mobile Research Center - Most of the stuff here deals with computer security. All of NMRC's hack and cracks will bring forth the idea that you cannot secure a system for long -- sooner or later someone will find a way around the obstacle.
NetCop UTM (Unified Threat Management) - is a Linux based (Linux from scratch) gateway for secure internet. No need to install any software at client side. NetCop does Content filter, Cache Engine, Spam protection, Hotspot, bandwidth control. Also protect your network from incoming threats like Virus, SPAM, Trojan etc.
Security-enhanced Linux - is a research prototype of the Linux kernel and a number of utilities with enhanced security functionality designed simply to demonstrate the value of mandatory access controls to the Linux community and how such controls could be added to Linux.
Fedora SELinux - Security-enhanced Linux Project Pages of the Fedora-Project.
tcpdump - is a powerful tool for network monitoring and data acquisition. This program allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface, filter packets that match a certain expression.
Ettercap - is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis, that are integrated with a easy-to-use and pleasureful ncurses interface.
Security Administrator's Tool for Analyzing Networks (SATAN) - is a tool to help systems administrators. It recognizes several common networking-related security problems, and reports the problems without actually exploiting them.
SAINT - the "Security Administrator's Integrated Network Tool" is a vulnerability-assessment scanner. SAINT has been released under the original SATAN license and conforms to the Open Source Definition.
Wireshark - (former Ethereal) is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Wireshark has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
OpenVAS - stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications. OpenVAS products are Free Software under GNU GPL.
Nmap Security Scanner - is a utility for network exploration or security auditing. It supports ping scanning, many port scanning techniques, and TCP/IP fingerprinting. Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more. Console and X-Window versions are available.
Nessus - is a free, powerful, up-to-date and easy to use remote security scanner. Nessus is currently rated among the top products of its type throughout the security industry and is endorsed by professional information security organizations such as the SANS Institute.
Angst - is an active sniffer, based on libpcap and libnet. It provides methods for aggressive sniffing on switched local area network environments. It dumps the payload of all the TCP packets received on the specified ports.
chkrootkit - is a tool to locally check for signs of a rootkit.
Rootkit Hunter - (rkhunter) scans for rootkits, backdoors and local exploits.
The Coroner's Toolkit (TCT) - is a collection of tools that are either oriented towards gathering or analyzing forensic data on a Unix system. It is primarily designed for Unix systems, but it can some small amount of data collection & analysis from non-Unix disks/media.
samhain - is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). It has been designed to monitor multiple hosts with potentially different operating systems from a central location, although it can also be used as standalone application on a single host.
Sleuth Kit - (previously known as TASK) is a collection of UNIX- based command line file system and media management forensic analysis tools. The file system tools allow you to examine file systems of a suspect computer in a non- intrusive fashion.
TCP Flow Recorder - captures data transmitted as part of TCP connections (flows), and stores data in a way that is convenient for protocol analysis or debugging. tcpflow understands TCP sequence numbers and will reconstruct data streams regardless of retransmissions.
The Autopsy Forensic Browser - is a graphical interface to The Sleuth Kit (TASK). Autopsy allows one to view allocated and deleted file system content in a "File Manager" style interface and perform key word searches.
Carbonite - is an LKM that is designed to investigate and detect rootkits. Carbonite even works with LKM rootkits that patch calls to /proc. It works like lsof and ps at the kernel level, querying every process in Linux's task_struct, which is the kernel structure that maintains information on every running process in Linux.
Foremost - is a linux tool for conducting forensic examinations. Although intended for law enforcement purposes, it may be useful to other members of the community. Foremost reads through a file, such as a dd image file or a disk partition and extracts file.
Snort - is a cross-platform, lightweight network intrusion detection tool that can be deployed to monitor small TCP/IP networks and detect a wide variety of suspicious network traffic as well as outright attacks.
Tripwire - is a (commercial) tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc.
Sentry Tools - provide host-level security services for the Unix platform. PortSentry, LogSentry, and HostSentry protect against portscans, automate log file auditing, and detect suspicious login activity on a continuous basis.
SNARE - (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralised analysis of audit log data. Agents are available for Linux, Windows, Solaris, IIS, Lotus Notes, Irix, AIX, ISA/IIS & more.
Kismet - is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.
AirSnort - is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions then computing the encryption key when enough packets have been gathered.
Fake AP - Black Alchemy's Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables. Fake AP is a proof of concept released under the GPL.
WEPCrack - is an open source tool for breaking 802.11 WEP secret keys using the latest discovered weakness of RC4 key scheduling.
aircrack - aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, thus making the attack much faster compared to other WEP cracking tools. In fact aircrack is a set of tools for auditing wireless networks. Aircrack-ng is the next generation of aircrack with lots of new features (planned and wanted).
WepLab - is a tool designed to teach how WEP works, what different vulnerabilities has, and how they can be used in practice to break a WEP protected wireless network.
WepAttack - is a WLAN open source Linux tool for breaking 802.11 WEP keys. This tool is based on an active dictionary attack that tests millions of words to find the right key.
John the Ripper - is a fast password cracker, currently available for many flavors of Unix. Its primary purpose is to detect weak Unix passwords.
Offline NT Password & Registry Editor - This is a utility to (re)set the password of any user that has a valid (local) account on your NT system by a single floppy that uses Linux as the OS.
netfilter/iptables - The netfilter/iptables project is the Linux 2.4.x or above firewalling subsystem. It delivers you the functionality of packet filtering (stateless or stateful), all different kinds of NAT (Network Address Translation) and packet mangling.
IPmenu - is a user interface to netfilter/iptables and Linux policy routing or traffic control, allowing you to edit firewall rules and configure the firewall to "mark" packets for policy routing or for class based queueing (CBQ).
Firestarter - is an Open Source visual firewall program. The software aims to combine ease of use with powerful features, therefore serving both Linux desktop users and system administrators.
Shorewall - The Shoreline Firewall, more commonly known as "Shorewall", is an iptables based firewall that can be used on a dedicated firewall system, a multi-function masquerade gateway/server or on a standalone Linux system.
BullDog - is a powerful but lightweight firewall for heavy use systems. Be prepared to spend some time setting this up. If you are looking for a "quick fix", then you are on the wrong site. BullDog is NOT a quick fix, but rather one step in a complete security policy. It supports ipchains and iptables.
fBuilder - is a web-based utility for building and configuring your ipchains or iptables based Linux firewall. InnerTek Software currently offers two versions of fBuilder: fBuilder Lite - a free version of fBuilder that includes a standard set of features and fBuilder Plus.
Mason - is a tool that interactively builds a firewall using Linux' ipfwadm or ipchains firewalling.
Firewall Builder - is multi-platform firewall configuration and management tool. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX.
Easy Firewall Generator for IPTables - is designed to easily generate a full-featured iptables configuration script with a variety of the most commonly desired options.
PuTTY - is a free implementation of Telnet and SSH for Win32 and Unix platforms, along with an xterm terminal emulator.
OpenSSH for Windows - is a free package that installs a minimal OpenSSH server and client utilities in the Cygwin package without needing the full Cygwin installation.
OpenSSH - is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.
MindTerm - is a powerful and easy to use secure remote access client that implements the SSH1 and SSH2 protocols. It is written in Java and is available both as a stand-alone application for endusers and as a library component which can be embedded by OEM customers in third-party applications and web pages where it can be downloaded as an applet. MindTerm is small, portable and secure. It is very powerful and easy to use and provides advanced features such as tunneling support, GUI-based file transfers and support for proxy traversal. The client also includes an integrated terminal emulator with support for several different terminal types and it has the ability to run both as a standalone application and as an applet.
GnuPG - is a complete and free replacement for PGP. Because it does not use the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
Seahorse - is a Gnome interface for GnuPG. It's main purpose is to be a PGP/GPG Key Manager, though it has other components including a text editor and file manager.
GPA - The Gnu Privacy Assistant - is a graphical user interface for GnuPG (GNU Privacy Guard). GPA utilizes GTK+ (GIMP Tool Kit), connects to GnuPG via GPGME and compiles for various platforms.
PGP - Here you may download the latest freeware PGP version, whether you want the international or the US variant.
pwsafe - is a command line password database program for Unix. It is compatible with Counterpane's Win32 Password Safe software. It can also copy the passwords into the X selection and clipboard, but it doesn't open a visible window. The database is encrypted with blowfish, and a single passphrase decrypts it all.
Universal Password Manager (UPM) - allows you to store all your usernames and passwords in one highly secure encrypted database. UPM is available on Linux, Android, Windows and OS X.
PwManager - With PwManager you can easily manage your passwords. PwManager saves your passwords blowfish- encrypted in one file, so you have to remember only one master- password instead of all. Instead of the master- password you can use a chipcard, so you don't have to remember a password to access the list.
MyPasswordSafe - is a straight- forward, easy- to- use password manager that maintains compatibility with Password Safe files.
KisKis - is an easy-to-use password manager written in JAVA. So it runs on any platform provided that there is an appropriate Java- Virtual- Machine available.
TrueCrypt - is a free open-source disk encryption software for Linux, Windows Vista/XP and Mac OS X.
Official OpenAntiVirus.org Projects - offers specialized Open Source anti-virus, computer security and network security software.
Clam AntiVirus - is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning).
F-Prot Antivirus for Linux - is available in many versions (products and services to suit both the home user as well as the corporate user). The Version for Workstations is FREE for Home Users.
Avira AntiVir - is a comprehensive, flexible anti-virus program. Without a license key AntiVir will run in a restricted Demo mode only. For further testing you can order an evaluation key for free.
Free avast! Linux Home Edition - represents an antivirus solution for the increasingly popular Linux platform. This software is designed exclusively for home users and non-commercial use. Both of these conditions should be met!
Norman Virus Control (NVC) for Linux - offers both On- access and On- demand scanning of files residing on the servers or workstations.
Panda Antivirus for Linux - is an antivirus designed to be managed from the command line or console. It scans files using both string searches and heuristic methods.
BitDefender Antivirus - Complete virus defense solutions designed for easy virus prevention on Linux systems.
Viralator - is a Perl script that virus scans http downloads request on a UNIX server after passing through the Squid proxy server.
DansGuardian - is an Open Source web content filter. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering.
DansGuardian Anti-Virus Plugin - is a GPL addon that takes Virus Scanning capabilities and integrates them into the content filtering web proxy DansGuardian.
SquidGuard - is a free (GPL), flexible and ultra fast filter, redirector and access controller plugin for squid. It lets you define multiple access rules with different restrictions for different user groups on a squid cache. squidGuard uses squid's standard redirector interface.
Privoxy - is a web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious junk.