Category Archives: Tools

Project Artillery

Just now starting to test out this tool, but it looks like a good addition to server hardening.   https://www.trustedsec.com/downloads/artillery/

Also posted in IDS/IPS | Comments closed

Retina

http://www.eeye.com/Products/Retina/Community# Retina Network Community, a free vulnerability scanner for up to 128 IPs gives you powerful vulnerability assessment across your entire environment. With Retina Network Community you can: Reduce risk and improve security with complete vulnerability scanning across operating systems, applications, devices, and virtual environments. Comprehensive vulnerability database that includes zero-days and is continually updated […]

Also posted in Scanning Tools | Comments closed

sqlmap

For a small but powerful sql injection scanner I would suggest using sqlmap. http://sqlmap.sourceforge.net/

Also posted in Scanning Tools | Comments closed

Setting up a web application firewall

I installed mod_security quite simply by using yum. Once it was installed I added the base rules from OWASP (http://sourceforge.net/projects/mod-security/files/modsecurity-crs/0-CURRENT/) to the new mod_security.conf file that the yum install added to the conf.d directory of apache. However I quickly found that this ruleset is a bit too draconian. You will want to take some time […]

Also posted in Firewalls | Comments closed

Full Security Analysis Suite

Following is a list of tools that will give you a good idea of just how secure your network or website really is. NMap – http://nmap.org/ Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems […]

Posted in Tools | Comments closed

Setting up an IPS/IDS system on CentOS using IPTables, fwsnort, and psad

Please check out our article on building a hardened lamp server. It contains much more information on IPTables, PSAD and OSSEC Installation: IPTables is installed automatically with almost all installations of CentOS, if it is not installed it can be simply installed with the command yum install iptables Building the ruleset: See the CentOS Wiki […]

Also posted in Firewalls | Comments closed

Snort

http://www.snort.org/ Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS. Install guide for CentOS […]

Also posted in IDS/IPS | Comments closed

Untangle – Open Source Gateway

http://www.untangle.com/ The Untangle Lite package offers a collection of free, open-source software applications to run on the Untangle Server. It provides an entry-level multi-functional firewall, with: Web Filter Lite Virus Blocker Spam Blocker Attack Blocker Phish Blocker Spyware Blocker Protocol Control Captive Portal Firewall Intrusion Prevention OpenVPN Reports  

Also posted in Firewalls | Comments closed

XSS Scanner

http://www.acunetix.com/

Also posted in Scanning Tools | Comments closed

OSSEC

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows. A list with all supported platforms is available here.  

Also posted in IDS/IPS | Comments closed