7. Tools and Locations

 < Day Day Up > 



7. Tools and Locations

This appendix provides a brief list of publicly available security technology that can be downloaded from the Internet. Many of the items described below will undoubtedly be surpassed or made obsolete before this document is published.

Some of the tools listed are applications such as end user programs (clients) and their supporting system infrastructure (servers). Others are tools that a general user will never see or need to use but may be used by applications, or by administrators to troubleshoot security problems or to guard against intruders.

A sad fact is that there are very few security-conscious applications currently available. Primarily, this is caused by the need for a security infrastructure that must first be put into place for most applications to operate securely. There is considerable effort currently taking place to build this infrastructure so that applications can take advantage of secure communications.

Most of the tools and applications described below can be found in one of the following archive sites:

  1. CERT Coordination Center: ftp://info.cert.org:/pub/tools

  2. DFN-CERT: ftp://ftp.cert.dfn.de/pub/tools/

  3. Computer Operations, Audit, and Security Tools (COAST): coast.cs.purdue.edu:/pub/tools

It is important to note that many sites, including CERT and COAST, are mirrored throughout the Internet. Be careful to use a well-known mirror site to retrieve software, and to use verification tools (MD5, checksums, etc.) to validate that software. A clever cracker might advertise security software that has intentionally been designed to provide access to data or systems.

Tools

COPS

rpcbind/portmapper replacement

DES

SATAN

Drawbridge

sfingerd

identd (not really a security tool)

smrsh

ISS

S/KEY

Kerberos

ssh

logdaemon

swatch

lsof

TCP-Wrapper

MD5

tiger

PEM

Tripwire [a]

PGP

TROJAN.PL

[a]Tripwire is registered in the U.S. Patent and Trademark Office.



 < Day Day Up > 



Critical Incident Management
Critical Incident Management
ISBN: 084930010X
EAN: 2147483647
Year: 2004
Pages: 144

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net