Collax Business Server is an all-in-one Linux server for small- and medium-sized businesses. It delivers all the important network services within a heterogeneous business environment for communication, infrastructure, compliance, groupware, and storage, all in a reliable and secure way which is easy to manage. It also provides essential security functions such as firewalling and virus and spam filtering, to protect against hacker attacks, viruses, and unsolicited email messages.
Moscrack is a WPA cracker for use on clusters. It supports MOSIX, SSH, and RSH connectivity and works by reading a word list from STDIN or a file, breaking it into chunks, and passing those chunks off to separate processes that run in parallel. The parallel processes are then executed on different nodes in your cluster. All results are checked and recorded on your master node. Logging and error handling are taken care of. It is capable of running reliably for long periods of time, without the risk of losing data or having to restart. Moscrack uses aircrack-ng by default. Pyrit for WPA cracking and Dehasher for Unix password hashes are supported via plugins.
John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, lots of other hashes and ciphers are added in the community-enhanced version (-jumbo), and some are added in John the Ripper Pro.
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like CheckPoint, Netfilter, IPFilter, Packet Filter, Cisco PIX/ASA, NetScreen, TippingPoint, and Lucent BRICK in a similar way.
RedWolf is a security threat simulator that tests security system effectiveness. Its threat generation capabilities include email, IM, malware, P2P, social networking, VoIP, DDoS, and many more. The guiding philosophy is that by generating realistic scenarios in a wide variety of categories, an auditor or organization can assess the effectiveness of network defenses. The scenario suite allows one to verify compliance with PCI-DSS, Sarbanes-Oxley, or HIPAA controls. RedWolf helps identify data loss risks and provides expert recommendations concerning risk mitigation. It reports present findings, recommendations, best practices, and blocking guidance in a straightforward, easily readable format. RedWolf also acts as a 'Red Team' agent, running drills to measure the readiness of your operations staff.
pdfcrypt allows you to set permissions on a PDF file. For example, you can publish a document without permitting users to print it. The button to print the file will be disabled in the Acrobat Reader application. It can be used as a batch application to set permissions on a large group of PDF files, or as a filter in a Unix pipeline, or within a CGI application. Only binary executables are distributed, but the original Perl source code may be requested.
Palm-Strip-Export is a utility to export your legacy PalmOS Strip databases to simple CSV files. Once your databases are exported you can print them, open them in Excel, or import them into a separate program. Most importantly, these export files will be directly importable to the iPhone when the desktop sync tool is released. This exporter only works with Palm Strip 2.0 databases.
A 'honeypot' is designed to detect server-side attacks. In contrast, a 'honeyclient' is designed to detect client-side attacks. Specifically, a honeyclient is a dedicated host that drives specially instrumented applications to access remote servers to see if those servers are behaving in a malicious manner (by compromising the client). Honeyclients can proactively detect exploits against client applications without known signatures. This framework uses a client-server model with SOAP messaging as the primary communication method, and uses the free version of VMware Server as a means of virtualizing the client environment.
PBNJ is a network suite to monitor changes that occur on a network over time. It does this by checking for changes on the target machine(s), which includes the details about the services running on them as well as the service state. PBNJ parses the data from a scan and stores it in a database. It uses Nmap to perform scans.