security

Security: all aspects

• CAIDA the Cooperative Association for Internet Data Analysis, provides tools and analyses promoting the engineering and maintenance of a robust, scalable global Internet infrastructure.

• Survey - A comparison of several host/file integrity checkers (scanners).

• CCEVS The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) have established a program under the National Information Assurance Partnership (NIAP) to evaluate IT product conformance to international standards. The program, officially known as the NIAP Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS) is a partnership between the public and private sectors. This program is being implemented to help consumers select commercial off-the-shelf information technology (IT) products that meet their security requirements and to help manufacturers of those products gain acceptance in the global marketplace.

  • Project Objectives

    • To meet the needs of government and industry for cost-effective evaluation of IT products;

    • To encourage the formation of commercial security testing laboratories and the development of a private sector security testing industry;

    • To ensure that security evaluations of IT products are performed to consistent standards;

    • To improve the availability of evaluated IT products.

• The ISF's Standard of Good Practice The Standard For Information Security

• The Standard of Good Practice for Information Security is designed to help any organisation, irrespective of market sector, size or structure, keep the business risks associated with its information systems within acceptable limits. It is a major tool in improving the quality and efficiency of security controls applied by an organisation.

• The ISO 17799 Directory ISO 17799 is actually "a comprehensive set of controls comprising best practices in information security". It is essentially, in part (extended), an internationally recognized generic information security standard.

• ShadowServer established in 2004, The Shadowserver Foundation gathers intelligence on the darker side of the internet. We are comprised of volunteer security professionals from around the world. Our mission is to understand and help put a stop to high stakes cybercrime in the information age.

• DAMBALLA - (commercial company) Targeted Protection against targeted attacks

• "A typical enterprise already has between 3% and 5% of its systems compromised with BotArmy malware, even with up-to-date antivirus and other online defenses."

• SeLinux >>Security-Enhanced Linux

• RSBAC -- is a flexible, powerful and fast (low overhead) open source access control framework for current Linux kernels, which has been in stable production use since January 2000 (version 1.0.9a). All development is independent of governments and big companies, and no existing access control code has been reused.

• Practically, it allows full fine grained control over objects (files, processes, users, devices, etc.), memory execution prevention (PaX, NX), real time integrated virus detection, and much more.

• SecurityFocus -- SecurityFocus is the most comprehensive and trusted source of security information on the Internet. SecurityFocus is a vendor-neutral site that provides objective, timely and comprehensive security information to all members of the security community, from end users, security hobbyists and network administrators to security consultants, IT Managers, CIOs and CSOs.

• CERT established in 1988, the CERT╝ Coordination Center (CERT/CC) is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.

• unsecure - personal page for Gordon Lyon (author of nmap scanner). The site does contain a lot of info about (un)security for Open Source Software.

  • rkhunter - Rootkit scanner (for Linux of course) is scanning tool to ensure you for about 99.9%* you're clean of nasty tools. This tool scans for rootkits, backdoors and local exploits by running tests like:

    • MD5 hash compare

    • Look for default files used by rootkits

    • Wrong file permissions for binaries

    • Look for suspected strings in LKM and KLD modules

    • Look for hidden files

    • Optional scan within plaintext and binary files

• chkrootkit chkrootkit is a tool to locally check for signs of a rootkit

• OSSEC OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.

• It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

• OpenSSL The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.

• OpenSSH OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, rlogin, ftp, and other such programs might not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods.

• The OpenSSH suite includes the ssh program which replaces rlogin and telnet, scp which replaces rcp, and sftp which replaces ftp. Also included is sshd which is the server side of the package, and the other basic utilities like ssh-add, ssh-agent, ssh-keysign, ssh-keyscan, ssh-keygen and sftp-server. OpenSSH supports SSH protocol versions 1.3, 1.5, and 2.0.

• Information Security at St.Petersburg (Russia) State Politechnical University (mainly in Russian)

Backup systems

• Backup -- what is backup?, which tools?, and related info

• AMANDA - the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native dump and/or GNU tar facilities and can back up a large number of workstations running multiple versions of Unix.

• BACULA - is a set of Open Source, enterprise ready, computer programs that permit you (or the system administrator) to manage backup, recovery, and verification of computer data across a network of computers of different kinds. Bacula is relatively easy to use and efficient, while offering many advanced storage management features that make it easy to find and recover lost or damaged files. In technical terms, it is an Open Source, enterprise ready, network based backup program. 

• Backup Central - many topics concerning backup

Archivers

• • tar - program designed to store and extract files from an archive file known as a tarfile. A tarfile may be made on a tape drive, however, it is also common to write a tarfile to a normal file. The program does exist in many instances: GNU tar, BSD tar, star, etc.

Power control tools

• Apcupsd a daemon for controlling APC UPSes. Apcupsd can be used for power mangement and controlling most of APC's UPS models on Unix and Windows machines. Apcupsd works with most of APC's Smart-UPS models as well as most simple signalling models such a Back-UPS, and BackUPS-Office. During a power failure, apcupsd will inform the users about the power failure and that a shutdown may occur. If power is not restored, a system shutdown will follow when the battery is exhausted, a timeout (seconds) expires, or runtime expires based on internal APC calculations determined by power consumption rates.

• Network UPS Tools (NUT) The primary goal of the Network UPS Tools (NUT) project is to provide reliable monitoring of UPS hardware and ensure safe shutdowns of the systems which are connected. We attempt to monitor every kind of UPS, given sufficient interest. This software is the combined effort of many individuals and companies.

• OpenUPSd -- A UPS daemon. OpenUPSd is a UPS daemon, pretty specific to those Belkin serial-connected UPS's that speak the "regulator pro smart protocol", as documented on this handy web-page. I've got a device that reports itself to be a "F6C625-220V" and it's working with the software quite happily :-). That UPS may now have done its last dance, so I've now got an APC smart UPS. Currently investigating adding support for this; found some handy protocol documentation for it.

• Simplest way to monitor the power the cite begins.

• "The solution in its original form was to attach a modem to the mains power and connect it to the Linux machine, then have the Linux machine monitor the data set ready (DSR) line on the modem. When the mains power is lost, the Linux machine will still be running because it is connected to the UPS. The modem, which is not connected to the UPS, will lose its power source. The Linux machine will detect that the modem is no longer powered the next time it polls the DSR line and start to shut down while the UPS battery still has power."

• End of cite.

© 2009-2024

Andrey Ye. Shevel