::
About Us
::
Services
::
Links
::
 
 
2017 中文版 | 2017 English              2009 中文版 | 2009 English
Students | Staff   VPN
IP/Network Query . . .   
 
     
 

Security and System Auditing Tools

rkhunter

Rootkit Hunter (RKH) is an easy-to-use tool which checks computers running UNIX (clones) for the presence of rootkits and other unwanted tools.
http://www.rootkit.nl/projects/rootkit_hunter.html
rkhunter

chkrootkit

chkrootkit is a tool to locally check for signs of a rootkit. It contains:

  • chkrootkit: shell script that checks system binaries for rootkit modification.
  • ifpromisc: checks if the network interface is in promiscuous mode.
  • chklastlog: checks for lastlog deletions.
  • chkwtmp: checks for wtmp deletions.
  • chkproc: checks for signs of LKM trojans.
  • chkdirs: checks for signs of LKM trojans.
  • strings: quick and dirty strings replacement.
  • chkutmp: checks for utmp deletions.

http://www.chkrootkit.org/
chkrootkit

lynis

Lynis is a security and system auditing tool. It scans a system on the most interesting parts useful for audits, like:

  • Security enhancements
  • Logging and auditing options
  • Banner identification
  • Software availability

Lynis is released as a GPL licensed project and free for everyone to use. See http://www.rootkit.nl for a full description and documentation.
http://www.rootkit.nl/projects/lynis.html
lynis

sectool

sectool is a security tool that can be used both as a security audit and intrusion detection system. It consists of set of tests, library and command line interface tool. Tests are sorted into groups and security levels. Admins can run certain tests, groups or whole security levels. The library and the tools are implemented in python and tests are language independent.
https://fedorahosted.org/sectool/

sectool-gui

sectool-gui provides a GTK-based graphical user interface to sectool.
https://fedorahosted.org/sectool/
sectool-gui

rats

RATS scans through code, finding potentially dangerous function calls. The goal of this tool is not to definitively find bugs (yet). The current goal is to provide a reasonable starting point for performing manual security audits.
The initial vulnerability database is taken directly from things that could be easily found when starting with the forthcoming book, “Building Secure Software” by Viega and McGraw.
http://www.fortify.com/security-resources/rats.jsp

tiger

TIGER, or the “tiger” scripts, is a set of Bourne shell scripts, C programs and data files which are used to perform a security audit of UNIX systems. It is designed to hopefully be easy to use, easy to understand and easy to enhance.
http://www.nongnu.org/tiger/

 
Last modified:: 2009/03/04 11:26
 
     
   
FAIL: (the browser should render some flash content, not this).
FAIL: (the browser should render some flash content, not this).
::Previous | Next | Refresh | Print  | Back Home | NTHU | Computer and Communication Center
Copyright (c) 2008-2010 National Tsing Hua University ALL RIGHTS RESERVED
View count: 7167
 
 
Close

Warning: file_get_contents(http://www.geoplugin.net/php.gp?ip=34.237.138.69): failed to open stream: HTTP request failed! in /usr/local/dokuwiki2009/lib/plugins/quickstats/action.php on line 457