BIOHAZAARD & SECURITY TOOLS
HOAX, SPAM, VIRUS - The netbiohazaard

"The problems are still there. They will always be there. The root of the matter stems from people wanting to conduct business and commerce in a secure fashion when the foundation they want to do this on was never intended to be a secure commerce setting."
Dr Mudge dans une interview avec Kitetoa

"Si tu sais pas ou tu vas, n'y va pas!" - whocare?

DESCRIPTION D'UNE ATTAQUE DE DENI DE SERVICE, Denial of Service, DoS, autrement dit la victime est submergée d'informations incohérentes jusqu'à la saturation @GIBSON RESEARCH CORPORATION : grc.com/dos/grcdos.htm

About Online Stalking @ Articles @ new order

Happy anniversaire Le 19 juillet 2001, un virus d'une nouvelle génération frappait le web en bloquant pas moins de 300 000 serveurs Windows Nt4 en quelques heures.

Comment les auteurs des attaques sont planqués : IP Spoofing: A Mammoth Description @ NEWORDER

Diggin em Walls - Detection of Firewalls, and Probing networks behind firewalls. 1 - 2 - 3 @NEWORDER

ASTALAVISTA GROUP - Des contributions dans les domaines de la sécurité, du côté sombre comme de l'autre : TCPwrapper.shtml - trojans/sub7/

Guide to Social Engineering by KILLAHDRAGON

Social Engineering Attacks via IRC and Instant Messaging - CERT® Incident Note IN-2002-03

Network Intrusion Detection Signatures, Part 1 - Part 2 - Part 3 - Part 4
Sniffers: What They Are and How to Protect Yourself
Always On, Always Vulnerable: Securing Broadband Connections
@SECURITYFOCUS

Spyware & other malicious malware : multi-spyware removal tool; lavasoft.de

http://www.kitetoa.org

ANTIVIRUS.COM - Trend micro - antivirus.com

Project: Back Orifice 2000 - sourceforge.net/projects/bo2k - bo2k.de - bo2k.sourceforge.net - mirror -

FIREWALL :: Installation & Configuration firewall-net.com

FAQ: Firewall Forensics (What am I seeing?) - Comment interpréter les logs

KERIO PERSONAL FIREWALL - FAQ - Easy One-Step Installation

ZONEALARM - see also ... http://zonelog.co.uk/links.html ... - Alerte de sécutirté sur Zone Alarm from securityfocus (plus valable avec version actuelle?) : securityfocus.com/archive/1/225205 - HOME : zonelabs.com
Autre question, mystèrieuse, <?xml version="1.0"?> <securitypolicy version="1"> <lockupinfo server="147.208.130.167" enable="true"/> </securitypolicy>, VSCONFIG.XML, fichier compris dans une install standard... A quoi ca sert? réponse de ZA dans son forum, si ça sert c'est que vous faites face à des sérieux problèmes!!! Gasp!

VANISH.ORG - Security and privacy on internet.... - HOME : vanish.org

THE CENTER FOR INTERNET SECURITY - cisecurity.org
Benchmarks and scoring tools. - SECURITIES SOFTWARE TECHNOLOGIES - Cerberus Internet scanner - securitysoftwaretech.com/cis/

SECURITE SUR INTERNET... COMMENT SURFER EN PAIX! chez.com/winterminator - une page perso en français, a little quick & dirty

Web Secu www.websecurite.net - websec.arcady.fr

Ettercap - multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. -

APTools is a utility that queries ARP Tables and Content-Addressable Memory (CAM) for MAC Address ranges associated with 802.11b Access Points. - aptools.sourceforge.net -

Winfingerprint Features: Determine OS using SMB Queries - winfingerprint.sourceforge.net -

Outils de prise à contrôle à distance, PCAnywhere style but open ; http://sourceforge.net/projects/vnc-tight/ - http://www.tightvnc.com/

TCPDump/LIBPCAP
This page was started to collect various patches that have been floating around for LBL's tcpdump and libpcap programs, and to continue the work needed on both projects.

Ethereal - Sniffing the glue that holds the Internet together
Ethereal is a free network protocol analyzer for Unix and Windows. It allows you to examine data from a live network or from a capture file on disk. You can interactively browse the capture data, viewing summary and detail information for each packet. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.

Snort - The Open Source Network Intrusion Detection System

datanerds.net - Home of Snort and Syphon

Nmap ("Network Mapper") is an open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers, and both console and graphical versions are available. Nmap is free software, available with full source code under the terms of the GNU GPL.

eEye Digital Security - nmapNT - nmap is a the most customizable network scanner ever. It has various options to perform stealth scans, ping scans, UDP scans, as well as a handful of other scan types.

Atelier Web Security Port Scanner - Download - The defensive position is only as strong as the weakest link. Microsoft and others invest millions in security and are still quite vulnerable. - Traditional tools provide a degree of automated protection. However, when an experienced hacker is committed to enter your computer he will most likely succeed.

Other free tools for auditing and securing network by Foundstone Corporation- foundstone.com/knowledge/free_tools.html

FAQ non officielle de fr.comp.securite - michel.arboi.free.fr/secu/FAQNOPI/index.html

To learn the tools, tactics, and motives of the blackhat community, and share those lessons learned - project.honeynet.org

attrition.org - root security

http://www.insecure.org/tools.html

dsniff - collection of tools for network auditing and penetration testing.
dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.

Stealth HTTP Security Scanner - Stealth 2.0 is a Vulnerability Assessment Software that currently provides more than 18000 security checks. It is effective at reducing the exposure of an web server to potential attacks.

WinPcap: the Free Packet Capture Architecture for Windows - WinPcap is an architecture for packet capture and network analysis for the Win32 platforms. It includes a kernel-level packet filter, a low-level dynamic link library (packet.dll), and a high-level and system-independent library (wpcap.dll, based on libpcap version 0.6.2).
http://datanerds.net/~mike/netgroup-serv.polito.it/winpcap/misc/links.htm

Internet / Network Security - netsecurity.about.com - networkcomputing.com - secureroot.com

Active Network Monitor - is a tool for the day-to-day monitoring of computers in the network. Active Network Monitor runs under Windows NT/2000/XP and allows Systems Administrators to gather information from all the computers (even from the Windows 9x/Me computers) in the network without installing server-side applications on these computers.

WITTYS.COM - http://www.wittys.com/links.html

Computer Surveillance - How do we protect our privacy? - SANS Institute -
http://www.giac.org/practical/gsec/Robert_Marcoux_GSEC.pdf

Shortcoming and Challenges in the restriction of Internet Retransmissions of Over-the-air Television content to Canadian Internet Users
http://cyber.law.harvard.edu/people/edelman/pubs/jump-091701.pdf

Maintenance & Security links @ SHAMBLES MENU

http://secdocs.net/

Anonymizer.com - commercial Privacy is your right

TAMO SOFT - COMMVIEW utility, scan and reports net port activity - tamos.com

Ten Practical Security Steps for Resource Limited IT Staffs by GeodSoft: Make frequent backups, stored securely, and test them. - Have IT staff follow good password procedures. - Use a modern firewall with a tight custom rule set. - Protect files with appropriate access permissions. - Turn off all unneeded services. - Prevent Internet access to shared file systems. - Prevent single login, remote administrative access. - Automatically audit systems for signs of intrusion. - Apply security updates to your systems. - Don't install anything you don't expect to use.

Anonymous Proxy, E-mail, Usenet and hosting services - tlsecurity.net

Exploiting design flaws in the Win32 API for privilege escalation. Or... Shatter Attacks - How to break Windows. Shatter attacks - more

Advanced security stuff : http://www.fish.com/

FREESCO (stands for FREE ciSCO) is a free replacement for commercial routers

Wyrm Software - AdTropis' Site - wyrmsoft.tzo.net - IP address e-mailer - IP address ICQ notifier - Registry Editor - guess what next :)

horizon's page -From a Unix neophyte / CS student / hacker. The following is some of the code and articles that I have written, as well as links to resources I consider to be useful out there on the net. packetstorm.widexs.nl/groups/horizon

rhino9 - packetstorm.widexs.nl/groups/rhino9 - http://packetstormsecurity.nl/groups/rhino9/
http://packetstormsecurity.nl/groups/9x/

http://packetstormsecurity.nl/

http://www-user.tu-cottbus.de/~herinmi/LINKS.HTM