Linux security tools developed by the NSA.
Sguil (pronounced sgweel) is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis. The Sguil client is written in tcl/tk and can be run on any operating system that supports tcl/tk (including Linux, *BSD, Solaris, MacOS, and Win32).
Sguil works great with Snort.
Tor: anonymity online
Software project that helps defend against traffic analysis, a form of network surveillance that threatens personal freedom and privacy, confidential business activities and relationships, and state security. Tor protects by bouncing communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location. Tor works with many of your existing applications, including web browsers, instant messaging clients, remote login, and other applications based on the TCP protocol.
Open source security tool for the encryption all data on a harddisk partition or storage device like a USB drive. TrueCrypt also allows for the creation of a virtual drive on a PC, which can be considered a safe for all important documents. Once data is encrypted only the owner can access it—even if the PC or drive should be stolen the data is still safe. TrueCrypt supports the following ciphers: Advanced Encryption Standard (AES), Blowfish, CAST5, Serpent, Triple DES and Twofish.
Wireshark is a fantastic open source network protocol analyzer. It allows users to examine data from a live network or from a capture file on disk. One can interactively browse the captured data, delving down into just the level of packet detail needed. It has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. It also supports hundreds of protocols and media types. A tcpdump-like console version named tethereal is included. One word of caution is that Wireshark has suffered from dozens of remotely exploitable security holes, so stay up-to-date and be wary of running it on untrusted or hostile networks (such as security conferences).
<< FIRST < PREV [ Page 3 of 3 ]