# Security Tools {{< snippet "old" >}} > [!TIP] > Everything listed on this page is free, unless otherwise noted (or unless I goofed). ----- ## Security Tools ### General - *[The NMap "Top 75 Security Tools" list](http://www.nmap.org/tools.html)* - *[SecurityConfig.com](http://www.securityconfig.com/)* - The *[Log Analysis](http://www.loganalysis.org/)* Site - James Madison University's *[R.U.N.S.A.F.E.](http://www.jmu.edu/computing/runsafe/)* program (End User tips and awareness) ### Disk/File Wiping - *["Autoclave" hard drive sterilization on a bootable floppy (Linux Floppy\!)](http://staff.washington.edu/jdlarios/autoclave/)* - *[DoD 5200.28-STD secure delete program ($$)](http://www.jetico.com/index.htm#/bcwipe.htm)* - *[Maresware Forensic Processing Software](http://www.dmares.com/maresware/software.htm)* - *[Berkewipe: Secure delete program for Linux/UNIX](http://berkewipe.sourceforge.net/)* - *[Wipe: Secure delete program for Linux/UNIX](http://wipe.sourceforge.net/)* - *[Overwrite: Secure delete program for Linux/UNIX](http://www.kyuzz.org/antirez/overwrite.html)* - *[fwipe: Secure delete program for Linux/UNIX](http://www.nb.net/~lbudney/linux/software/fwipe.html)* - *[Secure Deletion of Data from Magnetic and Solid-State Memory](http://www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html)* - *[Shred: Secure delete program for Windows](http://www.analogx.com/contents/download/system/shred.htm)* - *[sDelete: Secure delete program for Windows (Sysinternals\!)](http://www.sysinternals.com/ntw2k/source/sdelete.shtml)* - *[Cleandrive (WipeDrv.exe & CleanDrv.exe): Secure delete program for hard drives ($$)](http://www.whitecanyon.com/cleandrive_main_fdisk.htm)* - *[pdwipe: Secure delete program for hard drives ($$)](http://www.digitalintel.com/pdwipe.htm)* - *[Secure delete program for Windows (Restricted)](http://www.secure-data.com/ms.html)* - *[National Industrial Security Program (DoD 5220.22-M)](http://www.dss.mil/isec/nispom.htm)* ### Password Databases You need to use a password database because humans are bad a remembering good passwords, you can't share passwords among sites, and so you need to have a lot of passwords. Some useful thoughts on this include: - *The Real Life Risks of Re Using The Same Passwords* - *[Password managers don't have to be perfect, they just have to be better than not having one](https://www.troyhunt.com/password-managers-dont-have-to-be-perfect-they-just-have-to-be-better-than-not-having-one/)* - *[When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame](https://www.troyhunt.com/when-accounts-are-hacked-victims-must-share-the-blame/)* - *[86% of Passwords are Terrible (and Other Statistics)"](https://www.troyhunt.com/86-of-passwords-are-terrible-and-other-statistics/)* There are a great many password databases out there these days. I personally don't trust any of the cloud or browser-based ones, because anything automated is that much easier to crack in to. It's a few extra steps to manually copy & paste the password from the manager into the correct fields, but it's a **lot** more secure. - *[Password Safe](https://pwsafe.org)* is a free utility originally from *[Bruce Schneier](http://www.schneier.com/)* and Counterpane Labs which allows you to keep your passwords securely encrypted on your computer. A single Safe Combination--just one thing to remember--unlocks them all. Check Password Safe's *[releases](https://github.com/pwsafe/pwsafe/releases/)* to find the newest version. - KeePass seems to be another good one, and it has many cross-platform variations to chose from. - See my {{< xref "/source/perl.html" "random password/pin generator" >}} (written in Perl). It also creates unpronounceable names for aliens, for when you're writing SciFi and get stuck for a name... ;-) ### Sniffers There's a more up-to-date list at *[2019 Best Packet Sniffers (10 Packet Analyzers Reviewed)@lahmstache UPDATED: June 21, 2019](https://www.comparitech.com/net-admin/packet-sniffer-network-analyzers/)* - [Wireshark](https://www.wireshark.org/) for Linux, Mac and Windows. - *[Snort](http://www.snort.org/)*. - *[Analyzer](http://netgroup-serv.polito.it/analyzer)* [^1] (For Windows). - *[WinDump](http://netgroup-serv.polito.it/windump/)* [^1]. - *[TCPDump](http://www.tcpdump.org/)* (For UNIX). - *[dsniff, mailsnarf, urlsnarf, & webspy](http://www.datanerds.net/~mike/dsniff.html)* [^1]. - *[UNIX Logging Utilities List](http://packetstormsecurity.nl/UNIX/loggers/)* and *[UNIX IDS List](http://packetstormsecurity.nl/UNIX/IDS/)* from *[Packetstorm](http://packetstormsecurity.nl/)*. - *[Mognet](http://node99.org/projects/mognet/)*, a free Java-based packet sniffer and analyzer which comes complete with source code. It runs on handheld devices or on desktops and is available under the GNU General Public License (GPL). ### Scanners/Tools - NetCat, the "swiss army knife", for *[Win32](http://www.atstake.com/research/tools/network_utilities/nc11nt.zip)* or *[UNIX](http://www.atstake.com/research/tools/network_utilities/nc110.tgz)*. (Older one for *[Win32](http://www.dbnet.ece.ntua.gr/~george/hacks/netcat.html)*. [^1]) - NMap, scanner/mapper for *[Win32](http://www.eeye.com/html/Databases/Software/nmapnt.html)* or *[UNIX](http://www.insecure.org/nmap/)* - *[Nessus](http://www.nessus.org/)* - *[Strobe](http://www.ibiblio.org/linsearch/lsms/strobe.html)* ### Port Databases - The Ports DB (www.portsdb.org) seems to have gone away, which is a pitty. - Likewise, the Snort Port Database (www.snort.org/ports.html) has vansished. - [Whitehats Port Database](http://www.whitehats.ca/main/tools/portdatabase/) - [Security Related Port List](http://www.tla.ch/TLA/FW/FW1FAQ.html#Port%20probing) - *[The IANA assigned Well Known Ports](http://www.isi.edu/in-notes/iana/assignments/port-numbers)* - *[The IANA assigned Numbers (superset of above), AKA RFC1700](http://www.faqs.org/rfcs/rfc1700.html)* ### Network Streams Detection - tcpdump, see above in sniffers. - *[nstreams](http://www.hsc.fr/ressources/outils/nstreams/index.html.en)* - *[snort](http://www.snort.org/)*, *[Windows ports](http://www.datanerds.net/~mike/)* - *[netwatch](http://www.slctech.org/~mackay/netwatch.html)* - *[iptraf](http://cebu.mozcom.com/riker/iptraf/)* ### Secure Shell (ssh) #### UNIX Clients and Servers - *[**Open and free port of SSH**](http://www.openssh.com/)* - *[**OpenSSH RPMs (See list)**](http://www.openssh.org/portable.html)* #### Windows Clients and Servers - *[**OpenSSH for Windows, command line (no GUI) client and Server.**](http://sshwindows.sourceforge.net/)* - *[Obsolete OpenSSH for Windows](http://www.networksimplicity.com/openssh/), but the base of the package above.* - *["Official" SSH.com Server](http://www.ssh.com/products/tectia/server/), confusing as heck.* - *[F-Secure SSH Server](http://www.wrq.com/products/reflection/ssh/)* - *[Bitvise SSH2 Server](http://www.bitvise.com/ssh2.html) (I know nothing about this one).* - ***PuTTY: A Free Win32 Telnet/SSH Client**. Great, but minial. No install, just unzip and run. Includes command line "pscp."* - ***SecureCRT is a very nice commercial SSH GUI client for Windows**. This is the best SSH client I am aware of.* - *[Ancient "Official" SSH Client](http://ftp.ssh.com/pub/ssh/) (Windows and tgz, non-commercial license)* - *[ShellGuard](http://www.shellguard.com/) is a commercial command line Telnet and SSH client client for Windows* - Other lists of clients and servers: - *[List of Free and payware SSH clients and servers for Windows](http://freessh.org/windows.html)* - *[List of Win32 ssh clients](http://www.employees.org/~satch/ssh/faq/ssh-faq-3.html)* - *[**Free SSH and SCP for Windows 9x, NT, ME, 2000 and XP**](http://www.jfitz.com/tips/ssh_for_windows.html)* - Obsolete, for reference only: - *[Free ssh client for Windows (Fissh)](http://www.massconfusion.com/ssh/) (probably obsolete)* - *[TeraTerm Homepage](http://hp.vector.co.jp/authors/VA002416/teraterm.html) (Obsolete)* - *[TTSSH (TeraTerm SSH1, obsolete)](http://www.zip.com.au/~roca/download.html)* - *[Free (Cygwin) SSHD for NT](http://caspian.dotconf.net/menu/Software/SSHD-NT/default.php) (obsolete)* #### Information/Documentation - *[**The Snail Book**](http://www.snailbook.com/)* (Really well done, with more technical detail than even **I** want\!) - *[**SSH FAQ**](http://www.employees.org/~satch/ssh/faq/)* - *[**Free SSH and SCP for Windows 9x, NT, ME, 2000 and XP**](http://www.jfitz.com/tips/ssh_for_windows.html)* - *[SSH on NT Mini HOWTO](http://www.certaintysolutions.com/tech-advice/ssh_on_nt.html)* - *[Info on SSH on Windows](http://www.gnac.com/techinfo/ssh_on_nt/)* - *[More ssh Information](http://www.boran.com/security/ssh_stuff.html)* - *[Make SSH do more](http://www.itworld.com/Comp/2384/LWD010410sshtips/)* - *[Sealing the Pipes](http://www.infosecuritymag.com/articles/june01/features_protocols.shtml)* #### Other Lists of Ports - *[Links to various ssh Ports and Info](http://ptolemy.eecs.berkeley.edu/~cxh/sapub/ssh.html)* - *[Free and commercial ssh clients/servers](http://www.freessh.org/)* - *[Various ssh Ports](http://www.net.lut.ac.uk/psst/)* - *[Free SSH type program](http://www.net.lut.ac.uk/psst/)* #### Commercial - *[SSH Communications (Commercial)](http://www.ssh.com/)* - *[F-Secure ssh](http://www.f-secure.com/products/ssh/)* ### Other - *[The Honeynet Project](http://project.honeynet.org/)*, an awesome and creative project to learn more about the so-called Blackhat community. - *[Win32 and BSD Tools](http://www.datanerds.net/~mike/)* [^1] - {{< xref "/infosec" "Security Portals" >}} - As much as I hate to say it, these *[Security Awareness screen savers](http://www.microsoft.com/Downloads/Release.asp?ReleaseID=26684)* from Microsoft are excellent. Check them out, and use them\! They cover *[The Ten Immutable Laws of Security](http://www.microsoft.com/technet/security/10imlaws.asp)* and *[The Ten Immutable Laws of Security Administration](http://www.microsoft.com/TechNet/columns/security/10salaws.asp)*. - *[Mobile/Remote Security Issues](http://searchsecurity.techtarget.com/bestWebLinks/0,289521,sid14_tax282123,00.html)* - *[Trinux](http://trinux.sourceforge.net/)*, a single floppy Linux system, for security uses [^1]: *[Winpcap](http://netgroup-serv.polito.it/winpcap)* is a libpcap-compatible library for Windows. Libpcap is the basis for most UNIX sniffer and packet tools, such as namp, nc, tcpdump and dsniff. ----- ## Firewalls & Firewall Tools - *[How to Make A Firewall Sandwich](http://www.cio.com/archive/010102/sandwich.html)*. Check out the *[OpenBSD FAQ relating to IPFilter](http://www.openbsd.org/faq/faq6.html)* for a VERY good and clear example of IPFiltering, which is similar to the Linux IPTables or IPChains, and which is a great example of firewall rules in action\! See also: - The *[OpenBSD](http://www.openbsd.org/)* project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system. Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. - *[IPFilter](http://coombs.anu.edu.au/~avalon/)*, the *[IP Filter HOWTO](http://www.obfuscation.org/ipf/)*, *[ipf(8)](http://www.openbsd.org/cgi-bin/man.cgi?query=ipf&sektion=8&manpath=OpenBSD+2.9)* and *[ipnat(8)](http://www.openbsd.org/cgi-bin/man.cgi?query=ipnat&sektion=8&manpath=OpenBSD+2.9)* ### *[Check Point](http://www.checkpoint.com/)* [Firewall-1](http://www.checkpoint.com/products/firewall-1/index.html) - I have combined my **LogSwap** and **CPFWBack** tools, and added my **extract\_patch** tool into CPFW1TK--the Check Point Firewall-1 Tool Kit. LogSwap and CPFWBack work under both Windows and UNIX. Extract\_patch is unnecessary under UNIX. > [CPFW1TK-3.2.0-2.exe](/public/tools/CPFW1TK-3.2.0-2.exe) (288,965 > bytes) has the scripts and all other binaries needed to run. It also > includes the UNIX scripts just for fun, and it has some other bonus > stuff. It is a self-extracting ZIP archive. > [CPFW1TK-3.2.0-1.tgz](/public/tools/CPFW1TK-3.2.0-1.tar.gz) (10,251 > bytes) just has the UNIX scripts and ReadMe files. > > > **Extract\_patch** was created for extracting Check Point patches > > under Windows, without installing WinZip, *[since Check Point are > > now distributing all patches in TGZ > > format](http://www.checkpoint.com/support/downloads/docs/firewall1/4_1/ReadMe.html)*. > > But it will work for any TGZ (or .tar.gz, or .gz or .tar) you wish > > to extract under Windows, without having to install WinZip. It > > combines [Win32 ports](http://unxutils.sourceforge.net/) of the GNU > > tar.exe, gzip.exe and md5sum.exe utilities, so you can unpack and > > verify \*.tgz files. > > > > **LogSwap** archives or "rolls" Firewall-1 logs. It includes > > Logswap.cmd, [obsolete.com](/public/tools/obslt10.zip), audit.com > > and *[gzip.exe](http://unxutils.sourceforge.net/)* for Win32. > > > > **CPFWBack** greatly automates the annoying process of backing up > > Firewall-1 configurations. It includes CPFWBack.cmd, > > *[zip.exe](http://www.info-zip.org/pub/infozip/Zip.html)*, > > *[unzip.exe](http://www.info-zip.org/pub/infozip/UnZip.html)* and > > *[vdate.exe](http://david.tribble.com/programs.html)* for Win32 and > > CPFWBack.sh for UNIX. - I've also created an add-on called [jpcshrc](/public/source/jpcshrc.txt) for the default csh configuration in Nokia's IPSO 3.4.1-FCS5. It sets the csh prompt to your current working directory, and add some aliases (mostly DOS commands, since I can't remember what OS I'm using). - *[The Check Point User Group](http://www.cpug.org/)* including the old Phoneboy site. - *Essential Check Point FireWall-1*, ISBN 0201699508, written by *[Dameon D. Welch-Abernathy](http://hpux.students.engr.scu.edu/~dwelch/)* (AKA PhoneBoy), owner/operator of the above FireWall-1 FAQ site. There is also *Essential Check Point FireWall-1 NG* in the works, probably available in early 2004. - Tom Horsley's *[NTP Time](http://home.att.net/~Tom.Horsley/ntptime.html)* for Windows is a nice NTP client program. It is free, but is a client only, and can be configured to talk to only one NTP server at a time. NTP works much better when referencing a pool of servers. BUT, it allows you to use NTP to time-sync a hardened NT Firewall server. The NT Resource kit *[TimeServ](http://www.niceties.com/TimeServ.html)* will not run with the NT Workstation service disabled or removed **(which it should be on a firewall\!\!\!)** - *[fwlogsum](http://www.ginini.com/software/fwlogsum/)* "is a perl script to summarise FW1 logs making it easier to see what services are being blocked or allowed through your firewall." ### *[WatchGuard](http://www.watchguard.com/)* *[Firebox II](http://www.watchguard.com/products/firebox.asp)* with the *[Live Security Service (LSS)](http://www.watchguard.com/products/wgls.html)* - [Fix-wls](/public/source/fix-wls.pl.txt) converts those annoying WatchGuard \*.WLS files to Self-Extracting archives. ----- ## Securing or Hardening Systems I have much more information on this topic, and will post references as I have time. ### NT4 - *[Lance Spitzner's](http://www.spitzner.net/)* *[Armoring NT](http://secinf.net/windows_security/Armoring_NT.html)* - The *[SANS](http://www.sans.org/)[Step-by-Step Guides](http://store.sans.org/)* - *[L0phtCrack](http://www.atstake.com/research/lc/)* password cracking program for NT. - See below for the IIS 4 and IIS5 Lockdown Tool. - See below for the HFNetChk tool. ### Win 2000 - *[Securing IIS 5.0 Using Batch-Oriented Command Files](http://www.microsoft.com/TechNet/prodtechnol/iis/deploy/confeat/seciis50.asp)*, the document. - *[Securing IIS 5.0 Using Batch-Oriented Command Files](http://www.microsoft.com/windows2000/zipdocs/security.exe)*, the tools. This package is essential to any attempt to secure Win 2000 or NT via script. It includes: auditpol.exe, CryptPwd.exe, passprop.exe, Reg.exe, regini.exe, xcacls.exe. - *[The Art and Science of Web Server Tuning with Internet Information Services 5.0](http://www.microsoft.com/TechNet/iis/iis5tune.asp)* - A small *[write-up](http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/security/tools/locktool.asp)* about the **IIS 4 and IIS 5 Lockdown Tool** and the [download](http://www.microsoft.com/Downloads/Release.asp?ReleaseID=32362%20IIS%20Lockdown%20Tool%20\(23%20Aug%202001\)) page for it. - *[HFNetChk](http://support.microsoft.com/support/kb/articles/Q303/2/15.ASP)*, the Microsoft Network Security Hotfix Checker, which is a command-line tool that administrators can use to centrally assess a computer or group of computers for the presence or absence of security patches. You can use the Hfnetchk tool to assess patch status for the Windows NT 4.0 and Windows 2000 operating systems, as well as hotfixes for Internet Information Server 4.0 (IIS), Internet Information Services 5.0 (IIS), SQL Server 7.0, and SQL Server 2000 (including Microsoft Data Engine \[MSDE\]), and Internet Explorer 5.01 or later. - *[Microsoft Personal Security Advisor (MPSA)](http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/itsolutions/security/tools/mpsa.asp)* "is an easy to use web application that will help you secure your Windows NT 4.0 and Windows 2000 computer system. Simply navigate to the MPSA site and press the Scan Now button to receive a detailed report of your computer's security settings and recommendations for improvement." More of a SOHO than corporate focus. *(Curiously, this does not seem to work too well using Netscape. I wonder why???)* - *[Migrating Microsoft® Hotmail® from FreeBSD to Microsoft Windows® 2000 Technical Case Study](http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/windows2000serv/case/hotmail/default.asp)*, this is just kind of interesting, in scope if nothing else. ### UNIX - *[Lance Spitzner's](http://www.spitzner.net/)* *[Armoring Solaris II](http://www.spitzner.net/armoring2.html)* - *[Lance Spitzner's](http://www.spitzner.net/)* *[Armoring Linux](http://www.spitzner.net/linux.html)*(getting old) - *[Securing a UNIX Host](http://www.greenet.com/~brion/security/unix_host_security.html)* - *[The Solaris Security FAQ](http://www.sunworld.com/common/security-faq.html)* - *[**The Bastille Linux Project**](http://www.bastille-linux.org/)* - *[How to install Solaris and have a good host security](http://yassp.parc.xerox.com/)* - The *[SANS](http://www.sans.org/)* *[Securing Solaris 8 & 9 Using the Center for Internet Security Benchmark](https://store.sans.org/store_item.php?item=93)*. - The *[SANS](http://www.sans.org/)* *[Securing Linux A Survival Guide for Linux Security](https://store.sans.org/store_item.php?item=83)*. - *[Open BSD](http://www.openbsd.org/)*: The most secure OS there is. - *[Crack and Cracklib](http://www.users.dircon.co.uk/~crypto/)* password cracking or strengthening for UNIX. - *[John the Ripper](http://www.openwall.com/john/)* password cracking for UNIX and NT (need *[pwdump](http://us1.samba.org/samba/ftp/pwdump/)*, *[pwdump2](http://razor.bindview.com/tools/desc/pwdump2_readme.html)*, pwdump3 v2 (*[ZIP](http://www.polivec.com/Downloads/pwdump3v2.zip)* or *[here](http://vh224401.truman.edu/pub/win32/apps/pwdump3/)*), or pwdump3e (*[ZIP](http://www.polivec.com/Downloads/pwdump3e.zip)*) for NT cracking), runs on UNIX, DOS or Win16. {{< snippet "old" >}}