A T T E N T I O N ! These apps will not work on your Windoze puters. This little archive is dedicated to Linux apps and Linux apps only. If you would like to learn more about Linux (and who wouldn't) Click here.

Security

SSH (Secure Shell) is a program to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. It provides strong authentication and secure communications over insecure channels. It is intended as a replacement for rlogin, rsh, rcp, and rdist.

PortSentry PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time.

LogSentry is available for download. Logcheck helps spot problems and security violations in your logfiles automatically and will send theresults to you in e-mail.

The TIS Firewall Toolkit is a software kit for building and maintaining internetwork Firewalls. It is distributed in source code form, with all modules written in the C programming language and runs on many BSD UNIX derived platforms.

Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect "ping attacks" or to monitor the network activities.

TCP_Wrappers..Wietse Venema's network logger, also known as TCPD or LOG_TCP. These programs log the client host name of incoming telnet, ftp, rsh, rlogin, finger etc. requests. Security options are: access control per host, domain and/or service; detection of host name spoofing or host address spoofing; booby traps to implement an early-warning system. The current version supports the System V.4 TLI network programming interface (Solaris, DG/UX) in addition to the traditional BSD sockets.

ISS is a network security scanner. This handy little tool can scan entire networks for open services. This is not a stealth scanner so if anominitity is not an issue use this fine tool.

Nmap is a utility for port scanning large networks, although it works fine for single hosts. The guiding philosophy for the creation of nmap was TMTOWTDI (There's More Than One Way To Do It). This is the Perl slogan, but it is equally applicable to scanners. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). You just can't do all this with one scanning mode. And you don't want to have 10 different scanners around, all with different interfaces and capabilities. Thus I incorporated virtually every scanning technique I know into nmap. Specifically, nmap supports:

TCPLOG and ICMPLOG, these are perhaps the smallest yet the most useful tools to keep you aware of exactly what is going on with your linuxbox. These programs take all incoming TCP and ICMP activity and log them to the syslog.