Category Security Solutions

Laurent Chouraki released an experimental extension for MediaWiki. This extension feeds fail2ban so you can block bruteforce attacks at the firewall level.

Comodo is the 2nd largest Certification Authority for ensuring Identity Trust & Assurance on the web. It provides a growing range of Identity and Trust Assurance encryption, verification and authentication services and security applications for business users, as well as for consumers

TIGER is a set of Bourne shell scripts, C programs, and data files which are used to perform a security audit of Unix systems. The security audit results are useful both for system analysis (security auditing) and for real-time, host-based intrusion detection.

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.

For its first hardware review, Security-database focuses on a new secured USB Flash drive which confirms an increasing threat concern about users’ carried piece of data . Does Corsair achieve its goal? Is it really useful ? What are limitations , pros and cons ?

Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source (license).

The OSWAâ„¢-Assistant is a self-contained, freely downloadable, wireless-auditing toolkit for both IT-security professionals and End-users alike.

Babel Enterprise is a systems auditing tool. Babel performs a security level check of the machine, or hardening. The check consists of a number of auditing tests that obtain a snap of the security status of each machine

SQL Power Injector is an application created in .Net 1.1 that helps the penetration tester to find and exploit SQL injections on a web page.

Gerald Combs, the creator of Ethereal®, has initiated the Wireshark network protocol analyzer project, a successor to Ethereal®. The Ethereal® core developer team has moved with Gerald to the Wireshark project

SAINT, or the Security Administrator’s Integrated Network Tool, uncovers areas of weakness and recommends fixes. With SAINT® vulnerability assessment tool, you can:

• Detect and fix possible weaknesses in your network’s security before they can be exploited by intruders.
• Anticipate and prevent common system vulnerabilities.
• Demonstrate compliance with current government regulations such as FISMA, Sarbanes Oxley, GLBA, HIPAA, and COPPA

Nmap ("Network Mapper") is a free open source utility for network exploration or security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. Nmap runs on most types of computers and both console and graphical versions are available. Nmap is free and open source (license).

CORE FORCE is the first community oriented security solution for personal computers. CORE FORCE is free and provides a comprehensive endpoint security solution for Windows 2000 and Windows XP systems

The Network Security Toolkit is a bootable ISO live CD is based on Fedora Core 6. The toolkit was designed to provide easy access to best-of-breed Open Source Network Security Applications and should run on most x86 platforms.

Open Vulnerability and Assessment Language (OVALâ„¢) is an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.

Are you aware of all the devices – USB sticks, CDs, floppies, smartphones, MP3 players, handhelds, iPods, digital cameras – that have been connected to your network? As an administrator, do you know how many employees have been using or are using portable storage devices at the moment? Monitoring your network for these devices is not only time-consuming but nearly impossible to do manually.

Blink Personal is the first Internet security solution to expose system and application flaws that currently go undetected and unpatched, even when using Microsoft Windows Update. Blink Personal is also the first Internet security solution to build all of these protection layers into a small, single agent footprint that breaks the ‘bloatware’ model of client security that exists in the market