|
Thumper v0.2
|
|
Hits: 2 |
|
Date added: 01/28/2006 |
|
Thumper is a file monitor that highlights services and keywords dependant on its configuration file. Its purpose is to notify the user when an attack is underway. |
|
|
|
|
|
Regmon v7.02
|
|
Hits: 2 |
|
Date added: 02/27/2006 |
|
Regmon is a Registry monitoring utility that will show you which applications are accessing your Registry, which keys they are accessing, and the Registry data that they are reading and writing - all in real-time. This advanced utility takes you one step beyond what static Registry tools can do, to let you see and understand exactly how programs use the Registry. With static tools you might be able to see what Registry values and keys changed. With Regmon you'll see how the values and keys changed..
Regmon works on Windows NT/2000/XP/2003. |
|
|
|
|
|
Plash v1.16 (Tools for practical least privilege)
|
|
Hits: 2 |
|
Date added: 10/22/2006 |
|
Plash is a system for sandboxing GNU/Linux programs. Plash's aim is to protect you from the programs you run by letting you run them with the minimum authority and privileges they need do do their job -- this is the Principle of Least Authority (POLA). Plash can run programs in a secure, restricted execution environment with access to a limited subset of your files. |
|
|
|
|
|
|
Sysmask v1.02
|
|
Hits: 2 |
|
Date added: 03/09/2007 |
|
Sysmask is a security solution designed for Linux systems. It can protect
the system integrity against vulnerabilities in the great majority of codes,
whether known or unknown, patched or non-patched, in user programs,
libraries or the kernel.
Sysmask can be configured to restrict the access of a process or a user to
system resources: files, sockets, devices, system calls, disk space, memory
usage. The restriction policy can be defined with great precision, sometimes
contextual. Processes with tightly restricted access rights may continue to
do their normal work as before, but if they are compromised, the malicious
code that gets run will be unable to harm the system except for the job that
is assigned to the compromised process.
A fully deployed sysmask can protect the system against any vulnerability
except those in a small portion of the kernel, which is historically very
solid, plus those in the sysmask package itself.
With respect to other security solutions, several novel features have been
introduced in sysmask.
1. It offers protection against most kernel vulnerabilities that occur or
will occur in practice, by allowing selective closure of unused system
calls and activities for untrusted processes or users.
2. Using configuration definitions with a simple user-friendly syntax,
interactive security reactions can be defined in various ways, leading to
flexible and highly customizable security schemes without the need to
recompile existing softwares nor even to modify their configurations.
Custom interactive reactions greatly enhance the security level, as the
system behavior becomes unpredictable to outside attackers with no knowledge
of these reactions.
3. It can protect against both system level risks (unauthorized accesses
etc.) and user level risks (viruses etc.), and includes efficient resource
consumption limitations that overcome the shortcomings of traditional rlimit
setups.
4. It supports runtime reconfiguration with a menu-based user interface that
accepts feedback configuration.
Sysmask introduces only minimal or negligeable performance overhead, except
for a few programs under special conditions and requiring highly selective
protection.
The package of sysmask is also very simple and compact, with its critical
parts independent of outside codes (libraries), minimizing the probability
of bugs contained in the package itself.
Sysmask allows you to radically reduce the need to update your system
components for security reasons, because you can now live with
vulnerabilities without being hurt. Traditional anti-virus scanners are no
longer needed, let alone the need to update them, because sysmask can
prevent any virus from being installed. |
|
|
|
|
|
|
Carbonite v1.0
|
|
Hits: 1 |
|
Date added: 01/26/2005 |
|
A Linux Kernel Module to aid in RootKit detection. |
|
|
|
