If you have suggestions, changes, or additions you'd like to see, write bri@hackinglinuxexposed.com.
Articles by HLE authors
Vendor Mailing Lists
Security Mailing Lists
- SecurityFocus lists
Bugtraq, Incidents, Vuln-dev, Focus-Linux, SF-News and many more. - LinuxSecurity.com
Excellent weekly updates on Linux security. - Firewalls
Original Firewalls mailing list, unmoderated - Firewall-Wizards
Firewall mailing list, moderated by firewall guru Marcus Ranum. - Sans
Sans weekly and monthly newsletters - Cert
Cert Advisories - SAFER
Security Alert for Enterprise Resources
Security and Hacking Websites
- LinuxSecurity.com
Linux security news and resources. - SANS
System Administration, Networking and Security Organization - CERT
Computer Emergency Response Team - CIAC
Computer Incident Advisory Capability - Security Focus
Extensive vulnerability database, Custom security articles, and Security Focus mailing lists - Security Portal
Portal to many security sites and articles. - Neohapsis Archives
Achives of many security and vendor lists - Insecure.org
Nmap, list archives, exploits, and other excellent reading - Packet Factory
Network and security tools galore - Attrition.org
News, crypto, downloads, and the hacked web page mirror. - hack.co.za
Exploit archives - Rootshell
Exploit archives - Anticode
Exploits - Phrack Magazine
Phrack Magazine and archives, a must read. - 2600 The Hacker Quarterly
- L0pht Heavy Industries
Now part of . - Technotronic
News, security archives, exploits, and more. - Packetstorm
Searchable and downloadable database of hacking tools, countermeasures and documents
Sniffers
- Tcpdump
Tcpdump network sniffer - Hunt
Sniffer and man-in-the-middle hijacking tool - Dsniff
Many sophisticated sniffing components, including monkey-in-the-middle for SSH and SSL - Sniffit
- Ethereal
- Karpski
- Gnusniff
Security, Investigative, and Testing Tools/Suites
- Nmap
The best portscanning tool around - Lsof
List Open Files shows open files, sockets, pipes, and more. - Snort
Snort Intrusion Detection System
System Scanners
- COPS
The Computer Oracle and Password System, system vulnerability scanner. - Tiger
TAMU's system vulnerability scanner
Network Scanners
- SATAN
Satan, the first public network scanner - SAINT
Security Administrator's Integrated Network Tool -- An enhancement to Satan - SARA
Security Auditor's Research Assistant -- our favorite Satan spinoff - Nessus
client/server vulnerability scanner, updated continuously. - Toneloc modem war dialer
File Integrity Tools
- Tripwire file integrity tool: commercial
- Tripwire: Open Source version
- AIDE
Advanced Intrusion Detection Environment, a Tripwire-like file integrity tool. - Nabou
Scriptable and extensible file integrity tool.
Log Analysis Tools
- Swatch
Simple Watchdog, perl log analysis tool. - Logcheck
A cron-style log analysis tool. - Logsurfer
An advanced dynamic log analysis tool.
Port Scan Detectors
- Scanlogd
Solar Designer's advanced scan detection tool with raw socket support. - Abacus Port Sentry
Scan detection tool with route-dropping capabilities. - Klaxon
- Courtney
Encryption
- PGP Freeware
Pretty Good Privacy encryption software - GnuPG
Fully open source PGP by the GNU project - OpenSSL
OpenSSL (Secure Sockets Layer) libraries - Stunnel
SSL Tunneling software, used to encrypt arbitrary cleartext protocols. - OpenSSH
Secure replacements for the cleartext telnet, rlogin, rsh, rcp, and ftp protocols. Contains links to other SSH versions as well. - SSH FAQ
Enforcing Strong Passwords
- Cracklib
- anlpasswd
- passwd+
- npasswd
- OPIE
(One-time Passwords In Everything) - PAM (Plugable Authentication Modules)
Cracking Passwords
- John The Ripper
Solar Designer's Unix-password cracking software. - Crack
Alec Muffett's Crack, the Granddaddy of password crackers. - Slurpie
- Viper
Password Cracking Dictonaries
Mail Servers
- Postfix
Wietse Venema's answer to Sendmail - Qmail
Dan Bernstein's answer to Sendmail - Sendmail: Freeware
- Sendmail: Commercial
Preventing Spam
- spam.abuse.net
Fight Internet Spam - MAPS (Mail Abuse Prevention System)
Home of the RBL, DUL and more. - RBL (Real Time Blackhole List)
- ORBS (Open Relay Behaviour-Modification System)
- Mutt
The best damned mail reader around.
Web Servers and Dynamic Content
- NetCraft Webserver Survey
- Apache
- Thttpd web server
- Jigsaw
- AOL Server
- Bash-httpd
Yes, you can write a webserver in shell... - Awk-httpd
As if a shell webserver wasn't enough... - Mod perl
- PHP
- Whisker CGI Scanner
- cgisecurity.com
Linux Hardening Tools
- Immunix
Tools for preventing buffer overflows. - Bastille
Linux hardening scripts. - Openwall Kernel Patches
Linux kernel security patches by Solar Designer. - LIDS
Linux Intrusion Detection System, kernel patch for extreemly advanced access controls.
Access Controls and Firewalls
- Firewalls and Internet Security, the Second Hundred (Internet) Years
- The history of firewalls
- Netfilter configuration for 2.4 kernels
- tcpserver
Dan Bernstein's ucspi-tcp package, like inetd but done right.
Firewall Configuration Tools
- Web Firewall Configuration Tool
Creates ipfwadm or ipchains rulesets - Gfcc
GTK+ Firewall Control Center - Firewall Builder
GUI firewall policy compiler - MonMotha's IPTables Firewall
- Seawall Ipchains-based firewall configuration
Supports various VPN tunnels as well - PHPFwgen
PHP based firewall rule generator - Jfwadmin
X11 Java frontend for ipchains - GTK Firewall Configuration Tool
- Mason Automated firewall builder
Open Source Firewalls
- TIS Firewall Tool Kit
The granddaddy of firewalls - The Linux Router Project
Firewall and more on a single Floppy - SmoothWall
- - Floppyfw
2.2 Kernel Firewall on a bootable floppy - Sinus Firewall
Firewall on a minimum 2.0 kernel distribution
Assorted Linux and Open Source links
- GNU
Project - The Cathedral and the Bazaar
A watershed paper describing the virtues of Open Source programming - The Halloween Document
Leaked Microsoft papers describing the Microsoft strategy to defeat Open Source - Slashdot
News for nerds, stuff that matters - Freshmeat
Links to the lastest Open Source code of note - Linux Capabilities