Loads of Linux Links: Security and Privacy

Loads of Linux Links

Home
Top
About LoLL
Change a URL
Submit a URL

Top: Security and Privacy

Meta Sites (4)
PGP / GnuPG (9)

SSH (5)

A Guide to Building Secure Web Applications and Web Services - A massive document covering all aspects of web application and web service security; published by the Open Web Application Security Project (OWASP). Current stable version is 2.0 (2006) ; 3.0 is the draft version (2006). Also available in Japanese and Spanish.
A Linux-PAM page - The primary distribution site for the Linux-PAM (Pluggable Authentication Modules for Linux) project. PAM is a flexible mechanism for authenticating users.
AFIk (Another File Integrity Checker) - Site available in English and French.
AIDE - Advanced Intrusion Detection Environment - Free, GPLed replacement for Tripwire.
Aircrack-ng - An 802.11 WEP and WPA-PSK keys-cracking program that can recover keys once enough data packets have been captured.
AusCERT UNIX and Linux Security Checklist v3.0 - A concise guide to securely running Linux and UNIX systems. It targets system administrators in organizations of all sizes. (2007)
BackTrack - A Slackware-based, live CD Linux distribution with over 300 security tools useful for tasks such as security audits and penetration testing. This distribution evolved from the merger Whax and Auditor Security Collection distributions.
Basic Analysis and Security Engine (BASE) -- Homepage - A network security measuring tool; web-based interface front-end to query and analyze the SNORT-IDS security alerts.
Bastille Linux - hardening script for security conscience - The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. It can also assess a system's current state of hardening, granularly reporting on each of the security settings with which it works. Currently supports the Red Hat (Fedora Core,Enterprise, and Numbered/Classic), SUSE, Debian, Gentoo, and Mandriva distributions, along with HP-UX.
Common Vulnerabilities and Exposures - A list of standardized names for vulnerabilities and other information security exposures. The goal of CVE is to make it easier to share data across separate vulnerability databases and security tools.
Creating Snort Rules with EnGarde HOWTO - This HOWTO provides a step-by-step guide to writing custom rules for Snort, an intrusion detection and prevention application. (2007)
Cryptmount - A utility for Linux operating systems which allows an ordinary user to mount an encrypted filing system without requiring superuser privileges. For use on systems using the 2.6 kernel series.
Crypto-Gram Newsletter - Bruce Schneier's Crypto-Gram Newsletter is the one of best sources of information and analysis on computer and other security issues. Available in many languages.
Darik's Boot and Nuke (DBAN) - A cross-platform application to wipe data off of a hard disk and return the disk to a pristine state for reuse. Latest stable release is 2.0.0, 2008-02-21.
Debian GNU/Linux -- Security Information - The main Debian security site which includes security advisories and advice for the Debian user.
Debian Security Audit Project - The aim of the project is to audit as many of the packages within the Debian stable release as possible for potential flaws; important packages, which are contained in the unstable distribution, may also be examined for flaws as time permits.
Electronic Privacy Information Center - A public interest research centre in Washington, D.C. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the U.S. First Amendment, and constitutional values.
Ettercap - A multipurpose sniffer/interceptor/logger for switched LAN. Latest stable release is 0.7.3, 2005-05-29.
Flawfinder Home Page - Security auditing tool for C/C++.
Free Software Magazine Article - "GNU/Linux free Software Tools to Preserve Your Online Privacy, Anonymity and Security" - A great advocacy piece for online freedom, privacy, anonymity, and security. A "must read". (2008)
Freenet Project - Software which allows user to publish and obtain information on the Internet without fear of censorship.
GNU httptunnel - An application that creates a bidirectional virtual data connection tunnelled in HTTP requests; the HTTP requests can be sent via an HTTP proxy.
Help Net Security - Excellent meta site for webserver security, news, software and information.
HoneyNet Project - The Honeynet Project is a U.S.-based non-profit volunteer research organization dedicated to raising awareness to and improving the security of the Internet.
Honeyd - Network Rhapsody for You - Creates virtual hosts on a network for threat detection and analysis.
ISECOM - Institute for Security and Open Methodologies - An open, non-profit organization that develops open standards and methodologies primarily in the security field. Formerly the Ideahamster Organization.
ISECOM Open Source Security Testing Methodology Manual - A standard for internet security testing; available in English, French and Spanish in a PDF file.
Insecure.Org -- Nmap Security Scanner - Stealth port scanner for network security auditing, general internet exploration & hacking. Designed to rapidly scan large networks, although it works fine against single hosts.
Jail Chroot Project - A login tool which works as a wrapper to the user shell.
John the Ripper - UNIX Password Cracker - Primary purpose is to detect weak Unix passwords.
Keyring for PalmOS - Secure storage of digital secret keys on a Palm handheld computer.
Kismet - 802.11 Network sniffer - An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
Knocker - The Net Port Scanner - A cross-platform TCP security port scanner; capable of analyzing hosts and the network services which are running on them. Latest release is 0.7.1, 2002-08-23.
Know Your Enemy: Honeynets - Detailed paper that discusses what a Honeynet is, its value, how it works, and the risks/issues involved. (2006)
LIDS - Linux Intrusion Detect System - LIDS is a kernel patch and admin tools which enhances the kernel's security by implementing Mandatory Access Control (MAC).
LWN: Security Index - This index covers articles that appeared in LWN on various security-related topics. Articles from 2007 onwards are indexed here.
LaBrea Homepage - Honeypot software that sets up virtual machines with virtual vulnerabilities for potential crackers; aptly named after the LaBrea Tarpits in California.
Laurent Constantin, netwib, netwox, netwag, lcrzoex, lcrzo - Netwox - network toolbox to test an Ethernet/IP network; Netwag - Netwox advanced GUI; Netwib - network library.
Linsec.ca - This site contains primarily security-related articles, tips, and advice. Also included are tips for using LDAP as an address book, Mac OS X tips, book reviews, and software reviews.
Linux Exposed -- The Linux security and hacking portal - Articles on Linux security, hacking, and networking.
Linux Security Documentation and Resources - A comprehensive resouce centre; includes FAQs/HOWTOs, forums, whitepapers, resources on firewalls, host security, cryptography, network security, intrusion detection, securing Linux systems, a quick reference guide, and an administrator's guide.
Linux-Sec.net - A Linux security resource site.
LinuxExposed Article - "Looking securely at TCP/IP" - An overview article about TCP/IP and security-related issues. (2005)
LinuxExposed Article -"Services from a Security Point of View" - Review of commonly used Internet services and their security risks. (2005)
LinuxSecurity.com - The Community Center For Security - A Linux security site which includes news, HOWTOs, security advisories (Linux Security Watch), newsletters, reviews, and articles.
Lud's Linux Corner - Linux Network Security Tips - Site available in English and French.
Mailing list archives @ jammed.com - Security mailing lists
Mandriva Linux Security - Mandriva security site.
OSVDB: Open Source Vulnerability Database - An open source database project to collect and distribute detailed vulnerability information freely to everyone.
Open Source Software Security Wiki - The purpose of this new site (2008) is to encourage public discussion of security flaws, concepts, and practices in the open source community. It is not intended to be an information clearinghouse, or to replace any of the current security lists and groups.
Open1X - The Open1X project is dedicated to bringing a free, open source 802.1X/WPA/WPA2/IEEE802.11i implementation to as many target platforms as possible.
OpenCA Research Labs - An open organization that provides a framework for PKI (Public Key Infrastructure) studying and development of related projects.
OpenCOE: Open Common Operating Environment - Latest release: 1.1.4.1, October, 2003.
OpenSSL: The Open Source toolkit for SSL/TLS - A collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols.
OpenVAS - Open Vulnerability Assessment System Community Site - A cross-platform network security scanner that includes a central server and a graphical front-end. This is a fork of Nessus Vulnerability Scanner, which is no longer free software.
OpenVPN - An Open Source VPN Solution by James Yonan - A VPN (Virtual Private Network) daemon to securely link two or more private networks using an encrypted tunnel over the internet.
Openswan: - An implementation of IPsec for Linux. It supports kernels 2.0, 2.2, 2.4 and 2.6, and runs on many different platforms. A code fork of the FreeS/wan project.
Openwall Project: Information Security Software For Open Environments - Security software packages available on this site: Owl, John the Ripper, Modern password hashing, Pluggable password strength checking, scanlogd, popa3d.
OutGuess - universal Steganography - Latest version is 0.6, September, 2004.
PIKT - System monitoring and configuration management software.
PacketProtector - Security Solution for Wireless Routers - A Linux distribution for wireless routers, built on top of OpenWrt. The goal of this project is to transform the router into a unified threat management device.
PacketStorm - A general Internet security site with some Linux information.
Password Gorilla - A cross-platform password manager.
Privoxy - A web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious junk.
RISKS-LIST: RISKS-FORUM Digest - Forum on risks to the public in computers and related systems.
Radius - A server for remote user authentication and accounting. Its primary use is for Internet Service Providers (ISPs); latest release 1.3, 2004-11-20.
Rootkit.nl - Protect Your Machine - An easy-to-use tool that checks Linux and UNIX machines for rootkits and other unwanted tools.
Rule Set Based Access Control (RSBAC) - Homepage - Open Source (GPL) Linux kernel security extension.
S-T-D - A live CD Linux distribution with a vast collection of open source security tools.
SARA - Security Auditor's Research Assistant - A cross-platform network security analysis tool.
SUSE LINUX: Security Announcements - The main security site for SUSE.
Samhain Labs | samhain - An open source file integrity and host-based intrusion detection system for Unix and Linux.
Secure Programming for Linux and Unix HOWTO--Creating Secure Software - Online Book - This book provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Also available in Chinese, Japanese, and Korean. (2003)
Security Engineering ; A Guide to Building Dependable Distributed Systems - Online Book - A comprehensive security guide to protecting information systems. Wiley, 2001. Ignore the publication date -- this is one of the best security books available. N.B.: Online version contains some updated sections and errata; available in PDF format only.
Security-Enhanced Linux - SE Linux is a version of the Linux kernel enhanced for security purposes. It is developed by the U.S. government's National Security Agency and Secure Computing Corporation with the contributions of the University of Utah. Not strictly a Linux distribution.
SecurityFocus - Focus on Linux Mailing List - This mailing list is strictly for Linux, and is recommended by computer security experts. There are lots of intelligent users that subscribe to this list so this is the site to visit if you have any security-related questions.
SecurityTracker.com - Keep Track of the Latest Vulnerabilities! - A security tracking site.
Sigtran.org - A quick directory to all things related to Signal Transport technology.
Snort - Intrusion detection and prevention software.
Steghide - A steganography program that conceals data in various kinds of image- and audio-files.
Sussen - Security scanner; GNOME interface and GNOME-DB backend.
Systrace - Interactive Policy Generation for System Calls - A utility that monitors and controls what an application can access on a system by creating and enforcing access policies for system calls.
Tahoe File System - A secure, decentralized, fault-tolerant file system. It is encrypted and spread over multiple peers in such a way that it remains available even when some of the peers are unavailable, malfunctioning, or malicious.
The Big Brother System & Network Monitor - Free for non-commercial use.
The Complete, Unofficial TEMPEST Information Page - Suveillance technology.
The Open Web Application Security Project (OWASP) - The free and open application security community.
The Register Article - "Internet Anonymity for Linux Newbies" - A tutorial for newbies on how to secure your home system on Linux; dated, but the basic principles and advice are still valid. (2002)
The Rootkit Hunter Project - A security monitoring and analyzing tool for POSIX-compliant systems.
The chkrootkit Homepage - Tool that locally checks for signs of a rootkit.
The phrack.com Homepage - A hacker magazine by the community for the community; articles on a variety of tech issues including Linux as well as security issues.
Tor - An anonymous Internet communication system. Great internationalization effort - ~15 languages.
TrueCrypt - Cross-platform disk encryption software which features real-time, "on-the-fly" encryption (OHFE), encryption of an entire hard disk partition or a storage device such as a USB flash drive, and provides two levels of plausible deniability. Latest release is 6.2, 2009-05-11.
Untangle - An open source (GPLv2) security gateway complete with 14 applications including intrusion detection, spam, phish, and virus blocking, web content filtering, firewall, and remote access applications - VPN and remote access portal.
Vancouver Webpages' Security Page - A short overview of common network security holes, and what do do about them.
Welcome to CERT! - A centre for Internet security research which studies Internet security vulnerabilities and long-term changes in networked systems, and develops information and training to help users improve security. Based at Carnegie Mellon University in the U.S.A.
Wipe: Secure File Deletion - A file and block device wiping utility. Latest stable release is 2.2.0, 2004-01-10.
Zebedee: Secure TCP/IP Tunnel - A simple program to establish an encrypted, compressed tunnel for TCP/IP or UDP data transfer between two systems.

Links Pages Generated by bk2site.

This page was last updated
Wed Jul 8 16:30:21 2009

Hosted by