Loads of Linux Links: Security and Privacy

Loads of Linux Links

Home
Top
About LoLL
Change a URL
Submit a URL

Top: Security and Privacy

Meta Sites (3)
PGP / GnuPG (8)

SSH (5)

A Guide to Building Secure Web Applications and Web Services - A massive document covering all aspects of web application and web service security; published by the Open Web Application Security Project (OWASP). Current stable version is 2.0 (2006). Also available in Spanish. N.B.: Work on new revision started 2010-02-10.
A Linux-PAM page - The primary distribution site for the Linux-PAM (Pluggable Authentication Modules for Linux) project. PAM is a flexible mechanism for authenticating users.
AFICK (Another File Integrity Checker) - A fast and portable intrusion detection and integrity monitoring system, designed to work on all platforms. The configuration syntax is similar to tripwire/aide. Site also available in French. Latest stable release is 2.15-1, 2010-04-21
AIDE - Advanced Intrusion Detection Environment - Free, GPLed replacement for Tripwire. Latest release is 0.14, 2010-03-16.
Aircrack-ng - An 802.11 WEP and WPA-PSK keys-cracking program that can recover keys once enough data packets have been captured. Latest release is 1.1, 2010-04-24.
AusCERT UNIX and Linux Security Checklist v3.0 - A concise guide to securely running Linux and UNIX systems. It targets system administrators in organizations of all sizes. (2007)
BackTrack Linux - A Slackware-based, live CD Linux security distribution with 300+ security tools useful for tasks such as security audits and penetration testing. This distribution evolved from the merger Whax and Auditor Security Collection distributions. Latest stable release is 4.0, 2010-01-01. Also available in Brazilian Portuguese, Chinese, Portuguese, and Spanish.
Basic Analysis and Security Engine (BASE) -- Homepage - A network security measuring tool. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system. Latest release is 1.4.5, 2010-03-05.
Bastille Linux - hardening script for security conscience - The Bastille Hardening program "locks down" an operating system, proactively configuring the system for increased security and decreasing its susceptibility to compromise. It can also assess a system's current state of hardening, granularly reporting on each of the security settings with which it works. It currently functions on most major Linux distributions as well as Mac OSX and HP-UX. Latest release is 3.2.1, 2008-09-25.
BleachBit - Bleachbit frees disk space and maintains privacy. It wipes clean 70 applications including Firefox, Flash, Google Chrome, Opera, Safari, Adobe Reader, and APT. Excellent multilingual support - available in 30+ languages. Latest release is 0.73, 2010-02-18.
Browser Security Handbook - This handbook provides web application developers, browser engineers, and information security researchers with a one-stop reference to key security properties of contemporary web browsers. (2009)
Common Vulnerabilities and Exposures - A list of standardized names for vulnerabilities and other information security exposures. The goal of CVE is to make it easier to share data across separate vulnerability databases and security tools.
Cryptmount - A utility for Linux operating systems which allows an ordinary user to mount an encrypted filing system without requiring superuser privileges. For use on systems using the 2.6 kernel series. Latest stable release is 4.0.2, 2009-12-12.
Crypto-Gram Newsletter - Bruce Schneier's Crypto-Gram Newsletter is the one of best sources of information and analysis on computer and other security issues. Available in many languages.
Darik's Boot and Nuke (DBAN) - A cross-platform application to wipe data off of a hard disk and return the disk to a pristine state for reuse. Latest stable release is 2.0.0, 2008-02-21.
Debian GNU/Linux -- Security Information - The main Debian security site which includes security advisories and advice for the Debian user.
Debian Security Audit Project - The aim of the project is to audit as many of the packages within the Debian stable release as possible for potential flaws; important packages, which are contained in the unstable distribution, may also be examined for flaws as time permits.
Developments of the Honeyd Virtual Honeypot - Creates virtual hosts on a network for threat detection and analysis.
Electronic Privacy Information Center - A public interest research centre in Washington, D.C. It was established in 1994 to focus public attention on emerging civil liberties issues and to protect privacy, the U.S. First Amendment, and constitutional values.
Ettercap - A multipurpose sniffer/interceptor/logger for switched LAN. Latest stable release is 0.7.3, 2005-05-29.
Figaro's Password Manager 2 - A utility that securely stores the user's Web passwords. It is a Gtk2 port of Figaro's Password Manager with some new enhancements. Internationalization support: Basque, Bulgarian, Czech, English, French, German, Hungarian, Italian, Russian and Spanish. Latest release is 0.79, 2011-01-17.
Flawfinder Home Page - Security auditing tool for C/C++.
Free Software Magazine Article - "GNU/Linux free Software Tools to Preserve Your Online Privacy, Anonymity and Security" - A great advocacy piece for online freedom, privacy, anonymity, and security. A "must read". (2008)
Freenet Project - Freenet is free software which allows the user to anonymously share files, browse and publish "freesites" (web sites accessible only through Freenet) and chat on forums, without fear of censorship. Also available in Dutch, French, German, Italian, and Swedish. Latest stable release is 0.7.5, 2010-04-23.
Help Net Security - Excellent meta site for webserver security, news, software and information.
HoneyNet Project - The Honeynet Project is a U.S.-based non-profit volunteer research organization dedicated to raising awareness to and improving the security of the Internet.
ISECOM - Institute for Security and Open Methodologies - An open, non-profit organization that develops open standards and methodologies primarily in the security field. Formerly the Ideahamster Organization.
ISECOM Open Source Security Testing Methodology Manual - A standard for internet security testing; available in English, French and Spanish in a PDF file.
Insecure.Org -- Nmap Security Scanner - Stealth port scanner for network security auditing, general internet exploration & hacking. Designed to rapidly scan large networks, although it works fine against single hosts. Latest stable release is 5.0, 2009-07-05.
John the Ripper - UNIX Password Cracker - Primary purpose is to detect weak Unix passwords.
Keyring for PalmOS - Secure storage of digital secret keys on a Palm handheld computer.
Kismet - 802.11 Network sniffer - An 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.
Know Your Enemy: Honeynets - Detailed paper that discusses what a Honeynet is, its value, how it works, and the risks/issues involved. (2006)
LIDS - Linux Intrusion Detect System - LIDS is a kernel patch and admin tools which enhances the kernel's security by implementing Mandatory Access Control (MAC).
LWN: Security Index - This index covers articles that appeared in LWN on various security-related topics. Articles from 2007 onwards are indexed here.
LaBrea Homepage - Honeypot software that sets up virtual machines with virtual vulnerabilities for potential crackers; aptly named after the LaBrea Tarpits in California. Latest release is 2.5, 2003-10-30. N.B.: This application still gets a fair number of downloads at SourceForge.
Linsec.ca - This site contains primarily security-related articles, tips, and advice. Also included are tips for using LDAP as an address book, Mac OS X tips, book reviews, and software reviews.
Linux Exposed -- The Linux security and hacking portal - Articles on Linux security, hacking, and networking.
Linux Security Documentation and Resources - A comprehensive resouce centre; includes FAQs/HOWTOs, forums, whitepapers, resources on firewalls, host security, cryptography, network security, intrusion detection, securing Linux systems, a quick reference guide, and an administrator's guide.
Linux-Sec.net - One of the best Linux security resource sites.
LinuxExposed Article - "Services from a Security Point of View" - Review of commonly used Internet services and their security risks. This article is particularly useful for communicating the basics of security to upper level management staff. (2005)
LinuxSecurity.com - The Community Center For Security - A Linux security site which includes news, HOWTOs, security advisories (Linux Security Watch), newsletters, reviews, and articles.
Mailing list archives @ jammed.com - Security mailing lists
Mandriva Linux Security - Mandriva security site.
Network Security Toolkit (NST) - This bootable ISO live CD/DVD (NST Live) is based on Fedora. The toolkit was designed to provide easy access to best-of-breed open source network security applications for most x86/x86_64 platforms. Latest stable release is 2.13.0, 2010-10-06.
OSVDB: Open Source Vulnerability Database - An open source database project to collect and distribute detailed vulnerability information freely to everyone.
Open Source Software Security Wiki - The purpose of this new site (2008) is to encourage public discussion of security flaws, concepts, and practices in the open source community. It is not intended to be an information clearinghouse, or to replace any of the current security lists and groups.
Open1X - The Open1X project is dedicated to bringing a free, open source 802.1X/WPA/WPA2/IEEE802.11i implementation to as many target platforms as possible. Latest stable release is 2.20, 2010-01-29.
OpenCA Research Labs - An open organization that provides a framework for PKI (Public Key Infrastructure) studying and development of related projects.
OpenSSL: The Open Source toolkit for SSL/TLS - A collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols. Latest major release is 1.0.0, 2010-03-29.
OpenVAS - Open Vulnerability Assessment System Community Site - A cross-platform network security scanner that includes a central server and a graphical front-end. This is a fork of Nessus Vulnerability Scanner, which is no longer free software. Latest stable release is 3.0.0, 2009-12-18.
OpenVPN - An Open Source VPN Solution by James Yonan - A VPN (Virtual Private Network) daemon to securely link two or more private networks using an encrypted tunnel over the internet.
Openswan: - An implementation of IPsec for Linux. It supports kernels 2.0, 2.2, 2.4 and 2.6, and runs on many different platforms. A code fork of the FreeS/wan project. Latest stable release is 2.6.25, 2010-03-21.
Openwall Project: Information Security Software For Open Environments - This wiki provides information on a variety of open source security resources and "best practices" information. It is also the counterpart to the oss-security mailing list.
PIKT - A cross-categorical, multi-purpose software for monitoring and configuring computer systems, administering networks, and organizing system security. Latest release is 1.19.0, 2007-09-10.
PacketProtector - Security Solution for Wireless Routers - A Linux distribution for wireless routers, built on top of OpenWrt. The goal of this project is to transform the router into a unified threat management device. Latest release is 3.7, 2010-04-01.
PacketStorm - A general Internet security site with some Linux information.
Password Gorilla - A cross-platform password manager. Latest release is 1.5.3, 2010-05-06.
Privoxy - A web proxy with advanced filtering capabilities for protecting privacy, filtering web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. It runs on GNU/Linux, Windows, Mac OS X, OS/2, AmigaOS, BeOS, and most flavors of Unix. Latest stable release is 3.0.16, 2010-02-21.
RISKS-LIST: RISKS-FORUM Digest - Forum on risks to the public in computers and related systems. Archives are available online from volume 1, 1985 to the present.
Radius - A server for remote user authentication and accounting. Its primary use is for Internet Service Providers (ISPs). Latest release is 1.6.1, 2008-12-17.
Rootkit.nl - Protect Your Machine - An Internet security website. It has security-related guides and articles as well as software. The three software projects are: Rootkit Hunter, Lynis, a security and system auditing tool, and Free BSD Easy Installation Generator.
Rule Set Based Access Control (RSBAC) - Homepage - RSBAC (Rule Set Based Access Control) is an open source access control framework for current Linux kernels, which has been in stable production use since January 2000 (version 1.0.9a). Latest stable release is 1.44, 2010-04-22.
S-T-D - A live CD Linux distribution with a vast collection of open source security tools.
SUSE LINUX: Security Announcements - The main security site for SUSE.
Samhain Labs | samhain - An open source file integrity and host-based intrusion detection system for Unix and Linux.
Secure Programming for Linux and Unix HOWTO--Creating Secure Software - Online Book - This book provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Also available in Chinese, Japanese, and Korean. (2003)
Security Engineering ; A Guide to Building Dependable Distributed Systems - Online Book - A comprehensive security guide to protecting information systems. Wiley, 2001. Ignore the publication date -- this is one of the best security books available. N.B.: Online version contains some updated sections and errata; available in PDF format only.
SecurityFocus - Focus on Linux Mailing List - This mailing list is strictly for Linux, and is recommended by computer security experts. There are lots of intelligent users that subscribe to this list so this is the site to visit if you have any security-related questions.
SecurityTracker.com - Keep Track of the Latest Vulnerabilities! - A security tracking site.
Skipfish - An automated web application scanner that actively probes for vulnerabilities. Latest release is 1.31, 2010-04-13.
Snort - A free, open source network intrusion detection and prevention system capable of performing real-time traffic analysis and packet logging on IP networks. There is extensive documentation. Latest release is 2.8.6, 2010-04-26.
Steghide - A steganography program that conceals data in various kinds of image- and audio-files. Latest release is 0.5.1, 2003-10-15. N.B.: this project still gets a fair number of downloads so that is why it remains on this site.
Systrace - Interactive Policy Generation for System Calls - A utility that monitors and controls what an application can access on a system by creating and enforcing access policies for system calls. Latest stable release is 1.6g, 2009-03-15.
Tahoe-LAFS - A secure, decentralized, fault-tolerant file system. It is encrypted and spread over multiple peers in such a way that it remains available even when some of the peers are unavailable, malfunctioning, or malicious. Latest release is 1.82, 2011-01-30.
The Open Web Application Security Project (OWASP) - The free and open application security community.
The Register Article - "Internet Anonymity for Linux Newbies" - A tutorial for newbies on how to secure your home system on Linux. Despite the date of this tutorial (2002), the basic principles and advice are still valid today (2010).
The Rootkit Hunter Project - A security monitoring and analyzing tool for POSIX-compliant systems. Latest release is 1.36, 2009-11-29.
The chkrootkit Homepage - Tool that locally checks for signs of a rootkit. Latest release is 0.49, 2009-07-30.
The phrack.com Homepage - A hacker magazine by the community for the community; articles on a variety of tech issues including Linux as well as security issues.
Tor - An anonymous Internet communication system. Great internationalization effort - ~15 languages. Latest stable release is 0.21.25, 2010-03-16.
TrueCrypt - Cross-platform disk encryption software which features real-time, "on-the-fly" encryption (OHFE), encryption of an entire hard disk partition or a storage device such as a USB flash drive, and provides two levels of plausible deniability. Latest stable release is 7.01, 2010-09-06.
Untangle - An open source (GPLv2) security gateway complete with 14 applications including intrusion detection, spam, phish, and virus blocking, web content filtering, firewall, and remote access applications - VPN and remote access portal. Latest release is 7.3.0, 2010-06-03.
VTun - Virtual Tunnels Over TCP/IP Networks - This software creates virtual tunnels over TCP/IP networks with traffic shaping, compression, and encryption. It supports IP, Ethernet, PPP and other tunnel types.
Welcome to CERT! - A centre for Internet security research which studies Internet security vulnerabilities and long-term changes in networked systems, and develops information and training to help users improve security. Based at Carnegie Mellon University in the U.S.A.
Wipe: Secure File Deletion - A file and block device wiping utility. Latest version is 2.3.1, 2009-11-01.
Zebedee: Secure TCP/IP Tunnel - A simple program to establish an encrypted, compressed tunnel for TCP/IP or UDP data transfer between two systems. Latest stable release is 2.4.1A, 2005-09-06. N.B.: This project continues to get downloads on SourceForge despite no development to speak of since 2005.

Links Pages Generated by bk2site.

This page was last updated
Wed Jan 25 12:51:11 2012

Hosted by