All pages tagged with unix
Secure programmer: Countering buffer overflows
This article discusses the top vulnerability in Linux/UNIX systems: buffer overflows. This article first explains what buffer overflows are and why they're both so common and so dangerous. It then ...
Written by: David A. Wheeler and added on April 29, 2011Low- to No-Cost Methods to Review Webserver Logs for Potential Security Issues
This is a description of the inexpensive methods I devised to extract and tally records of interest in order to analyze webserver logfiles for potential security problems, compromise attempts, while ...
Document added on Feb. 17, 2011Using Basic Security Module (BSM), Tripwire, System Logs, and Symantec's ITA for Audit Data C
The primary focus of this paper is to provide host based set of tools auditing trace records of attempted attacks on a secured network of Solaris boxes. Until recently UNIX ...
Document added on May 23, 2011Using Sam Spade
A number of command-line tools were developed on UNIX systems during the early days of the Internet to assist in determining the source of Internet traffic. These tools include: whois, ...
Document added on May 6, 2011Ethereal Download
Ethereal is used by network professionals around the world for troubleshooting, analysis, software and protocol development, and education. It has all of the standard features you would expect in a ...
Document added on June 22, 2011SNORT Download Center
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can ...
Document added on March 30, 2011Cisco IPSec Overview
IPSec provides IP network-layer encryption. The standards define several new packet formats: the authentication header (AH) to provide data integrity and the encapsulating security payload (ESP) to provide confidentiality and ...
Written by: Unknown and added on May 18, 2011The Coroners Toolkit - In depth
In this paper I will describe evidence gathering on a Unix system using "The Coroners Toolkit" version 1.09 hereafter referred to as TCT. TCT can be downloaded freely from porcupine.org/forensics/tct.html. ...
Written by: Clarke L. Jeffris and added on Jan. 2, 2011Snort Database Plugin Documentation
The Snort NIDS has the ability to log the triggered alerts to several types of databases: MySQL, PostgreSQL, Oracle, SQL Server, and unixODBC compliant database. The database logging functionality is ...
Document added on April 6, 2011Introduction to IP Filter Part 1
A good first line of defense is to install IP level packet filtering. If we can determine exactly what packets should travel up our stack, and what appropriate destinations for ...
Written by: Jeremy Rauch and added on June 4, 2011