FYI
a “hacker” is someone who programs for enjoyment, but the term has
become synonymous with “cracker,” a person that performs an illegal
act. If you are worried about crackers (and you should if you use any
Micro$oft products and the internet) perform an internet connection security analysis (of commonly probed ports) and then consider using a Mac. BTW if ya have a question then read the Hacking FAQ's else try the graffiti wall to post a question or share a comment about solar powered 802.11 nodes I designed and built for a community network.
|
The
Internet Traffic Report monitors the flow of data around the world.
It then displays a value between zero and 100. Higher values indicate faster
and more reliable connections.
|
|
At Toorcon
2003 (Information Security Conference) a talk was given on utilities
people in the know seem to find most useful. So FYI here a rough list
of the top 20 hacking tools. FYI insecure.org has a list of top 75 Security Tools.
Nessus | The
"Nessus" Project aims to provide to the internet community a free,
powerful, up-to-date and easy to use remote security scanner for Linux,
BSD, Solaris, and other flavors of Unix. | Ethereal | Ethereal
is a free network protocol analyzer for Unix and Windows. Ethereal has
several powerful features, including a rich display filter language and
the ability to view the reconstructed stream of a TCP session. | Snort | Snort
is an open source network intrusion detection system, capable of
performing real-time traffic analysis and packet logging on IP
networks. | Netcat | Netcat
has been dubbed the network swiss army knife. It is a simple Unix
utility which reads and writes data across network connections, using
TCP or UDP protocol | TCPdump | TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications. | Hping | Hping
is a command-line oriented TCP/IP packet assembler/analyzer, kind of
like the “ping” program (but with a lot of extensions). | DNSiff | DNSiff
is a collection of tools for network auditing and penetration testing.
dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively
monitor a network for interesting data (passwords, e-mail, files,
etc.). | GFI LANguard | GFI
LANguard Network Security Scanner (N.S.S.) automatically scans your
entire network, IP by IP, and plays the devil's advocate alerting you
to security vulnerabilities. | Ettercap | Ettercap
is a multipurpose sniffer/interceptor/logger for switched LAN. It
supports active and passive dissection of many protocols (even ciphered
ones)and includes many feature for network and host analysis. | Nikto | Nikto
is an Open Source (GPL) web server scanner which performs comprehensive
tests against web servers for multiple items, including over 2500
potentially dangerous files/CGIs, versions on over 375 servers, and
version specific problems on over 230 servers.
The project has been updated and moved to - https://cirt.net/Nikto2
++ guide to network vulnerability scanners (https://comparite.ch/nvscan) | John the Ripper | John the Ripper is a fast password cracker, currently available for many flavors of Unix. | OpenSSH | OpenSSH
is a FREE version of the SSH protocol suite of network connectivity
tools, which encrypts all traffic (including passwords) to effectively
eliminate eavesdropping, connection hijacking, and other network-level
attacks. | TripWire | Tripwire is a tool that can be used for data and program integrity assurance. | Kismet | Kismet
is an 802.11 wireless network sniffer - this is different from a normal
network sniffer (such as Ethereal or tcpdump) because it separates and
identifies different wireless networks in the area. | NetFilter | NetFilter
and iptables are the framework inside the Linux 2.4.x kernel which
enables packet filtering, network address translation (NAT) and other
packetmangling. | IP Filter | IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services. | pf | OpenBSD Packet Filter | fport | fport identifys all open TCP/IP and UDP ports and maps them to the owning application. | SAINT | SAINT network vulnerability assessment scanner detects vulnerabilities in your network's security before they can be exploited. | OpenPGP | OpenPGP
is a non-proprietary protocol for encrypting email using public key
cryptography. It is based on PGP as originally developed by Phil
Zimmermann. |
A “Proxy”
is an application that breaks the connection between sender and
receiver, thus protecting your internet privacy (to some degree) while
you are surfing. Enjoy the proxy gateway list(1) and list(2). If you’re curious, try Test Page for Web Anonymzing Services
to test the various proxies yourself. Note as of 11/19/2001 those
suffering from corporate oppression and Muslims in Saudi Arabia, UAE,
etc. looking for porn better have alternative plans, because Safeweb turns off free service. The University of Toronto's Internet Censorship Explorer permits anyone with a Web browser to test the limits of certain national and organizational Internet-blocking schemes.
Users simply enter a target URL and a country into a search field on
the Censorship Explorer's website. The software then scans the ports of
available servers in that country, looking for open ones. If you’re interested in anonymous surfing (i.e. the phaster proxy gateway), and wondering is someone watching your every move, then you may also know eMail is not private (it is like sending a postcard that leaves a trail). So here is a list of free eMail services, some of which include a measure of security. B.T.W. if you have any browser privacy issues, I have Netscape Navigator secrets and tips on how to secure Internet Explorer. Phaster computer security resources search includes: exploits/bugs,
internet security tools, guides to ethical hacking, encryption, network
security documentation, hacks, cracks, phreaking stuff, etc. |