Information Security: October 2012

Wednesday, October 31, 2012

Firewall Builder - GUI firewall management application for iptables, PF, Cisco ASA/PIX/FWSM, Cisco router ACL

Firewall Builder is a GUI firewall management application for iptables, PF, Cisco ASA/PIX/FWSM, Cisco router ACL and more. Firewall configuration data is stored in a central file that can scale to hundreds of firewalls managed from a single UI.

Supported Platforms

Firewall Builder makes firewall management easy by providing a drag-and-drop GUI application that can be used to configure Linux iptables, Cisco ASA and PIX, Cisco FWSM, Cisco router access lists, pf, ipfw and ipfilter for BSD, and HP ProCurve ACL firewalls.

Integrated Installer

Firewall Builder uses SSH and SCP to securely deploy your rules to the firewall. To help avoid situations where a firewall change accidentally blocks access to the device, Firewall Builder includes functions to automatically revert a firewall configuration to the previous version.

Advanced Feature Configuration Support

Firewall Builder also supports configuration of many advanced features. For example:
Cluster support for Cisco ASA/PIX, Linux iptables and OpenBSD pf firewalls
Dynamic live rule updates on Linux iptables (via ipset module) and OpenBSD pf
Run time options to have rule objects, like interfaces, determined on firewall startup
Predefined templates, including firewall rules, for common deployment scenarios
Device configuration of interface IP addresses, static routes, VLAN and bridge interfaces
Configuration versioning control using RCS
User defined pre and post firewall startup scripts

Download fwbuilder-5.1.0.3599.tar.gz (7.2 MB)

Download other versions from here
Download Firewall Builder for windows

Are you still managing firewalls from the command line?

Does this sound familiar?

You need to make a firewall update, but you are not sure of the exact command you need, so you: Search for documentation. Scour forums. Trawl through wikis. Hours go by. Finally, something that looks like the right command! Try it out. Oh, didn't work. Back to searching...

Been there? Well, no more.

Firewall Builder makes it easy to configure your firewalls. Our application is trusted by thousands of users to help them manage their production firewalls. Why? We're glad you asked.

Simplicity	Flexibility	Time Savings
With features like shared objects, drag-and-drop GUI, and search-and-replace, tasks that used to be time-consuming and frustrating are now simple and straightforward. For more information on Firewall Builder Home Features Benefits How it Works Support Documentation About Quick Start Guide Users Guide 5 Firewall Builder Licensing Supported Firewalls Firewall Builder 5.1.0 Release Notes Video Tutorials Source - http://sourceforge.net/projects/fwbuilder/ Visit website for more information - http://www.fwbuilder.org/index.html	Firewall Builder supports a wide range of firewall platforms, includingCisco ASA & PIX, Linux iptables,BSD pf and many more. You’re not confined to one platform—or locked into a single vendor.	The easy-to-use GUI, multiple platform support, and make-it-easy features let you forget about typing commands and instead focus on what traffic your firewall policies should allow or deny.

SeaMonkey v2.13.2 - An all-in-one internet application suite

Mozilla SeaMonkey is an all-in-one Internet application suite that includes an Internet browser, email and newsgroup client, HTML editor, IRC chat, and web development tools. It includes a pop-up blocker, junk mail controls, and a tabbed interface.

Features

The Internet browser at the core of the SeaMonkey suite uses the same rendering engine and application platform as its sibling Mozilla Firefox, with popular features like tabbed browsing, feed detection, popup blocking, smart location bar, find as you type and a lot of other functionality for a smooth web experience.
SeaMonkey's Mail and Newsgroups client shares lots of code with Mozilla Thunderbird and features adaptive Junk mail filtering, tags and mail views, web feeds reading, tabbed messaging, multiple accounts, S/MIME, address books with LDAP support and is ready for both private and corporate use.
Additional components include an easy-to-use HTML Editor, the ChatZilla IRC chat application and web development tools like a DOM Inspector and a JavaScript debugger.
If that's still not enough, SeaMonkey can be extended with numerous Add-Ons that provide additional functionality and customization for a complete Internet experience.

Download SeaMonkey Setup 2.13.2.exe (20.2 MB)

Download other versions from here

Source -

http://sourceforge.net/projects/seamonkey.mirror/

http://www.seamonkey-project.org/

For more information on add-ons-

https://addons.mozilla.org/en-US/seamonkey/

Screenshot -

LetoDMS v3.4.0RC3 - open-source, web-based document management system (DMS) written in PHP

LetoDMS is an open-source, web-based document management system (DMS) written in PHP with a database backend. LetoDMS provides document meta-data, version control, security and easy access to your documents.

Features

Document-Metadata: Meta-data can be attached to a document (such as owner, status, create date, etc.)
Version-Control: Old versions of documents are saved and can be retrieved as needed
Security-Mechanism: Not every user should have access to every document - a DMS offers restriction-mechanisms
Easy Access: Users can find files through tables of contents, indexes, and full-text searches and sort the results by certain criteria
Automatic Email Notification On or Off

Download LetoDMS-3.4.0RC3.tar.gz (1.0 MB)

Download other versions from here

Source -

http://sourceforge.net/projects/mydms/

http://www.letodms.com/

LetoDMS Documentation

ESSPEE-R2 x86- Penetration Testing & Forensics

ESSPEE is a derivetive of Back | Track 5, based on Ubuntu 12.04. Designed for users who wish to use only free software. It is packed with featured security tools with stable configurations. This version consolidates the Unity desktop interface; a brand new way to find and manage your applications.

Thanks to Back Track, Blackbuntu, CAINE and DEFT for inspiration.

Being a sole developer to this distro, I wish it could help Open Source community with a better interface for Penetration testing and Forensics. I really enjoyed my work for last six months.

Please let me know about bugs and if possible provide solution also.

So finally, "This is the season of roses and wine, this moment is yours....Just live it up !!!"

Features -

A Perfect Forensics Mode - Read-Only Mount
A Perfect Stealth Mode - Networking Disabled
Latest kernel with aufs support (Kernel 3.6.2)
Ruby 1.9.3 p194 - The Latest Available Ruby
OSSEC - Open Source Host-based Intrusion Detection System
Support all kind of Desktop Environments (Gnome, Unity, Gnome-Fallback)
Gnome-Pie - A glimpse of all your favourite applications at single click
Suricata - Open Source Next Generation Intrusion Detection and Prevention Engine.
Snorby - Ruby on Rails application for network security monitoring (Web Interface).
Meld - A visual diff and merge tool for compare files and directories
MySQL Workbench - A visual database design tool to manage MySQL database
OSSEC - Open Source Host-based Intrusion Detection System
Net Activity Viewer - A graphical network connections viewer for Linux
LOIQ - Open source network stress testing & denial-of-service attack application.
Guymager - Forensics imaging tool (GUI)
Ostinato - Open-source network packet crafter/traffic generator and analyzer
FSlint - Find and clean various unwanted extraneous files on a computer file system
Areca Backup - Open-source, easy to use and reliable backup solution for Linux
DocFetcher Text Search - Search Words within The Documents
Virtualbox - Create your own virtual lab
Nemiver - A standalone graphical C and C++ debugger
Anonymity - Tor network, i2p network etc.... and many more .......

Changelog ESSPEE-R2 x86 updated on 25-10-2012

Software added:

1. VirtualBox 4.2

2. Ostinato - Network packet crafter/traffic generator and analyzer

3. Suricata IDS/IPS

4. Snorby - Web UI for Suricata log analysis

5. Kernel 3.6.2 - Compiled especially for multi core CPUs

6. BlackBerry Backup Analyzer

7. iPhone Backup Analyzer

8. Dhash GUI - Forensics Imaging Tool by DEFT

9. FileInfo GUI - File analysis script with Right Click on a file (PDF analysis featured)

10. Sqlite Database Browser - GUI

11. I2P - Anonymous network

12. BlueWho - Information & notification about new discovered bluetooth device

13. KVirusTotal - Online suspecious file analysis API

14. JNetMap port scanner based on java

15. ASEF - Android Security Evaluation Framework

16. Remotescript - Execute scripts on multiple remote hosts simultaneously via ssh

17. Mobius Forensics Toolkit

18. Scalpel & Foremost GUI - File carving tools

19. QKismet - Kismet GUI

20. Bannergrab

Software removed:

1. VMware Player 4.0.4 with complete vmware tools

2. Webmin

Download ESSPEE-R2-x86.zip (2.2 kB)

Source -

http://sourceforge.net/projects/esspee/

XOIC v1.3 - Tool to make (D)DoS attacks

XOIC is a tool to make DoS attacks.
More information about DoS attacks: http://de.wikipedia.org/wiki/Denial_of_Service.
The tool makes a (D)DoS attacks to any IP address,with a user selected port and a user selected protocol.

XOIC is in my tests a little more powerful as loic (low orbit cannon).
The reason is that I've left out gadget devastating performance (eg request counter and TCP HTTP UDP Icmp message) and other things.

XOIC have 3 modes:

-Test Mode
-Normal DoS attack mode (No request counter and TCP HTTP UDP ICMP message because of performance )
-DoS attack with a TCP/HTTP/UDP/ICMP Message

THIS IS THE NEW DLR_DoS -> XOIC

Only for win7 and win8!!!
Use it at your own risk!
Use this tool only to test your server!

WARNING:
Never use it to attack servers that you don´t own or have permission by the owner !

Features

Normal DoS attack mode. (TCP/HTTP/UDP/ICMP)
Testmode will show you how many seconds you Computer needs for 10000 requests.
DoS attack with a TCP/HTTP/UDP/ICMP message
GUI and easy to use!

Download XOIC_1.3.exe (614.9 kB)

Download other versions from here

Source -

http://sourceforge.net/projects/xoic/

Screenshot -

XOIC normal dos

Chakra-Claire-2012.10 - free, user-friendly and extremely powerful liveCD and distribution

Chakra GNU/LInux is a free, user-friendly and extremely powerful liveCD and distribution using the award winning KDE SC and Plasma Desktop with a bundle system to use GTK-apps.

Features

KDE improved packages
especially made to get the best KDE experience
Bundle system for GTK-apps

main goal is provide a fast, user-friendly and extremely powerful Live CD and/or Linux distribution specially made for the award winning KDE Software Compilation and the beautiful Plasma desktop.

Click here to learn more about Bundles System, an easy way to enjoy the best must-have Gtk applications without the need to actually install any file in the system.

Chakra provides a modular and tweaked package set of the KDE Software Compilationoptimized for Chakra Linux and coming with a lot of useful additions.

Tools, growing collection of tools for Chakra/KDE, featuring a gui package manager frontend, a LiveCD installer and a bundle creator/manager.

Download chakra-2012.10-Claire-x86_64.iso (1.6 GB)
Download other versions from here

Here you can download the latest builds of the Chakra Live Medias.

Full Edition

Full-featured snapshot with all the software you can expect from a Live Media, and more!

Available ISO files: DVD

Additional files: xdeltas, md5, sha1, package lists, torrents, etc.

Release notes: Chakra 2012.10

The Chakra-Project Team is proud to announce the third "Claire" release, this codename will follow theKDE SC 4.9 series, and will be dedicated to the memory of Claire Lotion.

Chakra is making the switch to Systemd as default with this release.

It took a good six months of preparations to get to this point, but the full switch to systemd is here. To do so udev is merged into systemd, with systemd being updated to 194. This meant a first .so file jump for libudev, meaning many packages depending on libudev were updated and rebuild. It also meant theremoval of consolekit, handled now by polkit and logind. All in all, this has been the biggest change in Chakra's 2 1/2 year existance as an independent distro. Among all the other updates on this release, KDE 4.9.2, Linux 3.5.6, Kmod 0.10, Cups 1.6.1, Dbus 1.6.4, Qt 4.8.3, Calligra 2.5.3 to name a few.

As with the previous release, Chakra is no longer shipping a GUI for package management. Appset-qt was the GUI for pacman, but was not handling complex updates as should, so it is dropped from this ISO. In the initial phase of using a build from scratch package manager, there will be no GUI for package management either, so this is a good time to let any user get accustomed to this situation. Pacman is the cli frontend for package management, the online package viewer is there for additional info and searches. A Simple Pacman Update Notifier named "spun" was also added, it will notify the user when updates are available. It was decided to no longer provide an i686 ISO. You can read more on this decision in this news article.

Chakra is offering only a DVD version with this release. It includes all the language packs, many of standard KDE apps, the new calligra 2.5.1, amarok, kde-telepathy, spideroak, printer support, minitube, k3b to name a few.

KDE 4.9.2
Linux 3.5.6 (3.0.43 optional)
DVD image, including all locales and a nice selections of apps
Kapudan, Chakra's desktop greeter, and all around first setup tool
All new artwork called "Dharma"
Latest Grub2-2.00, including graphical dharma theme, Qt 4.8.3
Enhancements to Chakra tools like cbundle/cinstall, welcome-plasmoid, tribe and spun
Updated systemd, kmod, mkinitcpio, filesystem, latest proprietary graphics drivers, including the all new catalyst-legacy
Merge of udev into systemd, 15 dri packages into one mesa, removal of hal, consolekit, initscripts, sysvinit

For all our GTK fans we added some more popular GTK-apps as bundles. You can download them from our bundle page and run them with a simple double-click right away.

Source -
http://sourceforge.net/projects/chakra/
http://chakra-linux.org/index.html

Friday, October 26, 2012

Linux Lite - simple to use, free operating system for everyone

Linux Lite is a simple to use, free operating system for everyone.

By producing a simple to use Linux based Operating System, we hope that people will discover just how simple it can be to use a distro like Linux Lite.

Linux LIte is free for everyone to use and share, and suitable for people who are new to Linux or for people who want a liteweight environment that is also fully functional.

You get a web browser, email, a music & movie player, cd/dvd burner, office software, voice chat, photo editor, network access tools, printing & the Linux Lite Help Manual.

Linux Lite is based on Ubuntu 12.04 LTS with 5 years support. The following software included: GParted, LibreOffice Writer, LibreOffice Calc, XFBurn CD/DVD Burner, VLC Media Player, Firefox Web Browser with Flash, OpenJDK Java v6, Mumble Voice Chat, Thunderbird Email, XChat IRC Client, Gimp Image Editor, Leafpad Text Editor, Xarchiver.

Live User is: root
There is no password (hit enter)

Features -
XFCE 4.8
Built-in help manual
Low resource use
Good selection of easy to use software

Download linux-lite-1.0.0-i386.iso (916.5 MB)
Download other files from here

Linux Lite 1.0.0 Amethyst
32bit with Pae Support
Creator - Jerry Bezencon (Valtam)
Linux Distro Community
www.linuxdistrocommunity.com
Share knowledge, enjoy freedom
26th October 2012

Filename: linux-lite-1.0.0-i386.iso
md5sum: e95b20ee67e6dc1fbb348ea7e9ab7bd4

Description -

Linux Lite is a free operating system. It comes in 32bit and has pae support so if you have more than 4gb of ram, it will all be made available. There are no plans for a 64bit version.
By producing a simple to use Linux based Operating System, we hope that people will discover just how simple it can be to use a distro like Linux Lite.

Installation -

The Live login username is: root
There is no password, simply hit enter after entering the username and you will get into the desktop.

Copy the iso image to a 1gb or larger USB stick using Unetbootin. Unetbootin is available for Windows and in Linux through your existing distro repos, or you can download from here - http://unetbootin.sourceforge.net/
Or, you can burn the Linux Lite iso to a DVD with your preferred DVD burning software. Some options are available here for free DVD burning software - http://www.techsupportalert.com/best-free-cd-dvd-burning-software.htm

NB: Your CPU must support pae extensions, most modern computers do, if you're not sure search for the word 'pae' and your cpu in your favourite search engine.

For bug reporting and support, please visit - The Linux Distro Community Forums and post your thread in this section - http://www.linuxdistrocommunity.com/forums/forum-62.html with a clear description with as many details as possible.

Source -
http://www.linuxdistrocommunity.com/forums/thread-501.html

SQL Power Injector - helps the penetration tester to inject SQL commands on a web page

A graphical application created in C# .Net 1.1 that helps the penetration tester to inject SQL commands on a web page. Its main strength is its capacity to automate tedious blind SQL injection with several threads. Under Clarified Artistic License

Download SPInjv1.2.msi (6.0 MB)
Download other versions from here

Source -
http://sourceforge.net/projects/spinj/

Screenshot -

Thursday, October 25, 2012

LAMPSecurity Training

LAMPSecurity training is designed to be a series of vulnerable virtual machine images along with complementary documentation designed to teach linux,apache,php,mysql security.

Download lampsecurity_ctf6.zip (445.0 MB)
Download other files from here

LAMPSecurity Training Web Site

Source -
http://sourceforge.net/projects/lampsecurity/

Screenshot -

Snort 2.9.4 RC released - open source network intrusion prevention and detection system (IDS/IPS)

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.

Snort 2.9.4 includes changes for the following:

[*] New additions

* Consolidation of IPv6 -- now only a single build supports both IPv4 & IPv6, and removal of the IPv4 "only" code paths.

* File API and improvements to file processing for HTTP downloads and email attachments via SMTP, POP, and IMAP to facilitate broader file support

* Use of address space ID for tracking Frag & Stream connections when it is available with the DAQ

* Logging of packet data that triggers PPM for post-analysis via Snort event

* Decoding of IPv6 with PPPoE

[*] Improvements

* Update to Stream5 PAF for handling gaps in the sequence numbers of packets being reassembled.

* Selection of the Stream TCP policy based on the server rather than the destination of first packet seen by Snort

* Allow disabling of global thresholds via a count of -1

* Prevent blocking duplicate SYNs when using inline normalization

* Add SSLv3 backwards compatibility support for SSLv2 ClientHello messages

* Allow active responses to packets without data (eg, a TCP SYN)

* Changed logic of option evaluations for shared library rules that use a custom evaluation function to match that of the builtin logic when the NOT_FLAG is used. The 'NOT' matching now happens within each of the individual rule option evaluation functions.

Please see the Release Notes and ChangeLog for more details.

The purpose of this beta program is to allow people to get exposure to the technology and to use the code in real-world environments – and as an opportunity to solicit feedback on the design and user experience of the new Snort code as it evolves.