Detect Linux rootkits

A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. Rootkit detection is difficult because a rootkit may be able to subvert the software that is intended to find it. Detection methods include using an alternate, trusted
Continue reading Detect Linux rootkits

OSSEC: Host-based Intrusion Detection System

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows. OSSEC is composed of multiple pieces. It has a central manager monitoring everything and receiving information
Continue reading OSSEC: Host-based Intrusion Detection System

Open Source Tripwire: a security and data integrity tool

Open Source Tripwire software is a security and data integrity tool useful for monitoring and alerting on specific file change(s) on a range of systems. The project is based on code originally contributed by Tripwire, Inc. in 2000. Open Source Tripwire is suitable for monitoring a small number of servers where centralized control and reporting
Continue reading Open Source Tripwire: a security and data integrity tool

Metasploit: Penetration Testing Resources

The open source project Metasploit provides useful information and tools for penetration testers, security researchers, and IDS signature developers. This project was created to provide information on exploit techniques and to create a functional knowledgebase for exploit developers and security professionals. The tools and information on this site are provided for legal security research and
Continue reading Metasploit: Penetration Testing Resources