|
 |
dissabte, 23 / desembre / 2006 |
|
|
 «The Sleuth Kit» és una col·leció d'eines per a la realització d'anàlisis forenses que permeten l'extracció de dades a partir de l'anàlisi de l'estructura interna del sistema de fitxers. Dóna suport a un bon nombre de sistemes de fitxers (NTFS, FAT, FF, EXT2 i EXT3), treballant sempre d'una forma no intrusiva i sense utilitzar les primitives del sisrtema operatiu per a l'accés a disc.
|
16:30 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
Botan és una biblioteca de funcions de criptografia, fàcil d'utilitzar i amb una alta portabilitat. Dóna suport a aquests algoritmes
Block Ciphers: Blowfish, CAST256, CAST5, CS-Cipher, DES/DESX/TripleDES, GOST, IDEA, Lion, Luby-Rackoff, MISTY1, RC2, RC5, RC6, Rijndael, SAFER-SK128, Serpent, SHARK, Skipjack, Square, TEA, Threeway, Twofish, XTEA
Block Cipher Modes: CBC, CTS, CFB, OFB, Counter
Stream Ciphers: ARC4, ISAAC, SEAL
Hash Functions: HAVAL, MD2, MD4, MD5, RIPE-MD128, RIPE-MD160, SHA-1, SHA2-256, SHA2-512, Tiger
Checksums: Adler32, CRC24, CRC32
MACs: EMAC, HMAC, MD5-MAC
RNGs: Randpool, X9.17 RNG
Disponible per a Windows, Mac OS X i sistemes *nix (Linux, BSD, Solaris, BeOS, QNX) en diverses plataformes (x86, x86-64, IA-64, PowerPC, SPARC, Alpha, MIPS i ARM).
|
16:27 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
Eraser és una eina per esborrar dades del disc dur de forma segura i evitant-ne la recuperació. Fa diverses escriputres, primer amb tot '0', després amb tot '1' i a continuació diverses vegades:
Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP, Windows 2003 Server and DOS.
Eraser is Free software and its source code is released under GNU General Public License.
The patterns used for overwriting are based on Peter Gutmann's paper "Secure Deletion of Data from Magnetic and Solid-State Memory" and they are selected to effectively remove magnetic remnants from the hard drive.
Other methods include the one defined in the National Industrial Security Program Operating Manual of the US Department of Defence and overwriting with pseudorandom data. You can also define your own overwriting methods.
|
16:24 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
[All About Linux] Various ways of detecting rootkits in GNU/Linux. Presenta dos sistemes per a la detecció de rootkits:
- Rootkit hunter
This script will check for and detect around 58 known rootkits and a couple of sniffers and backdoors and make sure that your machine is not infected with these. It does this by running a series of tests which check for default files used by rootkits, wrong file permissions for binaries, checking the kernel modules and so on.
- Chkrootkit
This is another very useful program created by Nelson Murilo and Klaus Steding Jessen which aids in finding out any rootkits on your machine. Unlike Rootkit hunter program, chrootkit does not come with an installer, rather you just unpack the archive and execute the program by name chrootkit. And it conducts a series of tests on a number of binary files. Just like the previous program, this also checks all the important binary files, searches for telltale signs of log files left behind by an intruder and many other tests. In fact, if you pass the option -l to this command, it will list out all the tests it will conduct on your system.
|
16:04 (# Enllaç permanent) | Comentaris: | Trackback:
|
|
© Copyright 2000-2006 Xavier Caballe.  . Si no s'indica expressament el contrari, el material publicat en aquest weblog es distribueix d'acord amb la llicència Creative Commons. El contingut és responsabilitat única i exclusivament del seu autor i no té cap relació amb les seves activitats professionals.
|
|
