Under9rounD.org

Nessus Security Scanner is an open-source vulnerability scanner that you can use to audit your network. Available from http://www.nessus.org, Nessus has three primary components: a server that launches tests, a client that controls the server, and vulnerability plugins. The server/client division lets clients communicate with one server and lets you distribute tests among different users, and Nessus’s many plugins let you run different attacks against a specified host and determine which holes are exploitable.

Although originally developed for UNIX systems—in fact, the Nessus server component runs only on UNIX—Nessus’s plugins can attack Windows machines as well, and a GUI client called NessusWX is available for Windows. The scanner uses OS-fingerprinting techniques to identify the target OS and runs only plugins related to that OS.

Read the rest of this entry »

SpoofGuard is a tool to help prevent a form of malicious attack called “web spoofing” or “phishing.”  Phishing attacks usually involve deceptive e-mail that appears to come from a popular commercial site. The email explains that the recipient has an account problem, or some other reason to visit the commercial site and log in. However, the link in the email sends the user to a malicious “spoof” site that collects user information such as account names, passwords, and credit card numbers. Once your user information is collected by a “spoof:” site, criminals may log into your account or cause other damage.

Read the rest of this entry »

::VulnScan & Expl0iters::
+Absinthe 1.3.1 Windows
+AnonFTP Anonymous Scanner
+Apache Scanner
+CGI Scanner
+DarkScanner 2.0
+FTP-IIS Fx Scanner
+HScan 1.20
+HTTP Server Detector
+ISS Internet Scanner v6.2.1
+JAAScoisX-Code RFI Code Exec Scanner
+N-Stealth Security Scanner v3.7 Built 67
+RFI T00l
+WebCheck
+Win32 x86 RFI Vuln Scanner Read the rest of this entry »

Safety Lab Shadow Security Scanner is a Proactive Computer Network Security Vulnerability Assessment Scanner with over 5000 audits.
This is a new generation of hi-tech software (network vulnerability assessment scanner) that perfor
med greatly in the 20th century and remains on the front line in the new millennium! Shadow Security Scanner (network vulnerability assessment scanner) has earned the name of the fastest - and best performing - security scanner in its market sector, outperforming many famous brands. Shadow Security Scanner has been developed to provide a secure, prompt and reliable detection of a vast range of security system holes. After completing the system scan, Shadow Security Scanner analyses the data collected, locates vulnerabilities and possible errors in server tuning options, and suggests possible ways of problem solution. Shadow Security Scanner employs a unique system security analysis algorithm based on a patented “intellectual core” Read the rest of this entry »

Nessus is a free, easy to use remote security scanner that is a client-server application. The application is hosted on a server (typically a Unix server), where the software can be kept up-to-date. Nessus scans any system, whether it runs Windows, Mac OS or Unix/Linux. A client server application such as nessus makes it possible to keep one easily-updatable software on a server and makes it easily accessible by as many clients as desired. Nessus also “doesn’t take anything for granted” (nessus.org). No matter how your server or workstation is set up or what operating system it uses, it will scan for security vulnerabilities. For example, say your typical webserver is serving a site on port 8080 instead of the regular port 80. Nessus will scan all open ports, regardless of common and defaulted settings. Read the rest of this entry »

Product Details

• Paperback: 912 pages
• Publisher: Cisco Press; 2 edition (August 9, 2007)
• Language: English
• ISBN-10: 1587054574
• ISBN-13: 978-1587054570
• Book Description
  

  Cisco ASA, PIX, and FWSM Firewall Handbook, Second Edition, is a guide for the most commonly implemented features of the popular Cisco® firewall security solutions. Fully updated to cover the latest firewall releases, this book helps you to quickly and easily configure, integrate, and manage the entire suite of Cisco firewall products, including ASA, PIX®, and the Catalyst® Firewall Services Module (FWSM). Read the rest of this entry »

  

Product Details

• Paperback: 848 pages
• Publisher: Prentice Hall PTR; 2 edition (November 13, 2002)
• Language: English
• ISBN-10: 0130464562
• ISBN-13: 978-0130464569
• Book Info
  A hands-on guide to protecting Linux data from security risks. Introduces readers to the seven deadly sins of Linux security, showing how to set up firewalls, break in case studies, block spam, develop internal security policies, and recover from an intrusion quickly. Softcover. DLC: Linux. –This text refers to an out of print or unavailable edition of this title. Read the rest of this entry »
  

Product Details

• Paperback: 296 pages
• Publisher: Apress; 1st ed. 2004. Corr. 2nd printing edition (May 17, 2004)
• Language: English
• ISBN-10: 1590593782
• ISBN-13: 978-1590593783
• Book Description
  Hardening Apache explains how to configure Apache safely, and secure an existing installation. It covers the most important issues–like downloading, logging, and administration, as well as the most important security-oriented web sites. This book even discusses advanced system administration techniques, such as jailing Apache and securing third-party modules, and web-related RFC details.
• Read the rest of this entry »
  

Product Details

• Paperback: 280 pages
• Publisher: Apress; 1 edition (November 1, 2004)
• Language: English
• ISBN-10: 1590591151
• ISBN-13: 978-1590591154
• Book Description
  Any company using .NET will eventually (if they haven’t already) be exposing part of their functionality as a .NET Web Service, and how to secure these features will become job number one. Web Services security in the .NET Platform will be the comprehensive treatment on how to secure Web Services on the .NET platform and is completely up-to-date for the latest version of Visual Studio .NET. This book specifically focuses on Web Services security, not general .NET security.
• Read the rest of this entry »
  

This is the first of two books serving as an expanded and up-dated version of Windows Server 2003 Security Infrastructures for Windows 2003 Server R2 and SP1 & SP2. The authors choose to encompass this material within two books in order to illustrate the intricacies of the different paths used to secure MS Windows server networks.

Since its release in 2003 the Microsoft Exchange server has had two important updates, SP1 and SP2. SP1, allows users to increase their security, reliability and simplify the administration of the program. Within SP1, Microsoft has implemented R2 which improves identity and access management across security-related boundaries. R2 also improves branch office server management and increases the efficiency of storage setup and management. The second update, SP2 minimizes spam, pop-ups and unwanted downloads. These two updated have added an enormous amount of programming security to the server software.

* Covers all SP1 and SP2 updates
* Details strategies for patch management
* Provides key techniques to maintain security application upgrades and updates

Read the rest of this entry »