|
Unix Tools
|
|
|
General Security Tools
-
-
Dig
-
- Fremont
-
- gated
-
- host
-
- lsof
-
- nfswatch
-
- rdist
-
- sendmail
-
- tcpdump
-
- traceroute
-
- Washington University ftpd
The dig utility by Steve Hotz and Paul Mockapetris.
This is a command-line tool for
querying Domain Name
System servers. It is much easier to use than
nslookup, and is well-suited for use within shell
scripts.
![[Download]](/file/34401/Supernet21.iso/offline/w32/images/z0000087.GIF)
The fremont utility from the University of Colorado.
A research prototype for discovering key network
characteristics such as hosts, gateways, and topology.
Stores this information in a database, and can then
notify the administrator of anomalies detected.
![[Information]](/file/34401/Supernet21.iso/offline/w32/images/z0000103.GIF)
The gated program from Cornell University. A network
routing daemon that understands the BGP, EGP, RIP, RIP II, OSPF,
and HELLO protocols.
The primary advantage
to gated is that it is much more configurable than the
routed program that comes with most UNIX systems; this
can be useful when constructing firewalls or otherwise
trying to limit the advertisement or acceptance of
routing information.
The host program by Eric Wassenaar. A program for
obtaining information from the Domain Name System.
Much more flexible than nslookup, and well-suited for
use in shell scripts.
The lsof program by Vic Abell. A descendant of ofiles
and fstat, lsof is used to list all open files (and
network connections, pipes, streams, etc.) on a system.
Can find out which processes have a given file
open, which files a specific process has open, and so
forth. Useful for tracing network connections to the
processes using them, as well.
The nfswatch program by Dave Curry and Jeff Mogul.
Monitors the local network for
NFS packets, and
decodes them by client and server name, procedure
name, and so forth. Can be used t
to determine how much
traffic each client is sending
to a server, what users
are accessing the server, and several other modes.
The rdist program from the University of Southern California.
This is a replacement for the rdist software
distribution utility that originated in Berkeley UNIX
and is now shipped with most vendors' releases. In
addition to a number of wonderful new features and
improvements, this version has had all known rdist
security holes fixed. This version does not need to
run set-user-id ``root,'' unlike the standard version.
The sendmail program by Eric Allman. This version is a successor
to the version described in the
sendmail book from O'Reilly and Associates, and is
much newer than the versions shipped by most UNIX vendors.
In addition to a number of improvements and bug
fixes, this version has all known sendmail security
holes fixed. It is likely that this version of
sendmail is more secure than the versions shipped by
any UNIX vendor.
The tcpdump program by Van Jacobson. This program is
similar to Sun's etherfind, but somewhat more powerful
and slightly easier to use. It captures packets from
an Ethernet in promiscuous mode, and displays their
contents. Numerous options exist to filter the output
down to only those packets of interest. This version
runs on a number of different UNIX platforms.
The traceroute program by Van Jacobson. A utility to
trace the route IP packets from the current system
take in getting to some destination system.
The ftpd program from Washington University. This
version is designed for use by large FTP sites, and
provides a number of features not found in vendor
versions, including increased security. This is the
ftpd used by most major FTP sites, including
wuarchive.wustl.edu,
ftp.uu.net, and
oak.oakland.edu.
NOTE: Releases of wu-ftpd prior to version 2.4 have a
serious security hole in them, and should be replaced
as soon as possible with the latest version.
[CIAC Home Page]
[Disclaimer]
Last modified: Thursday, 14-Nov-96 10:10:15 PST
CIAC / webmaster@ciac.llnl.gov