■
RO (Romania ルーマニア) http://www.mse.co.jp/dom_reg/cctld/cgi-bin/dom_sel_cctld.cgi?action=cctld&tld=RO やっぱルーマニアは.roで、.ruじゃないやんけー。某飲みで否定されたので、 プレゼンと雑誌の双方でポカをやったかと青くなったけど、自分のほうが正 しくて一安心。 Honeyd Release 0.7 http://www.honeyd.org/release.php?version=0.7 関連情報 http://d.hatena.ne.jp/Ryw-A/20031124#p1 Honeynet Whitepapers (Japanese Translation) http://www.vogue.is.uec.ac.jp/secteam/honeynetpapers/ tcpstatflow - Covert Tunnel Detector http://www.securiteam.com/tools/6V00L008UE.html Process Explorer v8.04 http://www.sysinternals.com/ntw2k/freeware/procexp.shtml PCDS http://doornenburg.homelinux.net/scripts/pcds/ Process Change Detection System。 Remote Access Session http://salix.org/raccess/ osiris-2.1 http://osiris.shmoo.com/ http://sisyphus.iocaine.com/pipermail/osiris/2003-November/000040.html AIDE (Advanced Intrusion Detection Environment) http://www.cs.tut.fi/%7Erammer/aide.html 監視ツールMoodss http://japan.linux.com/desktop/03/11/11/032216.shtml http://jfontain.free.fr/moodss/ Intrusion Detection Exchange Architecture http://idea-arch.sourceforge.net/ snort統合監視ツール。クラサバ型Javaアプリ。 監視ツールMoodss http://japan.linux.com/desktop/03/11/11/032216.shtml http://jfontain.free.fr/moodss/ Pathalizer: Visual website usage analysis http://pathalizer.bzzt.net/ WEBサイト訪問者履歴図式化ツール A Virtual Honeypot Framework http://www.citi.umich.edu/techreports/reports/citi-tr-03-1.pdf LogIDS 2.0, LogAgent 5.0, SIDTk 1.0 http://iquebec.ifrance.com/securit/download.html http://d.hatena.ne.jp/Ryw-A/20031103#p4 Linux Security Module http://tf.happyhacking.net/archive/misc/lsm.html Port Requirements for Microsoft Windows Server System http://www.microsoft.com/downloads/details.aspx?familyid=e114b7e5-400f-45b6-9e1c-50968a0cc729&displaylang=en PivX Qwik-Fix v0.55 beta http://www.pivx.com/qwikfix/ superkit.tar.gz http://packetstormsecurity.nl/UNIX/penetration/rootkits/superkit.tar.gz Superkit is an extremely user-friendly rootkit that hides files, processes, and connections. It provides a password protected remote access connect-back shell initiated by a spoofed packet. It is loaded via /dev/kmem, without support for loadable modules required, and cannot be detected by checking the syscall table, because it redirects the kernel entry point to a private copy of the syscall table. A couple of backdoors are included. Cain & Abel v2.5 beta44 for Windows NT/2000/XP http://www.oxid.it/downloads/cain25b44.exe 懐かしいなぁ。まだアップデートしてたのね。