The Freefire Buletin #1 (1998-05-01) Monthly Newsletter
The Freefire Project tries to help Developers in building Firewall and
IT-Security Solutions based on Free Tools. You can find additional
information about the Project at the Homepage
<URL:http://www.inka.de/sites/freefire-l/index_en.html>
0 Executive Info (Ec)
---------------------
1 What is Free Software
Here You can read why the Freefire Project supports Free Software
2 IT-Security related Linklists
A Sample of Pages out there on the Net dealing with IT-Security
3 nmap - A neat Unix Portscanner
Supports nearly all well-known port scanning methods
4 nessus - The new Devil Inside
A free Security Scanner, based on GTK
5 Argus and IspMailGate - non-free but cool
Mailfilter and Network Intrusion Detection
1 What is Free Software (Ec)
-----------------------------
The Freefire Project Supports building Solutions based on Free Software.
Additional the Project Supports Free Information (even on non-free Security
Solutions).
I think the best two definitions for free software is given in the Debian Free
Software Guidelines <URL:http://www.debian.org/social_contract.html#guidelines>
and from the Open Source Initiative <URL:http://www.opensource.org/>.
It's time to give the Developers, Users and Consultants the Freedom of
choosing the Solution which fits best. To Modify, Check and Enhance Free
Solutions. Non-Free Toolkits like the TIS Fwtk have stoped the evolution of
free Solutions a lot. Personally I think even the evolution for Security
Solutions at all have suffered from this.
2 IT-Security related Links (Ec)
---------------------------------
Here is a small sample of Security related Pages out there on the Net. The
Reason that those Resources are listed on the Freefire Resources Page and in
this Buletin are because Information is the most important Tool for building
IT Security Solutions.
a) "IBM's ERS" has a very complete list of Organizations and Web-Pages,
Exploits on <URL:http://www.ers.ibm.com/security-links/seclinks-lst.html>
b) "Rotherwall: Firewall Mailing Lists" is a list of Mailinglists dedicated to
firewalls and security: <URL:http://www.zeuros.co.uk/firewall/mailist.htm>
And of course the resources Page of the Freefire Project:
<URL:http://www.inka.de/sites/lina/freefire-l/resources.html>
3 nmap - A neat Unix Portscanner (Ec)
--------------------------------------
The H/P/A Organisations have produced a lot of Scanners for detecting open
TCP/IP service ports. A lot of different methods are available. Now you dont
need a dozent different hacker-toolz, nmap is your friend. Supports a lot of
Methods, you can use it to test how good your Firewall realy is:
<URL:http://www.dhp.com/~fyodor/nmap/index.html>. On this page you will find
a lot of other scanners, too.
4 nessus - The new Devil inside (Ec)
-------------------------------------
Renaud Deraison has generated a free Client/Server Framework for doing
Security Scans. It features plug-ins to do the real Work. Clients for X11
(using the GTK Widgets) and Java will be available to launch 'attacks'.
The current alpha Version supports a lot of well known DoS Attacks
and a few remote exploits. <URL:http://www.nessus.org/>.
5 Argus and IspMailGate - non-free but cool (Ec)
-------------------------------------------------
IspMailFilter written in Perl is able to do SPAM or Virus Filtering and
anything else you wanted to do with your mail like PGP crypting.
$CPAN/authors/id/JWIED/Mail-ispmailgate-1.000.tar.gz
Argus is a Network Logging and Analysing tool. Good for Intrusion Detection.
The recent Beta 1.7 is ported on a few new Platforms like Linux. Can be
found at <URL:ftp://ftp.sei.cmu.edu/pub/argus/>.
Unfortunatelly both Solutions place License Restrictions on the Usage.
Authors of the current issue
----------------------------
Ec - Bernd 'eckes' Eckenfels <ecki@lina.inka.de>
(c) Copyright 1998 Bernd Eckenfels, Germany
Attachment:
pgpJA3caRxFIW.pgp
Description: PGP signature