The Freefire Buletin #1 (1998-05-01) Monthly Newsletter The Freefire Project tries to help Developers in building Firewall and IT-Security Solutions based on Free Tools. You can find additional information about the Project at the Homepage <URL:http://www.inka.de/sites/freefire-l/index_en.html> 0 Executive Info (Ec) --------------------- 1 What is Free Software Here You can read why the Freefire Project supports Free Software 2 IT-Security related Linklists A Sample of Pages out there on the Net dealing with IT-Security 3 nmap - A neat Unix Portscanner Supports nearly all well-known port scanning methods 4 nessus - The new Devil Inside A free Security Scanner, based on GTK 5 Argus and IspMailGate - non-free but cool Mailfilter and Network Intrusion Detection 1 What is Free Software (Ec) ----------------------------- The Freefire Project Supports building Solutions based on Free Software. Additional the Project Supports Free Information (even on non-free Security Solutions). I think the best two definitions for free software is given in the Debian Free Software Guidelines <URL:http://www.debian.org/social_contract.html#guidelines> and from the Open Source Initiative <URL:http://www.opensource.org/>. It's time to give the Developers, Users and Consultants the Freedom of choosing the Solution which fits best. To Modify, Check and Enhance Free Solutions. Non-Free Toolkits like the TIS Fwtk have stoped the evolution of free Solutions a lot. Personally I think even the evolution for Security Solutions at all have suffered from this. 2 IT-Security related Links (Ec) --------------------------------- Here is a small sample of Security related Pages out there on the Net. The Reason that those Resources are listed on the Freefire Resources Page and in this Buletin are because Information is the most important Tool for building IT Security Solutions. a) "IBM's ERS" has a very complete list of Organizations and Web-Pages, Exploits on <URL:http://www.ers.ibm.com/security-links/seclinks-lst.html> b) "Rotherwall: Firewall Mailing Lists" is a list of Mailinglists dedicated to firewalls and security: <URL:http://www.zeuros.co.uk/firewall/mailist.htm> And of course the resources Page of the Freefire Project: <URL:http://www.inka.de/sites/lina/freefire-l/resources.html> 3 nmap - A neat Unix Portscanner (Ec) -------------------------------------- The H/P/A Organisations have produced a lot of Scanners for detecting open TCP/IP service ports. A lot of different methods are available. Now you dont need a dozent different hacker-toolz, nmap is your friend. Supports a lot of Methods, you can use it to test how good your Firewall realy is: <URL:http://www.dhp.com/~fyodor/nmap/index.html>. On this page you will find a lot of other scanners, too. 4 nessus - The new Devil inside (Ec) ------------------------------------- Renaud Deraison has generated a free Client/Server Framework for doing Security Scans. It features plug-ins to do the real Work. Clients for X11 (using the GTK Widgets) and Java will be available to launch 'attacks'. The current alpha Version supports a lot of well known DoS Attacks and a few remote exploits. <URL:http://www.nessus.org/>. 5 Argus and IspMailGate - non-free but cool (Ec) ------------------------------------------------- IspMailFilter written in Perl is able to do SPAM or Virus Filtering and anything else you wanted to do with your mail like PGP crypting. $CPAN/authors/id/JWIED/Mail-ispmailgate-1.000.tar.gz Argus is a Network Logging and Analysing tool. Good for Intrusion Detection. The recent Beta 1.7 is ported on a few new Platforms like Linux. Can be found at <URL:ftp://ftp.sei.cmu.edu/pub/argus/>. Unfortunatelly both Solutions place License Restrictions on the Usage. Authors of the current issue ---------------------------- Ec - Bernd 'eckes' Eckenfels <ecki@lina.inka.de> (c) Copyright 1998 Bernd Eckenfels, Germany
Attachment:
pgpJA3caRxFIW.pgp
Description: PGP signature