Lynis – Security auditing tool for Unix/Linux systems – Lynis is an open source security auditing tool. Primary goal is to help users with auditing and hardening of Unix and Linux based systems. The software is very flexible and runs on almost every Unix based system (including Mac). Even the installation of the software itself is optional!
Nagios 4 (core) Check_mk pnp4Nagios Nagvis – About monitoring – Since Nagios 4 version release there was an important addon update pending. Recently, check_mk released its innovation version check_mk-1.2.5i2 including MK Livestatus with compatibility with Nagios Core 4. We need therefore check_mk-1.2.5i2 or higher to run check_mk with Nagios Core 4.
RIPS – Static Source Code Analysis For PHP Vulnerabilities – Darknet – The Darkside – [...] RIPS is a tool written in PHP to find vulnerabilities using static source code analysis for PHP web applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.[...] [via http://www.bufferoverflow.it/ ]
These are my links for 2 ott 2014 through 3 ott 2014:
NetApp built-in packet capture | VirtuallyMikeBrown – They way I use this, as you might expect, is to start the capture, perform the operation that’s failing, and then stop the capture. So as not to capture too much traffic and therefore have to wade through all of it, I try to perform those steps rather quickly. But then again, if you know a few useful features of Wireshark, you can get around in the capture file pretty easily.
debsecan – The debsecan program evaluates the security status of a host running the Debian operation system. It reports missing security updates and known vulnerabilities in the programs which are installed on the host. debsecan accesses the dpkg database and obtains a list of installed packages and their versions. This list is then evaluated against a feed of vulnerability information which ultimately comes from a database maintained by Debian's Testing Security Team . Various output formats are supported, including incremental reporting via email. Beginning with version 0.2, debsecan includes a script called debsecan-create-cron, which allows you to create a cron job which periodically sends you mail (once per day) when the security status of the system changes.
Barriers, Caches, Filesystems | monolight – With the recent proliferation of ext4 as the new “default” Linux filesystem there’s been much talk of write barrier support. The flurry of post-2.6.18 barrier related development in most storage subsystems has left some novice users and administrators perplexed. I hope I can clear it up a bit with this primer/refresher.
SMTP, testing via Telnet – FreeBSDwiki – When troubleshooting problems with SMTP service – your own, or others – it is frequently very helpful to be able to "speak" to the SMTP server directly, rather than going through a mail client which won't necessarily tell you exactly what the SMTP server is saying. You can easily do this with the telnet client. Note that many ISPs do not allow outbound connections on port 25 to any SMTP server but their own – if you get timeouts when trying to connect to port 25, you should try port 587, which is the standard ESMTP port. (Port 587 connections normally require SMTP AUTH, which is covered below.)