"ModSecurity is an Apache web server module that provides a web application firewall engine. The ModSecurity Rules Language engine is extrememly flexible and robust and has been referred to as the “Swiss Army Knife of web application firewalls.”
[…]
In order to enable users to take full advantage of ModSecurity out of the box, we have developed the Core Rule Set (CRS) which provides critical protections against attacks across most every web architecture."
Click

"radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. At its core, radmind operates as a tripwire. It is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change. Each managed machine may have its own loadset composed of multiple, layered overloads. This allows, for example, the operating system to be described separately from applications. Loadsets are stored on a remote server. By updating a loadset on the server, changes can be pushed to managed machines."
Click

"DRBD® refers to block devices designed as a building block to form high availability (HA) clusters. This is done by mirroring a whole block device via an assigned network. DRBD can be understood as network based raid-1."
Click

"Fierce domain scan was born out of a frustration after performing web application security audits. It is traditionally very difficult to discover large swaths of a corporate network that are non-contiguous. It's terribly easy to run a scanner against an IP range, but if the IP ranges are nowhere near one another you can miss huge chunks of networks.

Fierce is a reconnaissance tool, that was designed to locate likely targets both inside and outside a corporate network using passive techniques. Fierce is a Perl script and several modules that quickly scans domains (usually in just a few minutes, assuming no network lag) using several tactics."
Click

"GoogleSharing is a special kind of anonymizing proxy service, designed for a very specific threat. It ultimately aims to provide a level of anonymity that will prevent Google from tracking your searches, movements, and what websites you visit. GoogleSharing is not a full proxy service designed to anonymize all your traffic, but rather something designed exclusively for your communication with Google. Our system is totally transparent, with no special "alternative" websites to visit. Your normal work flow should be exactly the same."
Click

"Alliance takes the best from BitTorrent, Direct Connect and Waste and creates a decentralized and secure p2p network. It is a private and secure environment to share files and communicate with people you know. Alliance works on Windows, Linux and Mac."
Click

Danke für den Tipp lufthansen. Das Teil is deutlich besser weil einfacher zu handhaben als Retroshare.

"RetroShare is a Open Source cross-platform, private and secure decentralised communication platform.
It lets you to securely chat and share files with your friends and family, using a web-of-trust to authenticate peers and OpenSSL to encrypt all communication.
RetroShare provides filesharing, chat, messages, forums and channels"
Quelle: Click

"Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments."
Click

"FSVS is the abbreviation for “Fast System VerSioning”, and is pronounced [fisvis].
It is a complete backup/restore/versioning tool for all files in a directory tree or whole filesystems, with a subversion repository as the backend. "
Click

"The goal of Xplico is extract from an internet traffic capture the applications data contained.
For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT)."
Click

"SWFIntruder is the first tool for testing security in Flash movies. SWFIntruder is a runtime analyzer for SWF external movies. It helps to find flaws in Flash."
Click

Show Server
Cookie Editor
Nagios Status Plugin

Heute wurde von Google Chrome Beta veröffentlicht ein Grund nochmals den neuen Browser zu testen und zu überprüfen, ob die Negativ Liste vom letzten Jahr sich geändert hat.
Erfreulich ist anzumerken, dass die Lizenz angepasst wurde und meine Daten mir gehören und man kann (und sollte) alle "Telefonier nach Hause" Optionen ausschalten also "Vorschläge für Navigationsfehler anzeigen", "Automatische Vorschläge", sowie den "Phishing Schutz", dann surft man auch wirklich allein. Die Sicherheit wurde anscheinend ebenfalls verbessert, so sind dieses Jahr nur 3 Exploits für Chrome erschienen, im Vergleich in den ersten 3 Monaten waren es noch 10.
Last but not least freut es mich, dass es ein Ad-Block und ein Flash-Block, sowie ein Jamendo Radio Plugin gibt. Was mir persönlich jetzt nur noch fehlt ist ein Plugin womit ich Javascript selektiv freischalten kann (und vielleicht noch was zum HTTP Header anzeigen / manipulieren) und das man einstellen kann, dass man gar keine History hat also quasi einen permanenten Inkognito Modus.
Fazit: Chrome ist mittlerweile ein schicker, schlanker und benutzbarer Browser geworden :)
Click

"Quassel is a modern, cross-platform, distributed IRC client, meaning that one or more clients can attach to and detach from a central core, much like the popular combination of screen and a text-based IRC client, but graphical. In addition to this unique feature, it aims to be a comfortable chatting program."
Click

"Terminator is an application that provides lots of terminals in a single window, saving valuable screen space otherwise wasted on window decorations and not quite being able to fill the screen with terminals"
Click