Maximum Security:

A Hacker's Guide to Protecting Your Internet Site and Network

Previous chapterContents

D

What's on the CD-ROM

On the Maximum Security CD-ROM, you will find some of the sample files that have been presented in this book along with a wealth of other applications and utilities.
NOTE: Refer to the readme file on the CD-ROM for the latest listing of software. Also, in the readme file, you will find instructions on how to install one or more HTML presentations. In particular, there is an HTML presentation that will link you to most Web sites mentioned throughout this book. 

Windows Software

The following network utilities for Windows are on the CD-ROM. This listing provides contact information for each company and a description of its product.

DataGuard 1.3 Demo Release

DataGuard allows secure and rapid enciphering of files and directories. Data encrypted in this way can be sent using standard e-mail programs via public networks (such as the Internet); secure data transmission is guaranteed. The use of efficient, optimized algorithms reduces high performance losses in the system due to the encryption and decryption process without endangering security. Requires Windows 95 or NT 4.0.

Secure Link Services AG

Ruchstuckstrasse 6, 8306 Brüttisellen, Switzerland

Voice: +41 1 805 53 53

Fax: +41 1 805 53 10

E-mail: info@sls.net

URL: http://www.sls.net/, http://www.sls.ns.ca/dataguard/dataguard.html

File Lock Series

File Lock 95 Lite uses the Standard or Enhanced encryption method to protect any information that is for your eyes only, such as a personal diary or finance information.

File Lock 95 Standard includes two additional encryption methods: the RUBY and the Diamond. This is ideal for business-related information protection.

File Lock Wizard for Windows 95 is the easiest of the File Lock series. It comes complete with three encryption algorithms with four compression algorithms. It is the best in data protection for the home PC user.

These products require Windows 95 or NT and are fully functional trial versions with a limited number of days.

D & L Computing

P.O. Box 6141

Huntsville, AL, 35824

Voice: 205-772-3765

Fax: 205-772-8119

E-mail: DLComputing@Juno.com, DLCSales@Juno.Com

URL: http://www.dlcomputing.com/

SAFEsuite

SAFEsuiteTM is a family of network security assessment tools designed to audit, monitor, and correct all aspects of network security. Internet Scanner is the fastest, most comprehensive, proactive UNIX and Windows NT security scanner available. It configures easily, scans quickly, and produces comprehensive reports. Internet Scanner probes a network environment for selected security vulnerabilities, simulating the techniques of a determined intruder. Depending on the reporting options selected, Internet Scanner provides information about each vulnerability found: location, in-depth description, and suggested corrective actions. (Requires Windows NT.)

Internet Security Systems, Inc. (ISS)

41 Perimeter Center East, Suite 660

Atlanta, GA, 30071

Voice: 770-395-0150

Fax: 770-395-1972

E-mail: info@iss.net

URL: http://www.iss.net

EtherBoy (Of the NetMan Suite)

EtherBoy gives you affordable real-time multiprotocol network monitoring on your IBM- compatible PC. It provides insights and answers to a large number of network management and usage questions. Because EtherBoy is totally passive, no additional load is placed on your network resources. It is an ideal addition to your desktop-based management station, or as a laptop-based portable network probe. A unique tool that combines many security techniques into a single package, EtherBoy can: EtherBoy will work on both the Microsoft Windows and Microsoft Windows 95 platforms.

NDG Software

P.O. Box 1424

Booragoon, WA, 6154, Australia

Voice: +61 9 388 8814

Fax: +61 9 388 8813

E-mail: lou@ndg.com.au

URL: http://www.ndg.com.au

WebBoy

WebBoy is a complete Internet/intranet monitoring package. It provides statistics on standard Web traffic, including URLs accessed, cache hit ratios, Internet protocols, and user-defined protocols. To aid the security-conscious administrator, WebBoy provides a configurable alarm mechanism to enable monitoring and notification of unusual network activity. In particular, WebBoy is invaluable in summarizing top hosts, URLs, proxies, Web clients, servers, and alarms. WebBoy will work on both the Microsoft Windows and Microsoft Windows 95 platforms.

NDG Software

P.O. Box 1424

Booragoon, WA, 6154, Australia

Voice: +61 9 388 8814

Fax: +61 9 388 8813

E-mail: lou@ndg.com.au

URL: http://www.ndg.com.au

PacketBoy

PacketBoy is a packet analyzer/decoder package capable of decoding many of the commonly used LAN protocols. Protocols that can be decoded include TCP/IP, IPX (Novell NetWare), AppleTalk, Banyan, and DECNET protocol suites. Multiple captures can be loaded and saved to disk. To aid the security-conscious administrator, PacketBoy provides a configurable capture trigger to automatically start packet capture when unusual or undesirable network activity occurs. It is an ideal addition to your desktop-based management station, or as a laptop-based portable network probe. Supports DOS and Windows 95.

NDG Software

P.O. Box 1424

Booragoon, WA, 6154, Australia

Voice: +61 9 388 8814

Fax: +61 9 388 8813

E-mail: lou@ndg.com.au

URL: http://www.ndg.com.au

Point 'n Crypt World 1.5

Point 'n Crypt World 1.5 is a Windows extension that allows users to quickly and easily encrypt any desktop file. It is the easiest disk/file encryption system on the market. Based on 40-bit DES-CBC mode encryption (exportable outside North America), Point 'n Crypt World puts a secure envelope around any document you want to keep private. Whether it resides on a desktop, within a file system, or needs to travel across public information highways (such as the Internet), your information will be protected. Offering easy-to-use privacy, Point 'n Crypt World is distributed to a varied group of users from novices to experts. Point 'n Crypt requires little or no tutoring. Installing and using Point 'n Crypt World is elegantly simple. The installation is brief, straightforward, and virtually foolproof. Extensive online help is included to get you over any rough spots or to learn about Point 'n Crypt World's cryptographic internals. Simply right-click any desktop file, select Encrypt, provide a passphrase, and it's done. Point 'n Crypt World is available for $29.95 from the Soundcode Web site at www.soundcode.com. For stronger encryption, check out Point 'n Crypt Professional (list price $59.95), which supports 448-bit Blowfish and 168-bit Triple DES.

Soundcode, Inc.

11613 124th Avenue NE, Suite G-317

Kirkland, WA, 98034-8100

Voice: 206-828-9155

Fax: 206-329-4351

Toll-Free: 1-888-45-SOUND (76863)

E-mail: pete@soundcode.com

URL: http://www.soundcode.com

GeoBoy

GeoBoy is a geographical tracing tool capable of tracing and displaying routes taken by traffic traversing the Internet. GeoBoy allows you to locate Internet delays and traffic congestion. GeoBoy resolves geographical locations from a series of cache files that can be updated and customized by the user. Supports Windows 95.

NDG Software

P.O. Box 1424

Booragoon, WA, 6154, Australia

Voice: +61 9 388 8814

Fax: +61 9 388 8813

E-mail: lou@ndg.com.au

URL: http://www.ndg.com.au

NetScanTools 32 Bit v2.42

NetScanTools 32 Bit v2.42, designed by Northwest Performance Software, combines a number of UNIX network analysis utilities in a single package that runs under Microsoft Windows 95 and Microsoft Windows NT. Northwest Performance Software

PO Box 148

Maple Valley, WA, 98038-0148

Voice: 253-630-7206

Fax: 253-639-9865, 425-413-0745

E-mail: sales@nwpsw.com

URL: http://www.nwpsw.com/, http://www.eskimo.com/~nwps/index.html

WinU 3.2

WinU is a tamper-proof replacement user interface for Windows 95 with access control, time-limit, and security features. It's easy to set up, easy to use, and virtually impossible to circumvent. This makes WinU excellent for parents who want to allow children to use only certain software on the family PC. Any program or desktop can be password-protected or time- limited. You can set up different WinU desktops, with different programs and customizations, for each member of the family. Businesses can use WinU to allow employees to run only authorized software, making other programs unavailable. WinU is also ideal for public-access computers. You can let patrons use your computers without worrying that they might change the computer's setup or delete important files.

Bardon Data Systems

1164 Solano Avenue #415

Albany, CA, 94706

Voice: 510-526-8470

Fax: 510-526-1271

E-mail: bsmiler@bardon.com

URL: http://www.bardon.com

PrivaSuite

PrivaSuite encrypts any text, fax, or file in any language and any format. It can encrypt individual cells in a spreadsheet or encrypt the entire spreadsheet. PrivaSuite makes compartmentalization of information simple and fast. You can encrypt individual clauses in a contract, encrypt the whole contract, or do both--multilayer encryption is effortless with PrivaSuite. You can encrypt files saved on your hard drive or on the network for "eyes only" access and encrypt hard-copy documents so that only you and the intended recipient can read them. In short, if the information is on your computer, PrivaSuite can encrypt it with just 2-3 keystrokes, and with virtually no interruption to your workflow. The program works in Microsoft Windows 3.x and 95 and employs a 56-bit DES engine (wherever allowed) or 40-bit international engine.

Aliroo Ltd.

30100 Town Center Drive, Suite 0344

Laguna Niguel, CA, 92677

Voice: 714-488-0253

Fax: 714-240-2861

E-mail: steve@aliroo.com

URL: http://www.aliroo.com

HideThat 2.0

HideThat is a fully customizable secure screen saver, utilizing your logos, pictures, and messages. Several security features are included, along with an extensive help file on PC security. HideThat works on the Microsoft Windows 95 platform.

CobWeb Applications

Cherry Tree Cottage

Leatherhead Road

Surrey, UK KT23 4SS

Voice: +44 1372 459040

Fax: +44 1372 459040

E-mail: mikec@cobweb.co.uk

URL: http://www.cobweb.co.uk

WebSENSE

WebSENSE is an advanced Internet content screening system that allows organizations to monitor and eliminate network traffic to Internet sites deemed inappropriate or otherwise undesirable in their networked environment. WebSENSE is implemented as a Windows NT service running on a single Windows NT computer, eliminating the need for software to be loaded on individual user workstations. Additionally, WebSENSE supports a wide range of TCP protocols, including HTTP, Gopher, FTP, Telnet, IRC, NNTP, and RealAudio. The recommended minimum requirements are Intel 486, 16MB RAM, and Windows NT 3.51 (or greater).

NetPartners Internet Solutions, Inc.

9210 Sky Park Court, 1st Floor

San Diego, CA, 92123

Voice: 619-505-3044

Fax: 619-495-1950

E-mail: jtrue@netpart.com

URL: http://www.netpart.com

Cetus StormWindows

Cetus StormWindows&tm; for Windows 95 allows authorized users to add several types and degrees of protections to the desktop and system of a Windows 95 computer. Intelligent use of StormWindows security measures will allow secure use of any shared Windows 95 PC (a version for Windows NT 4 is under development). Examples of desktop protections include Some of the system protections include StormWindows security schemes can be imported from and exported to other computers by disk. StormWindows changes do not require the use of policies. StormWindows protections would probably be most useful to someone in charge of a number of computers at a school or business, a network manager, or a parent. Access to StormWindows is password protected.

Cetus Software Inc.

P.O. Box 700

Carver, MA, 02330

E-mail: support@cetussoft.com

URL: http://www.cetussoft.com/

PGP for GroupWise

PGP for GroupWise provides seamless integration between GroupWise versions 4.1 and 5.x and either the DOS or Windows versions of PGP. With the software, you can create public encryption keys, mail your keys to others, encrypt, digitally sign, decrypt, and verify digital signatures in order to maintain privacy in your Internet or intranet communications. Attached documents can by encrypted as well.

Risch Consulting

E-mail: mvrisch@midway.uchicago.edu

URL: http://student-www.uchicago.edu/users/mvrisch/mi01000.htm

Windows Task-Lock

Windows Task-Lock, version 4.1 (sgllock.zip) provides a simple, inexpensive, but effective way to password-protect specified applications for Windows 95 no matter how they are executed. It is easy to configure and requires little or no modifications to your current system configuration. Optional sound events, stealth mode, and password time-out are included. The administrator password is enabled for site licenses. Online help is provided. (Windows 95 required.)

Posum L.L.C.

P.O. Box 21015

Huntsville, AL, 35824

Fax: 205-895-8361

E-mail: 103672.2634@compuserve.com

URL: http://posum.com/

Windows Enforcer

Windows Enforcer, version 4.0 (enforcer.zip) protects systems that are accessible to many people and require a consistent configuration and a consistent limited selection of services such as public displays or computer labs. It is also great for child-proofing individual systems. This is accomplished by ensuring that user-specified tasks either never run, always run, or are allowed to run. It is easy to configure and requires little or no modifications to your current system configuration. Optional user-specified sounds for the startup and access-denied events are also available. Online help is provided. (Windows 3.x and Windows 95.)

Posum L.L.C.

P.O. Box 21015

Huntsville, AL, 35824

Fax: 205-895-8361

E-mail: 103672.2634@compuserve.com

URL: http://posum.com/

UNIX Software

The following utilities for UNIX are on the CD-ROM. This listing provides contact information for each company and a description of its product.

Portus Secure Network Firewall

Portus is an NCSA-certified high-performance application-proxy gateway. It supports all TCP/IP connections and has a UDP proxy add-on. It offers high levels of security without becoming network chokepoint. Products include Portus Secure Network Firewall for AIX, Portus Secure Network Firewall for Solaris, Portus Secure Network Firewall Installation and Administration Guide (Acrobat file), and Portus Secure Network Firewall General Information Manual--Firewall Tutorial (Acrobat file). These are 30-day fully functional demos.

Freemont Avenue Software, Inc.
2825 Wilcrest, Suite 160
Houston, TX, 77042
Voice: 713-974-3274
Fax: 713-978-6246
E-mail: portus@lsli.com

Datalynx, Inc.
Voice: 619-560-8112
Fax: 619-560-8114
E-mail: sales@dlxguard.com
URL: http://www.dlxguard.com

SATAN (Security Administrator's Tool for Analyzing Networks)

SATAN recognizes several common networking-related security problems and reports them without actually exploiting them. For each type of problem found, SATAN offers a tutorial that explains the problem and what its impact could be. The tutorial also explains what can be done about the problem. SATAN collects information that is available to everyone with access to the network. With a properly configured firewall in place, that should be near-zero information for outsiders. SATAN will inevitably find problems. Here's the current problem list: System requirements: UNIX, at least 16MB of RAM, and 50mHz. Authors: Dan Farmer and Weitse Venema

Location: http://www.trouble.org/~zen/satan/satan.html

Strobe

Strobe is a network/security tool that locates and describes all listening TCP ports on a (remote) host or on many hosts in a manner that maximizes bandwidth utilization and minimizes process resources manner. Strobe approximates a parallel finite state machine internally. In nonlinear multihost mode, it attempts to apportion bandwidth and sockets among the hosts very efficiently. This can reap appreciable gains in speed for multiple distinct hosts/routes. On a machine with a reasonable number of sockets, strobe is fast enough to port scan entire Internet subdomains. It is even possible to survey an entire small country in a reasonable time from a fast machine on the network backbone, provided the machine in question uses dynamic socket allocation or has had its static socket allocation increased very appreciably (check your kernel options). Strobe is said to be faster than ISS2.1 (a high quality commercial security scanner by cklaus@iss.net and friends) or PingWare (also commercial). Author: Julian Assange

Location: http://sunsite.kth.se/Linux/system/Network/admin/

SAFEsuite

SAFEsuite&tm; is a family of network security assessment tools designed to audit, monitor, and correct all aspects of network security. Internet Scanner is the fastest, most comprehensive, proactive UNIX and Windows NT security scanner available. It configures easily, scans quickly, and produces comprehensive reports. Internet Scanner probes a network environment for selected security vulnerabilities, simulating the techniques of a determined intruder. Depending on the reporting options selected, Internet Scanner provides information about each vulnerability found: location, in-depth description, and suggested corrective actions.

Internet Security Systems, Inc. (ISS)

41 Perimeter Center East, Suite 660

Atlanta, GA, 30071

Voice: 770-395-0150

Fax: 770-395-1972

E-mail: info@iss.net

URL: http://www.iss.net

NetWare

The following NetWare utilities are on the CD-ROM. This listing provides contact information for each company and a description of its product.

SecureConsole

SecureConsole for NetWare is a fileserver console security application that adds a new level of control and accountability to the NetWare server. It restricts access for individual users or NetWare security groups to specific server commands or applications. SecureConsole also records the commands performed by each logon. SecureConsole acts like a screen saver on the console forcing the user to identify himself with a valid NetWare login and password. If the user is authorized to access the server, SecureConsole unlocks the screen but continues to verify the user's actions against his list of authorized functions and application screens. This means that different users or groups can have different levels of access. Installation of SecureConsole is simple! The software can be installed through the NetWare v4 product installation program or by copying the program to the server manually. No special NetWare queues, setup files, or license files are required, and the product is not serialized. This allows for software distribution products or batch installation to multiple fileservers.

Server Systems Limited

7A Villa Marina Arcade

Harris Promenade

Douglas, UK

Voice: 1-800-581-3502 (USA)

Fax: 1-800-581-3502 (USA)

Voice: +61 6 292-9988 (Australia)

Fax: +61 6 292-9977 (Australia)

Voice: +44 117 940-2020 (UK)

Fax: +44 117 907-7448 (UK)

E-mail: sales@serversystems.com, 100033,3202 (CompuServe)

URL: http://www.serversystems.com/

spooflog.c and spooflog.h

Author: Greg Miller

Macintosh Software

The following Macintosh utility is on the CD-ROM. This listing provides contact information for the company.

Mac TCP Watcher

Stairways Software Pty. Ltd.

PO Box 1123

Booragoon, WA, 6154, Australia

E-mail: support@stairways.com.au

URL: http://www.stairways.com/

Information

The following information is also located on the CD-ROM.

Computer Facility Security--An Overview

Bret Watson & Associates

c/- 6 June Rd

Gooseberry Hill, Western Australia, 6076, Australia

Tel: +61 041 4411 149

Fax: +61 09 454 6042

E-mail: consulting@bwa.net

URL: http://www.bwa.net

RadLast

RadLast filters Radius 1 and 2 detail files.

Kinchlea Computer Consulting

3730 Denman Rd

Denman Island, BC, Canada, V0R 1T0

Tel: 250-335-0907

Fax: 250-335-0902

E-mail: kcc@kinch.ark.com

URL: http://kinch.ark.com/kcc

About the Software

Please read all documentation associated with a third-party product (usually contained with files named readme.txt or license.txt) and follow all guidelines.

Previous chapterContents
 
 

© Copyright, Macmillan Computer Publishing. All rights reserved.