Hacking sites recommended to help you secure your corporate networking environment
Recommended Trojan Programs
·
SubSeven, http://subseven.slak.org/download.html.
For further information regarding the details of how this program works
and how to remove an infected system, please refer to http://www.hackfix.org/subseven/.
In general this is a very powerful remote control program for WinTel PCs,
that is client server in nature. The server is installed on the target
machine, by various methods and is then controlled by a client (the hacker).
In the case of this test scenario, you will need to download both the client
and the server. Manually install the server on the WinNT Server w/IIS
and the Win9x system.
· Back Orifice 2000, http://www.bo2k.com/indexnews.html. For further information regarding the details of how this program works and how to remove an infected system, please refer to http://www.ozemail.com.au/~dwarren/backorifice/index.html. In general this is a very powerful remote control program for WinTel PCs, that is client server in nature. The server is installed on the target machine, by various methods and is then controlled by a client (the hacker). In the case of this test scenario, you will need to download both the client and the server. Manually install the server on the WinNT Server w/IIS and the Win9x system.
Recommended Scanner Programs
·
Nmap: (UNIX), http://www.insecure.org/sploits.html
·
Snort : (UNIX), http://www.snort.org
·
Winfingerprint; (Windows), http://www.technotronic.com/winfingerprint/index.html
·
WS_Ping ProPack: (Windows), http://www.ipswitch.com/products/WS_Ping/index.html
Other
·
Whisker: (Windows and UNIX), http://www.wiretrip.net/rfp/2/index.asp
·
Fragrouter; (UNIX), http://www.anzen.com/research/nidsbench/
·
Jolt2.c (UNIX), http://rootshell.com/search.fcg
·
Targa3 , (UNIX): http://mixtersecurity.tripod.com/progs.html
·
See section 7.1.4 of Appendix A
1 Appendix
A. References
If you want to pursue various aspects
of the BlackICE technology, Internet, the Microsoft Windows operating systems,
TCP/IP, and network security, you can check out the various resources below:
1.1 World Wide Web
1.1.1 BlackICE-Related Sites
·
List of known Intrusions that BlackICE
can detect http://www.networkice.com/Advice/Intrusions/default.htm
·
BlackICE Knowledge Base - http://www.networkice.com/Advice/Support/KB/default.htm
·
BlackICE Public Message Board - http://bidhq.homestead.com/
·
BlackICE FAQ - http://www.netice.com/Support/blackice_faq.htm
1.1.2 Security Web Sites
1.1.3 Security Mailing lists
·
CERT Advisories - [email protected]
·
CIAC Advisories - [email protected]
·
WWW Security (ww-security-new) - [email protected]
·
NT Bugtraq - [email protected]
·
Intrusion Detection Systems - [email protected]
·
Best of Security list (bos) -
[email protected]
·
Bugtraq Full Disclosure list - [email protected]
1.1.4 Subset of Nmap User Favorites "Top
n"
·
Nessus -- http://www.nessus.org
--
·
Netcat -- http://www.l0pht.com/~weld/netcat/
(unofficial site) --
·
Tcpdump -- http://www.tcpdump.org
--
·
Snort -- http://www.snort.org
--
·
SAINT -- http://www.wwdsi.com/saint/
--
·
Ethereal -- http://ethereal.zing.org/
--
·
Whisker -- http://www.wiretrip.net/rfp/p/doc.asp?id=21&iface=2
--
·
SATAN -- http://www.fish.com/satan/
--
·
John The Ripper -- http://www.openwall.com/john/
--
·
Hunt -- http://www.cri.cz/kra/index.html#HUNT
--
·
sam spade -- http://www.samspade.org/
--
·
Retina -- http://www.eeye.com/html/Products/Retina.html
--
·
Fragrouter -- http://www.anzen.com/research/nidsbench/
--
Prepared for Barreoblique.com