Focus on Software

By now, everyone knows what happened with the Microsoft challenge to the cracker community to break a Win2K box with IIS. The part I found the most hilarious was Microsoft's attempt to force these script kiddies to abide by some rules while they performed beta security testing. I guess Microsoft won't make that mistake again (at least not until Windows 2010). Do we need to take a look at some security software, and a program or two to help with the logs? From watching the LinuxPPC challenge, Linux looked like a state-of-the-art Fort Knox compared to Microsoft. Lest we get too cocky, remember that most distributions aren't this secure out of the box. LinuxPPC had most services turned off.

Send Packet:http://redirect.to/mg/

Send Packet will allow root to send TCP, UDP or ICMP packets on the network with any number of items set: source address, destination address, window size, TTL, ICMP code, etc. Wonder how your firewall will react to certain packets? Turn on logging and send a packet, then check the results. This should not be used by anyone except root for obvious reasons. It requires glibc.

adzapper:http://www.halcyon.com/adamf/adzapper/

Does anyone out there remember Slashdot without the banners? Would you like to go back? The adzapper is a small, configurable “proxy” that runs on your local machine (or any machine) to cover up those gaudy ads. Take back control of your content. I have been using this for a few days and will most likely keep running it. Sufficient “zaplets” (small files that define URLs to filter out) exist to clean up most sites, and you can always add your own. It requires Python.

birthday:http://user.bene-online.de/mschmid/

(Warning: this paragraph is not Y2K compliant; saving it on your computer system could result in your cows going dry and not giving milk—you have been warned.) Here is a simple little reminder program. Just create your ~/.birthday file as instructed by the documentation, put the birthday command in your startup file and get a message reminding you about upcoming birthdays. I suppose as long as your birthdays are Y2K compliant, the output will be, too. (Just don't complain to me if it doesn't remind you of anything on 31 Feb 00.) The only glitch I noticed was it didn't return the xterm back to its original foreground color, but left it white instead. It is difficult to read the text on a white xterm background. It requires glibc.

BASS:www.securityfocus.com/data/tools/network/bass-1.0.7.tar.gz

BASS (no home page) is a scanner to run from your local system. It has various features, including a “coward” mode. When invoked in this coward mode, it tries to hide by going to sleep when someone logs in. A normal process listing (ps aux) shows a blank in the “Command” column. However, a ps auxc or use of gps (see below) shows up the command just fine. Only root can perform certain functions, but it is unclear to me what any user other than root would be doing running this program. It requires glibc.

colortail:www.student.hk-r.se/~pt98jan/colortail.html

colortail allows you to view files with colors for designated text. The program comes with several configuration files for looking at log files, the very thing I had in mind when I downloaded it. It makes scanning log files much easier. The provided config files look much better on the black console background than on a white xterm background, but that problem can be easily fixed if necessary. It requires libstdc++, libm and glibc.

dhcpxd:http://www.dhcpxd.dhs.org:50080/

For those who use dhcpcd often, this client is great. dhcpxd has more features than dhcpcd, including support for aliasing. Several of my clients run dhcpcd, so I can just plug in my laptop, get an IP address for eth0:1, and get to work. You do need aliasing support compiled into the kernel, but that is small potatoes. It requires libstdc++, libm and glibc.

gps:http://www.dcc.unicamp.br/~guazzibe/gPS/

The gps package does what many ps packages do—shows you a list of processes. What makes this program a standout is that the author logically (in my opinion) arranged the output in an order more aligned to how people would use the columns: PID, command, owner, state, CPU%, Size, RSS, Nice, Priority and date/time of Start. For me, this beats the standard layout where the two things I need most (PID and command) are on opposite sides of the table. Buttons for SIGHUP and SIGKILL (but not SIGTERM) are included. It lacks a way to specify columns and their display order. I look forward to grabbing a newer copy of this software soon. It requires libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libstdc++, libm and glibc.

qutar:http://home.sol.no/~geirerni/qutar/

qutar is a Qt interface to run tar and gzip, bzip2 or zip. It has a nice uncluttered feel. It is still early in development, but shows signs of being a well-thought-out program. About the only minor annoyance is when you do create or unpack a file, the directory windows don't update (yet). It requires libqt (v2.0), libstdc++, libm, glibc, libXext and libX11.

gomenu:http://www.digizen.net/members/geoffm/

Many years ago, I can remember creating .bat files for DOS systems so that techno-neanderthals could just type in a number and the program they wanted to run would start. Well, guess what? If you have a Linux system with too little RAM to efficiently run X, you can have exactly the same thing with this nice program. Talk about bringing back memories! These menus can be edited from the menu—very nice. Now, what did I do with that old 486-25 with 8MB RAM? It requires bash or pdksh.