GulfTech Computers - Professional Computer Services  
Additional Links
-> Dicussion Forum
-> Encryption Tools
-> Information Tools
-> Net Info Tools
-> Latest Advisories
-> Latest Vulns
-> Latest Win Software
-> Latest Nix Software
-> Security News
-> Security Press
Recent News

GulfTech Computers strives to beat the price(s) of any other business around. Check with us first as it just may save you some time and money. And who doesn't want to save money? Please contact us with any questions or inquiries.

Latest GulfTech Releases

SubScan v1.2 Scans a domain for DNS records and SubDomains. Very stealthy, and can be used to find many hosts not on the public netblock. A very interesting tool to say the least. Works on both Nix and Windows based systems. Get it now!

Download SubScan v1.2

Search GulfTech
You can use the form below to search our site. Just enter the keyword or keywords to search.
Latest Advisories
SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7 : uudecode does not check for symlink or pipe (SCOSA-2004.7)
SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7 : OpenSSL Multiple Vulnerabilities (SCOSA-2004.10)
SCO Security Advisory - OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges (SCOSA-2004.3)
SCO Security Advisory - UnixWare 7.1.3 Open UNIX 8.0.0 : Xsco contains a buffer overflow that could be exploited to gain root privileges. (SCOSA-2004.2)
Microsoft Security Bulletin Re-release, August 2004
Latest Vulnerabilities
OpenFTPD Format String Vulnerability
Fusion News Unauthorized Account Addition Vulnerability
Jaws 0.4 Authentication Bypass Vulnerability
DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability
LostBook v1.1 Javascript Execution Vulnerability
Latest Security News
Anti-spam spamvertisers agree to quit
Black Hat day 2 sounds security alarm
VPNs (Virtual Private Nightmares)
HNS Newsletter issue 224 has been released
Long-awaited IE patch (finally) arrives

Here you will find all the GulfTech releases, as well as other misc files. If you have any file you would like to submit, or have any questions, comments, feedback; please post it on the forum. If you have any problems, or questions regarding any of the scripts or GulfTech releases then take a moment to check out the technical support forum.


SubScan - Sub Domain Scanner
This program can be looked at as brute forcing DNS in a way. Its pretty straightforward and very easy to understand. You can find many more potential targets for an attacker by scanning your domain with this program. Give it a try, it's free :) It's a very useful tool to have.

Downloaded 2947 Times - Size: 395 Kilobytes

Fong Device Stats
A Perl script that displays simple stats for the Albert Fong Device discussion forum. Displays such stats as number of total messages, total number of users and more.

Downloaded 229 Times - Size: 2 Kilobytes

Net Send Spoofer + Flooder
Very similar to the Net Send Flooder. But this version includes a "net send" spoofer that allows you to spoof your identity. Also includes a version of Net Send Flooder that works with "net send" spoofer that allows one to send a mass number of spoofed messages to a host.

Downloaded 5813 Times - Size: 310 Kilobytes

Net Send Flooder
This file was written to prove how computers accepting messages via the "net send" command can be vulnerable to a DoS of sorts. Lets you specify the host, message, and number of messages.

Downloaded 3123 Times - Size: 304 Kilobytes

Perl Portscan
A simple portscanner written in Perl. Not a very great portscanner. lol. But was basically just written by me while I was getting familiar with Perl net scripts. Good for learning if nothing else.

Downloaded 460 Times - Size: 2 Kilobytes

Masscrypt
Can DES crypt from a large input file, as well as output a single crypt to a file. Can be used to write to etc/passwd etc/shadow if you have proper permissions.

Downloaded 281 Times - Size: 664 Kilobytes

KillMSN Removal Utility
Run this small .bat file to quickly, and easily remove Microsoft MSN Messenger from WindowsXP. This is probably not needing by anyone with SP1 or the XP AntiSpy utility.

Downloaded 345 Times - Size: 1 Kilobytes

IPGen
Creates a list of IP addresses, and outputs them to a text file. It will generate any given range of IP addresses, and comes in handy when making host lists for cetain scripts etc.

Downloaded 596 Times - Size: 333 Kilobytes



Total Files: 10 Total MB: 2.05 Total Downloads: 17004




Security Tools

Nessus Security Scanner
Remote network security auditor, the client The Nessus Security Scanner is a security auditing tool. It makes possible to test security modules in an attempt to find vulnerable spots that should be fixed. . It is made up of two parts: a server, and a client. The server/daemon, nessusd, is in charge of the attacks, whereas the client, nessus, interferes with the user through nice X11/GTK+ interface. . This package contains the GTK+ 1.2 client, which exists in other forms and on other platforms, too.

NetCat
TCP/IP swiss army knife A simple Unix utility which reads and writes data across network connections using TCP or UDP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities.

TCP Dump
A powerful tool for network monitoring and data acquisition This program allows you to dump the traffic on a network. It can be used to print out the headers of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect "ping attacks" or to monitor the network activities.

Snort
flexible packet sniffer/logger that detects attacks Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capability, with alerts being sent to syslog, a separate "alert" file, or even to a Windows computer via Samba

SAINT
SAINT (Security Administrator's Integrated Network Tool) is a security assesment tool based on SATAN. Features include scanning through a firewall, updated security checks from CERT & CIAC bulletins, 4 levels of severity (red, yellow, brown, & green) and a feature rich HTML interface.

Ethereal
Network traffic analyzer Ethereal is a network traffic analyzer, or "sniffer", for Unix and Unix-like operating systems. It uses GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library.

Whisker
The primary purpose of whisker is to be a URL scanner, which is used to search for known vulnerable CGIs on websites. Whisker does this by both scanning the the CGIs directly as well as crawling the website in order to determine what CGIs are already currently in use

Internet Security Scanner
Internet Scanner performs scheduled and selective probes of communication services, operating systems, applications and routers to uncover and report systems vulnerabilities that might be open to attack.

Abacus Portsentry
Portscan detection daemon PortSentry has the ability to detect portscans(including stealth scans) on the network interfaces of your machine. Upon alarm it can block the attacker via hosts.deny, dropped route or firewall rule. It is part of the Abacus program suite. . Note: If you have no idea what a port/stealth scan is, I'd recommend to have a look at http://www.psionic.com/products/portsentry.html before installing this package. Otherwise you might easily block hosts you'd better not(e.g. your NFS-server, name-server, ...)

DSniff
A suite of powerful for sniffing networks for passwords and other information. Includes sophisticated techniques for defeating the "protection" of network switchers.

Tripwire
A file and directory integrity checker. Tripwire is a tool that aids system administrators and users in monitoring a designated set of files for any changes. Used with system files on a regular (e.g., daily) basis, Tripwire can notify system administrators of corrupted or tampered files, so damage control measures can be taken in a timely manner.

HPing 2
hping2 is a network tool able to send custom ICMP/UDP/TCP packets and to display target replies like ping does with ICMP replies. It handles fragmentation and arbitrary packet body and size, and can be used to transfer files under supported protocols. Using hping2, you can: test firewall rules, perform [spoofed] port scanning, test net performance using different protocols, packet size, TOS (type of service), and fragmentation, do path MTU discovery, tranfer files (even between really Fascist firewall rules), perform traceroute-like actions under different protocols, fingerprint remote OSs, audit a TCP/IP stack, etc. hping2 is a good tool for learning TCP/IP.

SARA
The Security Auditor's Research Assistant (SARA) is a third generation security analysis tool that is based on the SATAN model which is covered by the GNU GPL-like open license. It is fostering a collaborative environment and is updated periodically to address latest threats

Sniffit
packet sniffer and monitoring tool sniffit is a packet sniffer for TCP/UDP/ICMP packets. sniffit is able to give you very detailed technical info on these packets (SEC, ACK, TTL, Window, ...) but also packet contents in different formats (hex or plain text, etc. ).

SATAN
Security Auditing Tool for Analysing Networks This is a powerful tool for analyzing networks for vulnerabilities created for sysadmins that cannot keep a constant look at bugtraq, rootshell and the like.

IP Filter
IP Filter is a TCP/IP packet filter, suitable for use in a firewall environment. To use, it can either be used as a loadable kernel module or incorporated into your UNIX kernel; use as a loadable kernel module where possible is highly recommended. Scripts are provided to install and patch system files, as required.

iptables/netfilter/ipchains/ipfwadm
IP packet filter administration for 2.4.X kernels Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. The iptables tool also supports configuration of dynamic and static network address translation.

Firewalk
Firewalking is a technique developed by MDS and DHG that employs traceroute-like techniques to analyze IP packet responses to determine gateway ACL filters and map networks. Firewalk the tool employs the technique to determine the filter rules in place on a packet forwarding device. The newest version of the tool, firewalk/GTK introduces the option of using a graphical interface and a few bug fixes.

L0pht Crack
L0phtCrack is an NT password auditting tool. It will compute NT user passwords from the cryptographic hashes that are stored by the NT operation system. L0phtcrack can obtain the hashes through many sources (file, network sniffing, registry, etc) and it has numerous methods of generating password guesses (dictionary, brute force, etc).

John The Ripper
Description: An active password cracking tool john, normally called john the ripper, is a tool to find weak passwords of your users.

Hunt
Advanced packet sniffer and connection intrusion. Hunt is a program for intruding into a connection, watching it and resetting it. . Note that hunt is operating on Ethernet and is best used for connections which can be watched through it. However, it is possible to do something even for hosts on another segments or hosts that are on switched ports.

OpenSSH / SSH
Secure rlogin/rsh/rcp replacement (OpenSSH) OpenSSH is derived from OpenBSD's version of ssh, which was in turn derived from ssh code from before the time when ssh's license was changed to be non-free. Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It is intended as a replacement for rlogin, rsh and rcp, and can be used to provide rdist, and rsync with a secure communication channel.

TCP Wrappers
Wietse Venema's TCP wrappers library Wietse Venema's network logger, also known as TCPD or LOG_TCP. . These programs log the client host name of incoming telnet, ftp, rsh, rlogin, finger etc. requests. Security options are: access control per host, domain and/or service; detection of host name spoofing or host address spoofing; booby traps to implement an early-warning system.

John The Ripper
An active password cracking tool john, normally called john the ripper, is a tool to find weak passwords of your users.

Ntop
display network usage in top-like format ntop is a Network Top program. It displays a summary of network usage by machines on your network in a format reminicent of the unix top utility. . It can also be run in web mode, which allows the display to be browsed with a web browser.

NAT (NetBIOS Auditing Tool)
The NetBIOS Auditing Tool (NAT) is designed to explore the NETBIOS file-sharing services offered by the target system. It implements a stepwise approach to gather information and attempt to obtain file system-level access as though it were a legitimate local client.

Scanlogd
A portscan detecting tool Scanlogd is a daemon written by Solar Designer to detect portscan attacks on your maschine

Sam Spade
Online tools for investigating IP addresses and tracking down spammers.

Logcheck
Mails anomalies in the system logfiles to the administrator Logcheck is part of the Abacus Project of security tools. It is a program created to help in the processing of UNIX system logfiles generated by the various Abacus Project tools, system daemons, Wietse Venema's TCP Wrapper and Log Daemon packages, and the Firewall Toolkitę by Trusted Information Systems Inc.(TIS). . Logcheck helps spot problems and security violations in your logfiles automatically and will send the results to you in e-mail. This program is free to use at any site. Please read the disclaimer before you use any of this software.

Ngrep
grep for network traffic ngrep strives to provide most of GNU grep's common features, applying them to the network layer. ngrep is a pcap-aware tool that will allow you to specify extended regular expressions to match against data payloads of packets. It currently recognizes TCP, UDP and ICMP across Ethernet, PPP, SLIP and null interfaces, and understands bpf filter logic in the same fashion as more common packet sniffing tools, such as tcpdump and snoop.

Cheops
A GTK based network "swiss-army-knife" Cheops gives a simple interface to most network utilities, maps local or remote networks and can show OS types of the machines on the network.

Retina
Retina can scan every machine on your network, including a variety of operating systems, networked devices, databases and third-party or custom applications, all in record time.

LibNet
Routines for the construction and handling of network packets. libnet provides a portable framework for low-level network packet writing and handling. . Libnet features portable packet creation interfaces at the IP layer and link layer, as well as a host of supplementary functionality. Still in it's infancy however, the library is evolving quite a bit. Additional functionality and stability are added with each release. . Using libnet, quick and simple packet assembly applications can be whipped up with little effort. With a bit more time, more complex programs can be written (Traceroute and ping were easily rewritten using libnet and libpcap).

Crack / CrackLib
Crack 5 is an update version of Alec Muffett's classic local password cracker. Traditionally these allowed any user of a system to crack the /etc/passwd and determine the passwords of other users (or root) on the system. Modern systems require you to obtain read access to /etc/shadow in order to perform this. It is still a good idea for sysadmins to run a cracker occasionally to verify that all users have strong passwords.




© Copyright 2002 - GulfTech Computers, All Rights Reserved
Contact GulfTech Computers