Trojans First Aid Kit v4.5 is a client for 25 remote access trojans, which can detect and remove 481 remote access trojans. Archive password is set to p4ssw0rd. Use at your own risk.
1aeea5fe2ff7a0ee2195982c1ebffb451ac498ef20a4ee47eb81b21b6033a185
RenAttach is an e-mail filter/processor which runs from a user's .forward file. It is designed to protect end users (particularly those using Windows) from malicious e-mail attachments. It does not scan specifically for viruses, but rather renames e-mail attachments so that they can not be accidentally executed. It handles both UUencoded and MIME-encoded attachments.
09d518fd000151398079a955f6b482f4e75197864ec6f5517676a6a49d565106
PIKT is a cross-platform, multi-functional toolkit for monitoring systems, reporting and fixing problems, security management, and updating system configurations. PIKT comprises an embedded scripting language with unique, labor-saving features. Binaries available here.
df49bfd9c950c505012c5d14ff52354ce12ef434dcf693f89282890afb29e40c
Fwlogwatch analyzes the ipchains, netfilter, or iptables packet filter logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
e4d45b21e838a1b80506887b3e9b081df98f3ba3689424b074b030466c52e1c1
Exiscan is an email virus scanner which works together with the Exim MTA and McAffee's uvscan or Trend Micro's vscan. It is written in Perl and is designed to be as subtle and lightweight as possible. The special thing about exiscan is that is does not resend messages after scanning them, so that the process is fully transparent to the MTA and requires only minimal reconfiguration of Exim.
dcc36ff6a184f5566d6c3ff981830aee163070a130687b7fc29cec396ddef8b8
Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
edfc18f6b88382a2c7b6d50d62817b6fa12015e4265cfcaf4ba3507c16cc68fb
LOMAC is a security enhancement for Linux that uses Low Water-Mark Mandatory Access Control to protect the integrity of processes and data from viruses, Trojan horses, malicious remote users, and compromised root daemons. LOMAC is implemented as a loadable kernel module - no kernel recompilations or changes to existing applications are required. Although not all the planned features are currently implemented, it presently provides sufficient protection to thwart script-kiddies, and is stable enough for everyday use. Whitepaper available here.
0d6bb71c87c2370538365cb2fe36ecc897989499bd4e09686b27542d0101a6e4
Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.
b0a3b06cdc1bb110b2db01e086838f715ae231fd53fdf6db0ce9617538c43b5f
ISS Security Alert - Ramen Linux Worm. A self-propagating worm known as Ramen is currently exploiting well-known holes (wu-ftp, rpc.statd, and LPRng) in unpatched Red Hat Linux 6.2 systems and in early versions of Red Hat 7.0. In addition to scanning for additional systems and propagating to vulnerable systems, the worm also defaces Web servers it encounters by replacing the "index.html" file. It may also interfere with some networks supporting multicasting.
5fafe03a3ac411b8a7266fdb981c05bf1655ddbeb36af33ffcc0cace05e380fc