NEW! -->Deception Finger Daemon, by Jon Beaton. This beauty is a replacement for in.fingerd, and can be customized in many ways. It essentially lies to the finger client, and all finger replies are completely editable. Very cool. It also makes syslog entries for each time a user requests info, so you know "who's watching YOUR network"... Sure as hell isn't NAI. I use dfingerd on my Dial-Firewall at home. It edited it a bit. It now proclaims: "So, you want the finger, eh? No problem!" followed by a nice ascii "Fickle Finger of fate"...

Ethereal 0.6.2 by Gerald Combs et al. This is a GPL program that strives to be like NAI's NetXRay and other Windows-Based sniffers. It needs libpcap to work. Runs under X. There's also an RPM of the previous version, 0.6.1 available here.

Remote Vulnerability Scanner(Script Tarball, needs some binaries such as netcat, nmap, and strobe) by Ben-Z. This is another good remote scanner to run against your systems. It even found a few things that I overlooked. I would create a .register file in the directory this gets unpacked into, cuz otherwise it WILL try to mail /proc/cpuinfo, and a couple other things about you and your system to thee author (I REALLY don't like that part)

LSekure, by Ben-Z a shell script program that scand your system for many common local exploits. It's a little picky for my flavor, but it DOES make sure that you're relatively secure as far as your local users are concerned.

Multifunctional Network Scanner 0.68 beta (source tarball with an UNTESTED binary included, you have been warned...). MNS is another vulnerability/port scanner. It scans muliple hosts from a file of IP addressed or hostnames. This also is a heavy-hitter on the logs, so be careful. Great for running against your own network, though.

Back Orifice Text-Based Unix Client, for total remote Win9x mayhem without running MS-anything!

G-Spot 1.21, FINALLY a *GRAPHICAL* Back Orifice Client, for total remote Win9x mayhem without running MS-anything, plus gtk stuff as well. This was created with a patch file for bounix, so I patched it myself. The source code/Makefile/Configure stuff is in here, so you can recompile yourself, but the binaries (bounix, the text one; and gspot, the graphical one for X-Win) are in there. If they don't work, compile 'em.

Webmin, a tool for administering your *NIX boxen over the web. Needs PERL 5, and supports SSL if you have the PERL SSL headers.

Secure Shell 2.0.11, Server and Client for unix/linux: for making encrypted telnet-like and ftp connections over insecure networks (internet, etc.) to keep your data away from sniffers and the like.

HUNT 1.0 (Statically Linked Binary). Hunt is a program that exploits many well-known "features" of TCP/IP. Includes a decent sniffer, a program that finds the MAC address of the ethernet cards associated with the IP address, and quite a host of other things. Go to the HUNT home-page for more information.

HUNT 1.3 has also recently been released. This one is in source format. It has to be run as root, and set-uid doesn't work, but I came up with a mod so that u can set-uid it and make it so u can run it as non-root. I might publish the modifications in the next issue.

Trinux, a "Linux Security Toolkit" is a small linux distribution that fits easily on three floppies. Includes network monitoring, Denial-of-service tests, and firewalling support. Go to Trinux Home-page for more information. (Mentioned in HiR 8-7)

Cheops, a network monitoring/mapping tool written using gtk. An X-Win app that maps networks, performing IP Fingerprinting (Code borrowed from QueSO) that will give you a decent shot-in-the-dark guess as to what Operating System the machines are running. Cheops also uses the Half-Scan to do a quick port scan of the popular services. A must-have tool for net-admins and hackers alike!

Changemac, a tool I grabbed off rootshell.com that changes your mac address in linux. Read the source code comments, they give some good info. I statically linked and compiled the binary myself. (don't worry about the errors uncompressing the tarball. The source and the binary are still fine)

Download QueSO, a tcp/ip fingerprinting program that uses strange packets and responses to take a fairly accurate guess as to the remote Operating System. a "Must have" tool for anyone who wants to know what's on the other end...

Virtual Network Computing, 3.3.2r6 (binary tarball), a delightfully full-featured visual remote control software that's not only open source (source code for the unix server/client), but cross-platform as well. Servers and viewers available for most any normal platform. See The VNC Homepage for more info. (Mentioned in HiR 7-6)

NMAP 2.12 (source tarball), a fast, robust, and well-written tool for port scanning and OS detection. This is a brand-new version, and has quite a few advantages over the previous version. Nmap has had rave reviews from mainstream media claiming it to be everything from a necessity if you're installing linux to an "evil hacker tool that poses a greater threat to security than ever seen before". (How a port scanner became a "deadly tool", I don't know) Check it out for yourself. Binary RPM of nmap 2.12 available here. Look at the NMAP page for more info, changelog, and some general usage notes, etc. Shout-outs to Fyodor, for NMAP and Sploit World.