logo       Dave's Online Memory You:         Thursday Jun 22, 2017   4:51AM PDT

Security: selected readings for paranoid sysadmins

wow, this is old... not even sure how much is even relevant, anymore. o well, may be useful for historical perspectives. and, i need a place to dump new info. like, industrial security issues, for instance. can sometimes be a problem with the web- some stuff persists tho' it prob'ly shouldn't. (5/13/2012)
some industrial security papers
1. There are no downloadable programs on this page. This documentation has been collected solely for the system administrators' reference. I would recommend a search on Alta Vista for any programs you find interesting. I doubt that I will make them available from the ftp site.
2. This information may appear to be unduly biased against NT. This is only because un*x vulnerabilities have been around so long that they have been well documented, and many tools exist to help secure un*x systems. NT is, as yet, still revealing all its flaws, and the tools are still developing.
This collection resulted from a weekend search for NT, network, and server security information as it related to tightening up a new NT domain and its Linux cousins.
A list of Sun security resources is available in another document.

  • Internet Security Working draft by Richard Pethia
    (Written in Oct 1990, but still valid today.)
  • CERT Advisory about ISS (the Internet Security Scanner)
  • Packets Found on the Internet by Steven Bellovin postscript and pdf formats
  • Horses and Barn Doors in postscript and pdf formats
  • I Only Replaced index.html - The admin's side of cracking
  • Microsoft White Paper: Single Sign-On in Windows 2000 Networks in html and Word formats

click here to return to the top of pagetop of page

Source Code, Tutorials, and Warnings

click here to return to the top of pagetop of page

unix & network

Windows NT

click here to return to the top of pagetop of page

NT Security Tools
  • NAT.EXE - NetBios Security Auditing Tool. From the folks at the Samba project
  • dumpfs.exe - locate alternate data streams in NTFS files
  • fatalerr.exe - trojan password prompt. See how gullible (uninformed) your users are.
  • grant.exe - grant or revoke user priveleges from the command line. not sure whether this is a tool or a potential exploit...
  • grp.exe - list local and global groups
  • ipccrack.exe - exploit (or find a vulnerability, if you wear the white hat) an accessible IPC$ share
  • logger.exe - send system events to a syslog daemon running on a remote host
  • nc.exe - netcat *hobbit*'s network hacking tool. Ported to NT by Weld Pond. lots and lots of uses- for offense and defense. here's the original (much longer) write-up by *hobbit*
  • Nessus - security scanner (links to nessus.org)
  • NTinfoScan - just how much info is your NT box giving out to anonymous users?
  • NTlast - limited, but similar to the un*x command
  • NTsyslog - log to a central monitoring host
  • passwd utility allows the user to change his/her password on either the local system, or the Domain Controller. Administrators may change anyone's password.
  • Port Dumper is written to be a port listener with a function of sending back data to the connected box
  • Porter is an internet utility to scan a host for ports open for public connection or a range of IPs for connections. It can be used to find servers not listed with InterNIC or just to scan a host for the services it provides.
  • pwgen - Generate (hopefully) pronounceable random passwords. These can often be remembered more easily than completely random passwords, and are immune to dictionary searches, etc.
  • SendFile is a 32 bit console application for sending ASCII text files via SMTP. (handy for mailing alerts to the admin.)
  • systime - displays the current time, the elapsed time and the system start time for the local system. (so you know that someone didn't reboot the machine from floppy, for instance...)
  • Test for Guest tests for an enabled guest account with no password set on it, on a number of (NT or Linux) machines in a given range of IP addresses.
  • Ultrascan - scan every host in a Class C subnet for any number of ports. You may also scan every host in that range on a particular port.
  • unsecure - brute force password attacker
  • The upriv utility allows the addition or removal of privileges from user accounts.
Related Resources


silly cat image Top of Page FEEDBACK      Comments, Corrections & Questions welcome