OpenNTPD

OpenNTPD is a FREE, easy to use implementation of the Network Time Protocol. It provides the ability to sync the local clock to remote NTP servers and can act as NTP server itself, redistributing the local clock.

The Project Goals are:

  • Be as secure as possible. Code carefully, do strict validity checks especially in the network input path, and use bounded buffer operations. Use privilege separation to mitigate the effects of possible security bugs.
  • Provide a lean implementation, sufficient for a majority. Don’t try to support each and every obscure usage case, but cover the typical ones.
  • Try to “Just Work” in the background.
  • Work with just a minimum of configuration.
  • Reach a reasonable accuracy. We are not after the last microseconds.

The OpenNTPD provided here is known to run on the following Unix operating systems:

  • FreeBSD
  • NetBSD
  • Linux
  • Solaris
  • Mac OS X
  • HP-UX
  • QNX4
  • IRIX
  • AIX

The latest version is OpenNTPD 4.2 released Nov 1, 2007.
For more details and to download visit http://www.openntpd.org/

FireCAT (Firefox Catalog of Auditing exTensions)

FireCAT (Firefox Catalog of Auditing Toolbox) is a Firefox Framework Map collection of the most useful security oriented extensions.
Some of the categories included with FireCAT addons are:

  • Information Gathering
  • Proxying / Web Utilities
  • Security auditing
  • Network Utilities

Some of the tools I have found very handy are:

  • Host IP and Show IP info (displays the sites IP Address)
  • Firekeeper (IDS/IPS for Firefox)
  • FireGPG (encrypt, decrypt, sign or verify the signature of text in any web page using GnuPG)

Visit Security Database website for more info:
http://www.security-database.com/toolswatch/FireCAT-Firefox-Catalog-of,302.html

Firefox Tweaks – About:Config

You can tweak Firefox with the About:Config settings.
See these sites for more and to improve the performance:

A good example is the nglayout section which will start rendering pages faster.
nglayout.initialpaint.delay can be set to 0.25 try setting it lower or to 0.

ThreatSTOP DNS Service

Use ThreatSTOP DNS service to protect against Malicious websites. You can use the service with your firewalls so that any sites listed in the ThreatSTOP listed sites is denied access based on your firewall rules.

About the service:
ThreatSTOP is a private, secure policy distribution network that leverages the scalability and pervasiveness of the Internet’s Domain Name Service (DNS) to reliably propagate threat information. Using standard DNS protocols, ThreatSTOP delivers:

1. “block” lists of Threat sources aggregated from the most authoritative Internet
Threat Monitors: DShield, Internet Storm Center, TQM, etc.;

2. “allow” lists such as the AOL MegaProxy; and

3. “custom allow and block lists” for secure community managment

via a private, secure, DNS system. ThreatSTOP automatically updates firewalls to control inbound and outbound connections to Threat sources, relieving you of the manual effort required to react to evolving threats in a timely manner. Additionally, unlike other services, ThreatSTOP implementation requires no special hardware or traffic re-routing and is wholly managed through a web service.

For more details and to use the service visit http://threatstop.com

Good article on trying to protect data that you don’t know exists

How do you protect what you don’t know exists?

Almost every day there is news of a company’s security breach and, increasingly, many of these incidents are originating from an employee or other internal source.

Read the entire article here: http://www.securecomputing.net.au/feature/how-do-you-protect-what-you-dont-know-exists.aspx

Bash Prompt Colours (Debian)

I find that the standard bash prompt colours in Debian are very bland and in addition I like to have the prompt in RED when logged in as root or if I’ve SU’d to root.

To do so you can modify the Bash configuration file ~/.bashrc as both your standard user account and then as the root user:
Standard User Console:
PS1=’${debian_chroot:+($debian_chroot)}[e[01;32m][email protected][e[00m]:w$ ‘

Root Console:
export PS1='[e[01;31m]h[e[00m]:w$ ‘

For more information see the following resources:
http://tldp.org/HOWTO/Bash-Prompt-HOWTO/x329.html
http://www.funtoo.org/en/articles/linux/tips/prompt/
http://linux-magazine.com/issues/2007/83/paint_your_bash/(kategorie)/0

Microsoft Active Directory Topology Diagrammer


Active Directory Topology Diagrammer (ADTD) tool is very useful for documenting your Active Directory environment! Official overview and download link is listed below.

With the Active Directory Topology Diagrammer tool, you can read your Active Directory structure through Microsoft ActiveX® Data Objects (ADO). The Active Directory Topology Diagrammer tool automates Microft Office Visio to draw a diagram of the Active Directory Domain topology, your Active Directory Site topology, your OU structure or your current Exchange 200X Server Organization. With the Active Directory Topology Diagrammer tool, you can also draw partial Information from your Active Directory, like only one Domain or one site. The objects are linked together, and arranged in a reasonable layout that you can later interactively work withthe objects in Microsoft Office Visio.

Download the tool from Microsoft