Tools and Methods

Software

WIDZ - the Wireless 802.11b IDS
Its nearly ready - a beta version of the wireless IDS I have been working on

Go to my home pages to find some good articles on the risks plus attacks that can be launched against an 802.11 network - not just theory more like an faq

Honey pots and other IDS covered

WIDZV1.5 - the Wireless IDS for 802.11b
This now works well !!!and
has loads of new funtcions. Detects Rogue APs and Monkey-jacks. Null probes , floods has a Mac Backlist and ESSID blacklist so we can catch the obvious badguys

Cisco Router passwd decoder
Simple little perl script to decode router passwords.

Oracle security tools
Why use a database scanner - Specially if you don't have one

I wrote this years ago - might help

NIMROD - Application security aid
Theres a story here - a while back I was doing a pen test and needed a CGI scanner That wasnt Whisker. So I downloaded one called crazy.c. Like most things you download it didnt work - Why!!! because there was no recv() on the sockets file descriptor to return the results to the program nor was there a printf() to give the user an inclination of what was going on

So I changed it - then I converted it to be an all singing and dancing thing to suck a website dry using a webvac i.e. wget and produce an inventory of all comments directories, cgi and forms for ANALYSIS.

then it is supposed to scan all those directories for well known vulnerabilities. Good Idea - but it doesnt work

SNMP bruteforcer
Yes I know Solar winds has got one but this came first - ok. Oh by the way this will dos the router if your not careful - SO be Careful and don't hurt anyones box

sscan.txt
Simple shell script that uses IP spoofing in nmap to scan with IDS avoidance

Thinkware

IDS deployment methodology
Use this and you IDS will work better

Hardening Cisco Routers
At the time this was pretty unique -now there are a few books and sites that cover it

Its still very good

Firewall rules methodology
found it - it was in my bedroom

Vulnerability Lifecycle theory
A theory that explains the lifecycle of a vulnerability - Read, it 's useful

Security Tool Typology
A model that explains the pupose of all this security software you all keep installing on your poor servers - I'm sure it is too simple to be of any use fnnarr

Incident Checklist
Sorry lost it - its in my bedroom somewhere

[Back 2 LFB]

	Software
	WIDZ - the Wireless 802.11b IDS	Its nearly ready - a beta version of the wireless IDS I have been working on Go to my home pages to find some good articles on the risks plus attacks that can be launched against an 802.11 network - not just theory more like an faq Honey pots and other IDS covered
	WIDZV1.5 - the Wireless IDS for 802.11b	This now works well !!!and has loads of new funtcions. Detects Rogue APs and Monkey-jacks. Null probes , floods has a Mac Backlist and ESSID blacklist so we can catch the obvious badguys
	Cisco Router passwd decoder	Simple little perl script to decode router passwords.
	Oracle security tools	Why use a database scanner - Specially if you don't have one I wrote this years ago - might help
	NIMROD - Application security aid	Theres a story here - a while back I was doing a pen test and needed a CGI scanner That wasnt Whisker. So I downloaded one called crazy.c. Like most things you download it didnt work - Why!!! because there was no recv() on the sockets file descriptor to return the results to the program nor was there a printf() to give the user an inclination of what was going on So I changed it - then I converted it to be an all singing and dancing thing to suck a website dry using a webvac i.e. wget and produce an inventory of all comments directories, cgi and forms for ANALYSIS. then it is supposed to scan all those directories for well known vulnerabilities. Good Idea - but it doesnt work
	SNMP bruteforcer	Yes I know Solar winds has got one but this came first - ok. Oh by the way this will dos the router if your not careful - SO be Careful and don't hurt anyones box
	sscan.txt	Simple shell script that uses IP spoofing in nmap to scan with IDS avoidance
	Thinkware
	IDS deployment methodology	Use this and you IDS will work better
	Hardening Cisco Routers	At the time this was pretty unique -now there are a few books and sites that cover it Its still very good
	Firewall rules methodology	found it - it was in my bedroom
	Vulnerability Lifecycle theory	A theory that explains the lifecycle of a vulnerability - Read, it 's useful
	Security Tool Typology	A model that explains the pupose of all this security software you all keep installing on your poor servers - I'm sure it is too simple to be of any use fnnarr
	Incident Checklist	Sorry lost it - its in my bedroom somewhere
	[Back 2 LFB]