Wednesday, August 31, 2005

IDS - App Radar

AppRadar™ is a real-time database intrusion detection and security auditing solution that provides purpose-built protection for enterprise databases - arguably the crown jewels at most any organization. Unlike generic network or operating system solutions, AppRadar delivers database-specific, active protection, monitoring, and auditing. By complementing existing perimeter-focused defenses, AppRadar enables a layered defense and augments corporate privacy and regulatory compliance initiatives.

AppRadar™ supports the following:

* Microsoft SQL Server
* Oracle


Great Data Center Security

Great Data Center Design - I liked the security, HVAC and Power features

Data Center Overview
The Planet currently owns and operates three state-of-the-art data centers in Dallas, Texas, offering complete redundancy in power, HVAC, fire suppression, network connectivity, and security. With over 83,000 sq ft of raised floor between the three facilities, The Planet has an offering to fit any need. Our product offerings include private caged suites, cabinets, half-cabinets, tri-cabinets, and rackspace by the Unit. The datacenter facility sits atop multiple power grids driven by TXU electric, with PowerWare UPS battery backup power and dual diesel generators onsite. Our HVAC systems are condenser units by Data Aire to provide redundancy in cooling coupled with ten managed backbone providers. Twelve more third party backbone providers are available in the building via cross connect. Fire suppression includes a pre-action dry pipe system including VESDA (Very Early Smoke Detection Apparatus) with over 700 smoke detectors between the two facilities.

Thursday, August 25, 2005

KFSensor -Windows IDS and HoneyPot



Notes: Easy to use Windows IDS...

Advanced Windows Honeypot Server

KFSensor is a Windows based honeypot Intrusion Detection System (IDS).

It acts as a honeypot to attract and detect hackers and worms by simulating vulnerable system services and trojans.
By acting as a decoy server it can divert attacks from critical systems and provide a higher level of information than can be achieved by using firewalls and NIDS alone.

KFSensor is designed for use in a Windows based corporate environment and contains many innovative and unique features such as remote management, a Snort compatible signature engine and emulations of Windows networking protocols.

With its GUI based management console, extensive documentation and low maintenance, KFSensor provides a cost effective way of improving an organization's network security.

Network Monitoring + Logging


XNetStat Professional

X-NetStat Professional shows your current Internet and network connections in realtime. These connections are established each time you visit a web page, send an instant message, check your email, or anytime you do network activity that requires you to connect to another computer. They also appear when outside computers attempt to connect to your machine, authorized or not. Information shown includes local and remote addresses, local and remote ports, the status, the age of the connection, how much bandwidth/traffic the connection is using, and the program EXE behind it. Its kind of like Internet/network radar, and you can even kill unwanted connections. The Professional edition of X-NetStat offers a ton of additional features geared towards Network Administrators, like a Rules system to set up actions based on network conditions, a comprehensive Network Statistics window displaying information on network interfaces and protocols, a server that lets you access XNS information remotely, a collection of Lookup Tools (TraceRoute, WHOIS, Finger, DNS, Web Search, Server Version, NetBIOS Lookup, Online Tools, etc), a Port Database, Logging capabilities, transmission LED lights, a dockable ViewBar, and many more features.

Publisher: Fresh Software
Version Date: 2005-08-10
Size: 1633 Kb.
OS: Win95,Win98,WinME,WinXP,WinNT 4.x,Windows2000,Windows2003
License: Shareware, US$ 29.95

Tuesday, August 23, 2005

tools for "you name it"

very comprehensive

Good Site for Apps

Remote Commander


Personal Notes: I love this of the most comprehensive System Admin Tools ever.
Uploading and downloading files, Mapping of ports with applications, live view of desktop with a fast refresh rate (uhmm almost fast)

AWRC is a must-have for System Administrators and Helpdesk personnel. Recommended for a range of special remote access requirements, from Intelligence to Parental supervision. Runs across firewalls.Performs deep audits and all kinds of maintenance operations.Does not leave traces on remote.It is absolutely safe.

You may be familiar with utilities that allow remote management of computers.All those utilities require that you install software on the remote computer in order to process your requests and send the information back to you.The first thing that makes AWRC different is that it does not require that you install any kind of software on the remote machine. Sure, it seems impossible. We thought that also!

The second thing is that AWRC allows you to gather more information from the remote system than remote privileged users can dream about. By far and large, AWRC is the more powerful remote audit tool you can find.

The third thing is that AWRC provides a great set of tools for remote computer management. You can do virtually anything on the remote computer you do on the local system.

These are the main features and capabilities of Atelier Web Remote Commander, no other software provides this amount of functionality:

· Access to the remote computer desktop enabling the launch of software with the mouse or keyboard.
· Simulates all keystrokes on the remote keyboard computer.
· Wakes-up from screen-savers with a mouse-click or keystroke. Deals with password protected screen-savers.
· Simulates the security attention sequence (Ctrl+Alt+Del) on the remote to enable logon and on the default desktop. The default hotkey is Ctr+Alt+D.
· Provides access to disks, partitions, folders and files. The partitions or folders are not required to be open shares.
· Remote files can be downloaded or launched in the remote system. Files can be launched as another user (equivalent to RunAs).
· Local files can be uploaded to the remote system.
· Files can be remotely zipped or unzipped.
· New directories can be made and files and directories can be renamed.
· Remote files and directories can be deleted, copied or moved.
· Allows sending or receiving the Clipboard contents: text, pictures and other standard Windows Clipboard formats.
· Provides partition information, namely File System, Type, Serial Number, Volume Label, Capacity and Free space.
· Allows visualization of shares.
· Allows visualization of users list and account details as well as Local and Global groups.
· Allows instant retrieval of password hashes, for audit of strong password policy enforcement across the organization.
· Allows visualization and management of services. Services can be started, stopped, paused, resumed and even unloaded.
· Allows visualization of processes. Processes can be killed.
· Allows remote Shutdown, Power-Off and Reboot.
· System Information (Operating System, Processor, BIOS, Memory, Display Adapter and Logical printers).
· Complete and detailed Hardware Devices list.
· Physical memory viewer.
· Port Finder, which maps applications to open ports.
· Connections and Listening Ports, TCP statistics, UDP statistics, ICMP statistics, Routing Table, DNS Servers, Persistent Routes, IP Statistics/Settings, Installed Protocols/Protocol Details, Addressing Information Table, Net to Media Table, Interface Statistics/Settings.
· Chat facility for conversation with a remote interactive user.
· Provides antialiased scaling of remote desktop for comfortable viewing on the local computer.
· Uses Windows authentication, which guarantees that only individuals with Administrator privileges on the remote system are able to connect (strong passwords are obviously recommended).
· Can use strong encryption to keep the information out of reach from prying eyes.
· Request authorization feature for obtaining approval from remote before initiating operations.
· Transparent to Firewalls.
· Works within the company's Microsoft Networks LANs and across the Internet.
· Does not open any ports - it is absolutely transparent to any firewall, providing the Microsoft Networks operation is not blocked by the firewall.

Friday, August 19, 2005

Ultra Network Analyzer

Ultra Network Analyzer from GJPSoft is a powerfully network sniffer ,packet sniffer, sockets sniffer and protocol sniffer tools. It consists of a well-integrated set of functions that you can use to resolve network problem. Ultra Network Analyzer sniffs all of network packets in real-time from multi network card (Include Modem,ISDN,ADSL) and also support capturing packet base on the application(SOCKET,TDI etc). The user can observe all of traffic of the application that you are interesting. The user can easy to learn and simple to use. Ultra network analyzer have plug-ins for different protocols such as ETHERNET, IP, TCP, UDP,PPPOE,HTTP,FTP, WINS,PPP,SMTP,POP3 and so on.

Download Link