Great Circle Associates Firewalls
(January 1998)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Ingredients list for securing a UNIX internet server...
From: Kris Zaphod Kahn <zaphod @ cybernetix . com>
Date: Wed, 28 Jan 1998 11:53:33 -0800 (PST)
To: firewalls @ GreatCircle . COM

This list of packages and utilities is mostly targetted at a Solaris 1.X/2.X
internet server, but it should be useful for other UNIX OSs as well.  Some
of which, like FreeBSD, already have many of these packages built-in.

I have put this list together over the past year, and found it to be a great
reference for anyone interested in more services or security for their UNIX
internet/intranet server.

If you have additions, comments, or URLs of other lists please send them to
me and I will summarize to the list.

Also, I am looking for packages (non-commercial) to do IP address translation
over a dual homed bastion host (sort like a Cisco PIX box).


Enjoy,
Kris

  ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^.
 <   /   /   /   /   /   /   /   /   /   /   /   /   /   /   /   /   /   /   >
  `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v'

		       Internet/Intranet Server Resource List
	      ftp://ftp.cybernetix.com/pub/unix/docs/server_reslist.txt
			        By Kris Zaphod Kahn
			       Last updated:  980128
			      _______________________

Install latest rev public OS or commercial OS + vendor patches:
--------------------------------------------------------------
 - Sun patches	ftp://sunsolve1.sun.com/pub/patches
 - SGI patches	ftp://ftp.sgi.com/support
 - FreeBSD	ftp://ftp.freebsd.org
		See install instructions for the FreeBSD boot floppy:
		http://www.freebsd.org/handbook/install.html
 - NetBSD	ftp://ftp.isc.org/pub/NetBSD/tar.gz
		(Warning, HUGE file: 2465034844 Aug 28 12:18 tar.gz)
 - MkLinux, Mac	ftp://ftp.cdrom.com/pub/linux/mklinux/FullRelease/
 - Linux, Other	ftp://ftp.cdrom.com/pub/linux/redhat
		http://www.redhat.com

Install compiler and other development tools:
--------------------------------------------
 - GNU gcc	ftp://prep.ai.mit.edu/pub/gnu
 - Perl		http://www.perl.com/perl/info/software.html
 - Perl libs	http://cuiwww.unige.ch/ftp/PUBLIC/oscar/scripts/README.html

Install Security programs and tools:
-----------------------------------
 - tripwire	ftp://ftp.cert.org/pub/tools/tripwire/tripwire-1.2.tar.Z
 - Xinetd	ftp://ftp.topsail.org/pub/security
 - ssh		http://www.cs.hut.fi/ssh
 		ftp://ftp.cs.hut.fi/pub/ssh
 - rdist/sdist	ftp://usc.edu/pub/rdist/rdist.tar.gz
 - logdaemon	http://wuarchive.wustl.edu/packages/security/logdaemon
 - tcp_wrappers http://wuarchive.wustl.edu/packages/security/tcp_wrappers
 - Pidentd	ftp://ftp.lysator.liu.se/pub/ident/servers

Special administrator programs and tools:
----------------------------------------
 - traceroute	ftp://ftp.ee.lbl.gov/traceroute-1.4a4.tar.Z
 - tcsh		http://wuarchive.wustl.edu/packages/shells/tcsh
 - top		ftp://ftp.groupsys.com/pub/top
 - SNMP		ftp://ftp.ece.ucdavis.edu/pub/snmp/ucd-snmp.tar.gz
 - Mon		ftp://consult.ml.org/pub/mon
 - PGP		http://www.ifi.uio.no/pgp/pgp.shtml
 - swatch	ftp://ftp.stanford.edu/general/security-tools/swatch.tar.gz
 - sudo		???

Install latest versions of internet services:
--------------------------------------------
 - BIND		ftp://ftp.isc.org/isc/bind/
 - DHCP		ftp://ftp.isc.org/isc/dhcp/
 - INN		ftp://ftp.isc.org/isc/inn/
 - POP		ftp://ftp.qualcomm.com/quest/unix/servers/popper
 - NTP		ftp://louie.udel.edu/pub/ntp/
		http://www.eecis.udel.edu/~ntp>
 - Imap		http://www.imap.org
		ftp://ftp.cac.washington.edu/mail/imap.tar.Z
 - Sendmail	http://www.sendmail.org
        and DB	http://www.sleepycat.com/db
 - WU-FTPd	http://wuarchive.wustl.edu/packages/wuarchive-ftpd
 - Apache HTTPd	http://www.apache.org
 - Squid proxy	http://squid.nlanr.net/Squid
		ftp://squid.nlanr.net

Special mail programs and tools:
-------------------------------
 - pine		ftp://ftp.cac.washington.edu/mail/pine.tar.Z
 - elm		ftp://ftp.uu.net/networking/mail/elm/
 - metamail	ftp://ftp.uu.net/networking/mail/metamail/
 - Majordomo	ftp://ftp.greatcircle.com/pub/majordomo/majordomo.tar.gz
 - procmail
    ftp://ftp.informatik.rwth-aachen.de/pub/packages/procmail/procmail.tar.gz

Special web programs and tools:
------------------------------
 - wwwpass2	ftp://ftp.atlantic.net/pub/src/mp/wwwpass2.tar.gz
 - wwwstat	http://www.ics.uci.edu/WebSoft/wwwstat
 - analog	http://www.gamesdomain.com/analog
		ftp://ftp.statslab.cam.ac.uk/pub/users/sret1/analog
 - access_watch	http://accesswatch.com
 - wwwcount	http://www.fccc.edu/users/muquit/Count.html
 - Total CGIs	http://www.worldwidemart.com/scripts
 - AFP et al	http://www.interra.com/freestuff.shtml
 - htgrep	http://iamwww.unibe.ch/~scg/Src/
 - Lynx		http://www.browser.org

Misc security references & server hacks:
---------------------------------------
 - ISP Tools	http://www.westnet.com/providers
 - Sol 2.5 binaries http://smc.vnet.net/solaris_2.5.html
		ftp://opcom.sun.ca/pub/freeware/
 - SGI Freeware http://reality.sgi.com/ariel/freeware
		[includes DB 1.85 with IRIX patches]
 - SSH in pkgadd format:
		ftp://ftp.dice.ucl.ac.be/pub/packages/sshpkg1.2.14.tar.gz
 - SSH clients for Windows (3.1, 95, NT) and Macintosh:
		http://www.datafellows.com/f-secure
 - misc security ftp://ftp.khoral.com/pub/security/cert/tools

  ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^. ,^.
 <   \   \   \   \   \   \   \   \   \   \   \   \   \   \   \   \   \   \   >
  `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v' `v'

-- 
  _____  _  _______ ____________  Kris Allan Kahn - zaphod @
 cybernetix .
 com
 /__  / /.\ | . \ |_| / __ \ __ \ Systems Engineer - Cybernetix Technologies
   / /_/ _ \| __/  _  \ \/ / |/ / Every exit is also an entrance.
  /_____/ \___| |_| |_|\__/|___/                     -Zen saying

Indexed By Date Previous: Printing firewall-1 rules
From: David Brown <davebr @ iprolink . ch>
Next: Re: Proxy Server and FW-1
From: rdew @ el . nec . com (Bob De Witt)
Indexed By Thread Previous: RE: Printing firewall-1 rules
From: Patrick Lee <pat @ patlee . org>
Next: Re: Ingredients list for securing a UNIX internet server...
From: Stefan Jon Silverman <sjs @ sjsinc . com>

Google
 
Search Internet Search www.greatcircle.com