Security Tools

Encryption

• PGP - This is a Public Key based encryption software package that can be used for file encryption, e-mail encryption, and digital signatures across many platforms.

Firewalls

• Windows XP's Internet Connection Firewall - The firewall that comes with XP.
• ZoneAlarm - a personal Firewall for Windows Systems. It is free for home and non-profit use. Be sure to follow the License restrictions.
• Tiny Personal Firewall - a free personal firewall.
• Kerio Personal Firewall 2 - For Windows 98, Me, NT, 2000 and XP. This program is free for home use.
• Norton Personal Firewall for Macintosh - Previously was known as DoorStop Personal Edition.
• DoorStop Server Edition - A firewall that protects Mac OS 8 and 9 servers.

Monitoring Tools

• Active Ports - Maps ports to the owning application and displays a local and remote IP address.
• TCPView - Maps ports to the owning application and displays a local and remote IP address.

Scrubbing Tools

The information on devices or media must be erased and not recoverable before they are disposed of, surplussed or transferred within or between departments. (You must attach this tracking document to the device, and abide by the disposal of electronic information policy). Use the following tools to 'scrub' the data away:

• SHRED2 - Shredding software that meets or exceeds current US Government standards for destroying data.
• Darik's Boot and Nuke - a self-contained boot floppy that securely wipes the hard disks of most computers.
• Autoclave - hard drive sterilization on a bootable floppy.
• HIPAA's Disk Sanitation guidelines - A good site on Disk Sanitization with several links.
• Disc Wipe Utility - open source US Government spec wipe tool for Linux, FreeBSD, OpenBSD and Windows.

SpyWare Detection / Removal

• Ad-Aware - Scan your memory, registry, hard, removable and optical drives for known datamining, aggressive advertising, and tracking components for removal. There is a free and purchased version.
• Spybot - Scan your memory, registry, hard, removable and optical drives for known datamining, aggressive advertising, and tracking components for removal. Free but donation requested.

UNIX/LINUX Tools

Most if not all of the tools listed below can be found from one of the sites listed on the CERT Security Tools: Information and Sources web page.

• COPS - This is a security assessment tool that will give you reasonable assurance that the classic security holes have been corrected.
• TCP Wrapper - This is a logging and control package that will give you better control of the TCP based services that your system is running.
• Tripwire - This is a file fingerprinting package that computes checksum based signatures for the critical files on your system and detects if there have been any unauthorized changes to the files.
• SSH - This is a secure replacement for telnet, ftp,and other protocols. It is available in both freeware and commercial versions.
• lsof - This is a package for displaying open files and the processes that have them open.
• swatch - Simple Watcher Program, is a package used to filter and monitor log files.
• cpm - This package checks a systems network interface to determine if it is in promiscuous mode.
• vsftpd - An FTP daemon designed with security as its number one priority.
• SNARE - An host based intrusion detection software.

Virus Detection / Removal

• McAfee's AVERT Stinger utility - a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but is useful if your computer is already infected.
• AntiVirus Software for Vanderbilt University Users - AntiVirus software is available to the University community at no charge to the individual or department. This is a critical application that all users should download, configure and use.
• AntiVirus Software for Vanderbilt University Medical Center Users - AntiVirus software is available to VUMC users at no charge to the individual or department. This is a critical application that all users should download, configure and use.