Un parell d’eines de seguretat: THC-HYDRA i The Doorman

Reading time: 1 – 2 minutes

THC-HYDRA

Number one of the biggest security holes are passwords, as every
password security study shows.Hydra is a parallized login cracker which
supports numerous protocols to attack. New modules are easy to add, beside
that, it is flexible and very fast.

Protocols suportats: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, LDAP, SMB,
SMBNT, MS-SQL, MYSQL, REXEC, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP,
NNTP, PCNFS, ICQ, SAP/R3, Cisco auth, Cisco enable, Cisco AAA (incorporated in
telnet module).

– – – – –

The Doorman -or- “Silent
Running”

This project allows a server to run silently, invisibly, with all TCP
ports closed… except to those who know… the secret knock!

Només deixa visibles els ports TCP a les IPs previament acceptades,
per la resta d’IPs el host esta apagat. Metafora usada al propi host:

The doorman daemon “guards the door” of a host, admitting only
recognized parties. It allows a server which is not intended for general public
access to run with all of it’s TCP ports closed to the outside world. A
matching “knocker” is provided, with which to persuade the doorman to open the
door a crack, just wide enough for a single TCP connection from a single IP
address.