Linux network security tools-Johntheripper, Logcheck, and Tripwire

Linux Network Security Tool-Johntheripper

In Linux, passwords are stored in hash format. You cannot reverse analyze the passwords from the hash data table, but you can use a group of words to hash them and then compare them with them, if the password is the same, you can guess the password. Therefore, it is critical to start a password that is hard to guess. Generally, you cannot use a word in the dictionary as a password, which is quite easy to guess. In addition, some common regular alphabetic numbers cannot be used as passwords, such as 123abc.

Johntheripper is an efficient and easy-to-use password guess program whose home page is in http://www.openwall.com/john/

Download the forUNIX program in the tar.gz format and unbind it to any directory using the tarxvfzjohn * .tar.gz program. Go to the src directory and go to the makeLinux-x86-any-elf (I'm using redhat6.1). Several execution files, including the main program john, are generated under the run directory. Run the./john/etc/passwd command to run the Crack password.

John can also Crack the password generated by htpasswd to verify apache users. If you use htpasswd-capachepasswduser to create a user and generate a password, you can also use johnapachepasswd to guess. John output the password on the terminal when he guessed it, and stored the password in the john. pot file.

Another passwordCracker is the classic Cracker you know. Home Page in http://www.users.dircon.co.uk /~ Crypto/

Linux Network Security Tool-Logcheck

Logcheck is a tool used to automatically check system security intrusion events and abnormal activity records. It analyzes various Linuxlog files,

Such as/var/log/messages,/var/log/secure,/var/log/maillog, etc. Then, an issue report that may have security problems is generated and automatically sent to the Administrator. You can set it to run automatically on an hourly basis or every day using crond.

The homepage of the logcheck tool is.

Use logcheck to analyze all your logfiles, avoiding the need to manually check them every day, saving time and improving efficiency.

Linux Network Security Tool-Tripwire

Tripwire is a very useful tool for verifying file integrity. You can define which files/directories need to be checked, but the default setting can meet most requirements, it runs in four modes: Database generation mode, database update mode, file integrity check, and interactive database update. When the database is initialized, it generates database files for various information about existing files. In case your system files or configuration files are accidentally changed, replaced, or deleted, it compares existing files based on the original database every day to find out which files have been changed. You can determine whether there are system intrusions or other unexpected events based on the e-mail results.

Tripwire home page in http://www.tripwiresecurity.com, tripwire-1.2.3 version you can use for free. If you use RedhatLinux6.1, you can also get the latest Tripwire-1.2.3 for 6.1 Reconstruction

(Http://rufus.w3.org/Linux/RPM/powertools/6.1/i386/tripwire-1.2-3.i386.html) When you manually change the configuration file or program in the system, you can manually generate a database file again, run tripwire-initialize to create the databases directory in the current directory and generate a new system database file under the directory. Then cp to the/var/spool/tripwire directory to overwrite the old one.

Code:

 
 

  
  
while(!Search(MeiMei))  
  
  
 
  
  
printf(";)");  
  
  
 
  
  
printf("：)"); 
 
 

The Johntheripper, Logcheck, and Tripwire tools in Linux network security tools are all described.