LINUX Security Tools and Resources

This page is dedicated to system security from a Hacker AND System Administrator's viewpoint. As a System Administrator myself, being informed with current information is one of many tools we need to be effective.

My good friend bbuster has one of the best personal archives of tools around. Check out Bronc Buster's Code Archive.

To help you understand security from a hacker perspective I have a link to Hacking Sites dedicated to challenge your skills as a System Administrator. Note: Everytime you select the "Hacking Site" link you will be taken to a different site.

First, let's review some basics. I've collected some pubs that should be required reading for every SysAdmin:

There has been a lot of publicity about the "SATAN" program. The SATAN FAQ should answer most of your questions. To run SATAN on your Linux machine, you need to modify the source slightly. You can get the SATAN program and the patches for Linux at

TCP/IP and Ethernet sniffers are the bane of good security. Other than encrypting your packets or using the newer tunneling technologies, password compromise is always a possibility. A good policy of terminals being used ONLY by authorized users is a good start to getting a hand on this. Also, avoid using the ROOT shell as much as possible from remote terminals. If you need to do system maintenance try to do it right at the server. User access should be compartmented, a strict policy of "need to know or access" for users will ensure any passwords sniffed will limit the damage.

To give you an idea of some of the tools available for the average hacker, here's some sniffer source and programs:

Read the Sniffer FAQ