Forensic analysis

If you wish to gather more information, the tct (The Coroner's Toolkit from Dan Farmer and Wietse Venema) package contains utilities which perform a post mortem analysis of a system. tct allows the user to collect information about deleted files, running processes and more. See the included documentation for more information. These same utilities and some others can be found in Sleuthkit and Autopsy (http www.sleuthkit.org ) by Brian Carrier, which provides a web front-end for forensic analysis...

Irpas

While xprobe provide only remote operating system detection (using TCP IP fingerprinting, nmap and knocker do both operating system detection and port scanning of the remote hosts. On the other hand, hping2 and icmpush can be used for remote ICMP attack techniques. Designed specifically for SMB networks, nbtscan can be used to scan IP networks and retrieve name information from SMB-enabled servers, including usernames, network names, MAC addresses. . . On the other hand, fragrouter can be used...

CVE compatibility

Debian Security Advisories were declared CVE-Compatible (http www.debian.org security CVE- certificate.jpg)2 in February 24, 2004. Debian developers understand the need to provide accurate and up to date information of the security status of the Debian distribution, allowing users to manage the risk associated with new security vulnerabilities. CVE enables us to provide standardized references that allow users to develop a CVE-enabled security management process (http www.cve.mitre. org...