[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux)

To: "bugtraq" <bugtraq@xxxxxxxxxxxxxxxxx>, "full-disclosure" <full-disclosure@xxxxxxxxxx>
Subject: [Full-Disclosure] Tool Announcement: AIRT -- the Advanced Incident Response Tool (linux)
From: "madsys" <madsys@xxxxxxxxxxxxxxxxxx>
Date: Fri, 3 Dec 2004 17:52:36 +0800

hey all,
        
        I'm proud to announce that the AIRT 0.1 is now available:
        http://159.226.5.93/projects/airt-0.1.tar.bz2

        AIRT (Advanced incident response tool) is a set of incident response 
assistant tools on linux platform. It's useful when you want to know what evil 
program is resident on your broken system and what the hell it is. It consists 
of 5 useful tools now:

mod_hunter: looks for hidden module on the suspect system.

process_hunter: looks for hidden process from kernel on the suspect system.

sock_hunter: looks for hidden port from kernel on the suspect system.

modumper: dumps the hidden module into file.

dismod: trys to analyze the dumped module.


Note: it only supports 2.6 kernel now, will support 2.4 kernel later.

We will be happy to get any suggestion and bug report ;-P


　　madsys

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] Gaim Festival Logoff Vulnerability <= 0.81 (1.03)
Next by Date: [Full-Disclosure] iDEFENSE Security Advisory 12.03.2004: Apple Darwin Streaming Server DESCRIBE Null Byte Denial of Service Vulnerability
Previous by thread: [Full-Disclosure] Gaim Festival Logoff Vulnerability <= 0.81 (1.03)
Next by thread: [Full-Disclosure] iDEFENSE Security Advisory 12.03.2004: Apple Darwin Streaming Server DESCRIBE Null Byte Denial of Service Vulnerability
Index(es):
- Date
- Thread