Projects

Secure Ideas is a group of security minded people that are very interested in open source projects. Below is a list of a few of the ones we have been involved in.

BASE

The Basic Analysis and Security Engine (BASE) is the most popular front end to analyze Snort IDS alerts. This project is in its third year of development and is continuing on strong. Secure Ideas started this project because the ACID project had lapsed. We have grown it to 10 developers and had it translated into almost 20 languages. It is written in PHP and supports multiple database back ends including MySQL, PostGRESQL and Oracle.

More information is available at http://base.secureideas.net

Hping2 for Windows

Hping2 is a packet generation utility originally written for UNIX. It was ported to Windows by Rob Turpin. When Windows XP SP 2 came out, it broke hping2 and a number of other tools. One of the founders of Secure Ideas decided to fix this. He updated Hping2 for Windows so that it would work along with fixing a number of other bugs.

This version of Hping2 is available from the SecTools site. You can more information about hping2 in general from hping.org

SecTools

SecTools is a collection of Security tools that Secure Ideas is sponsering. It is made up of tools that we have either written from scratch or updated due to various needs. The project covers quite a bit of ground. We try to show some of its pieces below.

The SecTools project is available at http://sectools.secureideas.net

SecTools::WebArmor

WebArmor is part of the SecTools project. It is a set of perl scripts used to generate application firewall configurations. Currently, it is designed to work with modsecurity but it is designed in a way to allow anyone to add support for others. It uses one of three means to determine what to allow within the application. These ways are

• Reading access and error logs
• Spidering the site
• Sniffing the web traffic live off the wire

More information regarding SecTools::WebArmor is available at http://webarmor.secureideas.net.

SecTools::Tweety

The Tweety project's goal is to create a series of software and configurations to help companies roll out canary host sensors. These sensors are used to help isolate any malware spreading through a network. The project uses Snort as the base to build on. It was originally announced at the 2006 University of Florida's IT Security Awareness Day.

More information is available from http://tweety.secureideas.net

SecTools::Nikto-NSE

Nikto-NSE was created after the Google Summer of Code in 2006. Diman Todorov wrote the initial version of the Nmap Scripting Engine for insecure.org during the SoC 2006. We felt that this was a wonderful addition to nmap, already a great tool. And we wanted to create some add on scripts. To test out our ability to write them, we chose to port some of the Nikto web checks to NSE. During this, we realized that it would take a long time to create them all, and decided why not script it. We created Nikto-NSE to generate a series of NSE scripts based on the Nikto database.

For more information, please visit the SecTools project page.

For comments or questions about Secure Ideas, please email the Webmaster
©2006 Secure Ideas • All Rights Reserved