Les deux révisions précédentesRévision précédenteProchaine révision | Révision précédente |
informatique:reseau:securite [09/08/2010 16:08] – cyrille | informatique:reseau:securite [29/04/2023 12:24] (Version actuelle) – [Fail2Ban] cyrille |
---|
http://cwe.mitre.org | http://cwe.mitre.org |
| |
| [[/informatique/reseau/securite/traces_de_scan_bot_http]] |
| |
| [[http://www.backtrack-linux.org|BackTrack – Penetration Testing Distribution]]: Une distribution Linux dédiée aux tests de pénétration. |
| |
| * [[https://www.ipdeny.com/ipblocks/|IPdeny country block downloads]] |
| |
===== Tests ===== | ===== Tests ===== |
==== KeePass ==== | ==== KeePass ==== |
| |
http://keepass.info | Gestionnaire de mots de passe et autres secrets: [[/informatique/KeePass|/informatique/KeePass]] |
| |
Pour mobile: [[http://www.keepassmobile.com|www.keepassmobile.com]] et [[http://keepassj2me.sourceforge.net|keepassj2me.sourceforge.net]]. Attention, ces 2 versions mobiles ne savent exploiter que les fichiers de la version 1 de KeePass. | |
| |
==== Protection active ==== | ==== Protection active ==== |
| |
http://denyhosts.sourceforge.net/features.html | http://denyhosts.sourceforge.net/features.html |
| |
| === Crowdsec === |
| |
| * [[/informatique/securite/crowdsec]] |
| |
=== Fail2Ban === | === Fail2Ban === |
Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. | Fail2ban scans log files like /var/log/pwdfail or /var/log/apache/error_log and bans IP that makes too many password failures. It updates firewall rules to reject the IP address. |
| |
http://www.fail2ban.org/ | * [[/informatique/system_admin/fail2ban]] |
| |
=== mod_evasive === | === mod_evasive === |
==== Blacklist ==== | ==== Blacklist ==== |
| |
Phishing, Malware, Spam Protection. | === Phishing and Malware Protection === |
| |
| L'hameçonnage ou filoutage (phishing) est une technique de dissimulation d'adresse URL utilisée malhonnêtement pour tromper les internautes. |
| |
Outils Google : | Outils Google : |
* Google diagnostic: http://www.google.com/safebrowsing/diagnostic?site=http://www.giquello.fr | * Google diagnostic: http://www.google.com/safebrowsing/diagnostic?site=http://www.giquello.fr |
* Signaler une erreur dans les alertes d'usurpation d'identité (protection contre les attaques phishing Firefox): http://www.google.com/safebrowsing/report_error/?tpl=mozilla | * Signaler une erreur dans les alertes d'usurpation d'identité (protection contre les attaques phishing Firefox): http://www.google.com/safebrowsing/report_error/?tpl=mozilla |
| * [[http://code.google.com/intl/fr/apis/safebrowsing/|Google Safe Browsing API]] : The Safe Browsing API is an experimental API that enables client applications to check URLs against Google's constantly updated blacklists of suspected phishing and malware pages. Your client application can use the API to download an encrypted table for local, client-side lookups of URLs that you would like to check. |
| |
Outils Mozilla : | Outils Mozilla : |
| |
Pages de test Firefox: You can test to see if Firefox's Phishing Protection is active by trying to visit our [[http://en-us.www.mozilla.com/firefox/its-a-trap.html|phishing test site]] and the [[http://en-us.www.mozilla.com/firefox/its-an-attack.html|malware test site]]. [[http://en-us.www.mozilla.com/en-US/firefox/phishing-protection/|More info about Firefox's Malware and Phishing Protection]]. | Pages de test Firefox: You can test to see if Firefox's Phishing Protection is active by trying to visit our [[http://en-us.www.mozilla.com/firefox/its-a-trap.html|phishing test site]] and the [[http://en-us.www.mozilla.com/firefox/its-an-attack.html|malware test site]]. [[http://en-us.www.mozilla.com/en-US/firefox/phishing-protection/|More info about Firefox's Malware and Phishing Protection]]. |
| |
| Autres: |
| * http://www.phishtank.com ([[http://www.phishtank.com/developer_info.php|Developper page]]) |
| * http://www.stopbadware.org |
| |
| === Spam protection === |
| |
| http://www.rbl-watcher.com/list-rbl |
| |
| |
===== Conseils ===== | ===== Conseils ===== |