Free dadobra trojan software for linux

Secure Data Manager project is a manager for passwords and other private data.
Secure Data Manager (SDM) is a full-featured password manager application written entirely in Java (so it can run on Unix or Windows). It encrypts logins and other private information for Web sites, computers, credit cards, etc.
Main features:
- Many great features and more coming each month based on user feedback!
- No limit to how you use the product or how often!
- Trusted since you and everyone else can see the code that protects your passwords -- keeping the application clear of any trojans or bad business practices.
- Open source -- so if you know how to write code, you can add any feature you want!
- Free.

Email Security through Procmail (the Procmail Sanitizer) provides methods to sanitize email, removing obvious exploit attempts and disabling the channels through which exploits are delivered.
Email Security through Procmail also provides facilities for detecting and blocking Trojan Horse exploits and worms.
Enhancements:
- This release added default poisoning of the application/x-msdownload MIME type in response to a new worm.
- Full MIME-type poisoning support will be available shortly.
- This release was accelerated for security reasons.

Firewall by Jim is a firewall that takes advantage of tcp_wrappers information to block users. I got tired of the firewall scripts out there not doing what I wanted them to.. I wanted a firewall that was flexible to use, but did its job. I wanted one that could be configured to any circumstance easily without changing the script itself. That is why I designed my firewall to use simple text files for configuration ease.

I have built in mutlple mean of protection into the firewall itself. Of the most notable is the hacker, trojan, spam, and blacklist capabilities.

The hacker protection will prevent the outside world from running unwanted commands. If you choose to enable this function.

The hacker protection will prevent the outside world from running unwanted commands. The trojan protection has two different levels. Standard and Intensive. The standard protection only protections from known linux and unix trojans. Where as the intensive will protect from all known trojans from windows, linux, and unix based.

The spam protection will block any IP address which is in list, from sending mail to your SMTP server.

The blacklist protection will block total communications to a site. I have also included a blacklist update script which will pull blacklist information from http://www.dshield.org .

Script for a multi-homed firewall is an example IPTables 1.2.1 script for a dual-homed firewall.

This script has not yet been tested thoroughly on a dual-homed firewall. If you find any problems, please drop me an email.

Current versions and documentation are available at http://www.sentry.net/~obsid/IPTables/rc.scripts.dir/current/

## User-defined Chains ##

Chain KEEP_STATE
The KEEP_STATE chain holds a few rules for generic stateful packet filtering.
This chain is called from many of the INPUT/OUTPUT chains to DROP "INVALID"
and perhaps "UNCLEAN" packets and allow other packets from "RELATED" or
"ESTABLISHED" connections.

CHECK_FLAGS
The CHECK_FLAGS chain contains a few rules to filter based on TCP flags.
These rules do indeed filter mainly bogus/malicious traffic(scans, etc). It
would be a good idea to keep an eye on what these rules send to the logs.
Null scans are also logged and dropped, in the mangle table.

DENY_PORTS
The DENY_PORTS chains contains a few rules to DROP and/or LOG packets based
on the source and/or destination port number of the packet.

Packets destined to/from the following ports are dropped by default in the script. These are just some examples of some commonly used ports that certain daemons/trojans/DDoS agents may utilize.

## TCP ##
137:139 SMB
2049 NFS
6000:6063 X
20034 Netbus 2 Pro
12345:12346 Netbus
27374 SubSeven
27665,27444,31335 Trinoo
10498,12754 Mstream

## UDP ##
2049 NFS
31337 BO2k
27444,31335 Trinoo
10498 mstream

These are just examples to stare at. They guarantee no real protection against the associated trojans.

For more common port numbers check out:
http://www.sans.org/newlook/resources/IDFAQ/oddports.htm

ALLOW_PORTS
The ALLOW_PORTS chain simply ACCEPTs packets based on port number. If you have
a default FORWARD policy of DROP, then you would need to utilize a chain like
this if you are DNATing/routing connections behind the firewall or perhaps
running services on(!!!) the firewall.

ALLOW_ICMP
The ALLOW_ICMP chains simply allows packets based on ICMP type. Currently
the firewall allows the flow of the following ICMP types:
Echo Reply (pong)
Destination Unreachable
Echo Request (ping)
TTL Exceeded (traceroute)

SRC_EGRESS && DST_EGRESS
The SRC_EGRESS and DST_EGRESS chains filter packets that have a source or
destination IP address matching an array of private or reserved subnets.

TOS_OUTPUT
The TOS_OUTPUT chain exists in the mangle table and mangles the TOS(Type
of Service) field in the IP header of locally generated, outgoing packets.

TOS_PREROUTING
The TOS_PREROUTING chain exists in the mangle table and mangles the TOS(Type
of Service) field in the IP header of packets being routed through the firewall.

The following user-defined chains are pretty obvious. The firewall script is designed to have a user-defined INPUT and OUTPUT chain for every available interface. From these user-defined chains are called the user-defined chains
mentioned above, which I call "Special Chains". The chains below are then called by the built-in INPUT/OUTPUT/FORWARD chains. This isnt really the rule, of course, alot of the user-defined chains mentioned above are called directly from the built-in INPUT/OUTPUT/FORWARD chains. This is done to assure proper flow of the packets through the filters.

EXTERNAL_INPUT
INTERNAL_INPUT
DMZ_INPUT
LO_INPUT
EXTERNAL_OUTPUT
INTERNAL_OUTPUT
DMZ_OUTPUT
LO_OUTPUT

Scam-grey is a milter which filters mail originating from MS Windows hosts. Scam-grey filter provides you the ability to mitigate the flow of unwanted email from such hosts using grey listing.

How it works:
On the first delivery attempt from a Windows host, Scam-grey generates a temporary error message. Subsequent delivery attempts made after the delay period will be allowed through. Unlike standard mail servers, virus, trojan infected hosts and zombies are not designed to retry the delivery after a temporary failure.

Scam-grey pairs

the helo string
the IP address of the sending server (host)
as a record and returns a temporary failure (SMTP code 450 extended code 4.7.1) if the host is greylisted.

The record is expired if there is no connection for the matching record within the next 24 hours. Click here to see a sample of mail servers which are currently greylisted

Pre Make Kit (PMK) aims to be a BSD alternative to GNU autoconf, GNU libtool, and pkg-config. Pre Make Kit uses data files instead of scripts to limit the spreading of trojans in software packages.
Its designed to be easy to use for users and developers. For better portability and efficiency, all of the components are written in C. Requirements are a POSIX system, a C compiler, a POSIX shell, and a make tool.
Main features:
- Dependency configuration like autoconf (with partial compatibility mode).
- Compiler detection to set shared library flags.
- Architecture and cpu identification (support for x86 32 and 64 bits, IA64 and alpha).
- Internal pkg-config support (faster than calling pkg-config).
- Use a data file instead of a shell script that could hide trojans.

About AVG Anti-Virus:

• AVG Professional Single Edition is perfectly designed to give you the maximum antivirus protection for your single home PC or workstation.
• It is simple to install and operate. No IT expertise is required and it can run in the background, providing uninterrupted protection. All file and e-mail activity is checked automatically, allowing you to get on with your work without worrying about viruses.
• It is extremely fast, reliable and light on resources, so, no matter how demanding a user you are, it will not slow down your performance.

Enhancements: Added detection of new variants of trojans SHeur2.ANNO, BackDoor.Hupigon5.LCW, SHeur2.ANOR, Downloader.Generic8.AXOI, PSW.Banker5.ONF, Generic13.BPUS.