Fermilab Computing Division
Search

Computer Security Software Tools

sidemenu
Security Home Page
ALERTS
Policy Guidelines
Technical Info
Support and Services
Certificates
Meetings and Events
Contacts
Restricted Access

If you're looking for tools related to KCA certificates, remember to go back to the new KCA certificate pages for instructions.

Windows Certificate-Related Tools

Windows NetIDManager

Fermi Kerberos Client-only for Windows/Cygwin, link removed as this package is badly out of date and no longer supported.


Linux Certificate Related Tools

Get Cert  Linux KCA & Mozilla auto-import utility - modified 9/21/2009 changes behavior for Globus users.  The password prompted for is now actually used and is needed to decrypt the .globus/*.pem certificate files then they are used.

kx509 client version 1.05 supporting the '-s servername' option and HSM operation w/1024 keybits compiled on SLF 5.2

kx509 client version 1.05 supporting the '-s servername' option and HSM operation w/1024 keybits compiled on SLF 4.2

kx509 client version 1.05 supporting the '-s servername' option and HSM operation w/1024 keybits compiled on Ubuntu 8.04

kx509 client version 1.05 source code


Misc. Linux Tools

Script to make a keytab for a shared account (i.e. a local system account which does not have a Kerberos principal) to allow use of kcron.  You might have requested the creation of a Special Kerberos principal with a name of the form account/cron/fully-qualified-domain-name and have the password for the principal.  You then run the script in the shared account on the selected system and a keytab file will be created that kcron will use.

Mac Certificate Related Tools

Get Cert for Mac OSX  Firefox and Keychain auto-import utility - modified 9/4/09 to support Snow Leopard and new client binaries kx509 v1.05 below; fixed issues for Globus users and making the certifficate and key files in the .globussubdirectory of tue user's home area including actually enforcing the user of the PEM decryption password for which the user is prompted. Users will have to use this password when using the PEM files. Modified 11/6/2009 to fix success message (if a browser is running) and to add -t option to get certificate from the Test KCA server.

* For those of you manually importing the cert, you'll need the temporary password: aeiou

kx509 client version 1.05 supporting the '-s servername' option and HSM operation w/1024 keybits compiled on OSX as a Universal Binary




Firefox/Thunderbird Extensions

  • Add a quick launch button for the Certificate Manager in Thunderbird and FireFox. (After installing, drag the Cert Mgr icon from your View->Toolbars->Customize menu to your toolbar)
         Install Cert Manager Extension! UPDATED TO SUPPORT FF 3.5. SEE THE CST BLOG FOR UPDATING INSTRUCTIONS


  • Quick View Switcher for Thunderbird. This Thunderbird add-on will allow you to quickly switch between HTML, Simple HTML, Plain Text and the hidden RAW message view modes with the click of a button. To install, download the View Switcher to a location, launch Thunderbird and install it through the Add-Ons menu and restart Thunderbird. After restarting, open up your View->Toolbars->Customize menu and drag the View Switch icon to your toolbar. UPDATED TO SUPPORT AUTO-UPDATING. SEE THE CST BLOG FOR UPDATING INSTRUCTIONS



    • *MeNow Self Service Suite

    ScanMeNow. Quickly perform a Critical Vulnerability or Full Nessus scan against your computer.

    PortScanMeNow. You may now quickly port scan your system using the same options that the CST scanners use to test if your services can withstand aggressive scanning.

    SurfMeNow. SurfMeNow will attempt to connect to a FNAL URL from outside the FNAL border so you can test your security controls.

    ExploitMeNow (experimental). You may now attempt to verify if your system is vulnerable to certain client side exploits.

    DefendMeNow (experimental). A Python script written by Don Petravick to monitor some ports to detect and temporarily IPCHAINS off grredy port scanners

    Nessquik. More powerful Nessus web client. Allows much finer grained control of scans than ScanMeNow.

    Spyware/Adware Removal Tools

    Spybot - Search and Destroy

    Lavasoft Ad-Aware

    Microsoft AntiSpyware

    McAfee Site Advisor



    Certificate Testing Tools

    Test your certificate to ensure your browser has it loaded properly



    Unsupported

    Test your Popup Stopper (offsite link)


    Other useful utilities written by (but not officially supported by) various CST members:

    Joe Klemencic's Windows Utilities

    Tim Rupp's Utilities and Videos

    (more to come)

     

     

     

    For assistance contact helpdesk@fnal.gov.
    Information compiled and maintained by Computer Security Team ; last modified by FJN on November 6, 2009.
    (Address comments about page to the Computer Security Team.)