Tool tests on the fast track

Inadyn 1.99.13

Compact DDNS client


License: GPLv2

Alternatives: Ddclient

For remote access to your computers at home, you need either a static IP address from your provider or the Dynamic Domain Name Service (DDNS). The Inadyn tool sees itself as an interface between the operating system and a DDNS provider. The client, as used in embedded devices like routers, supports more than 20 external services out the box. For some, such as DynDNS, FreeDNS, Loopia, or, it even encrypts the communication with HTTPS. However, Inadyn does not check SSL certificates.

The tool connects to the page and parses the response file to determine your address. Inadyn can be controlled either in the shell with command-line options or by using the /etc/inadyn.conf configuration file. The file contains the access data for one or more DDNS providers, as well as global settings, such as the cache directory, log, and PID files.

To set up a service that Inadyn does not natively support, you can resort to the generic DDNS plugin. You need to add information such as the server name and the URL to the configuration file, along with the access data. Once the setup is complete, start the tool using the inadyn command.

4 Stars --Inadyn is a reliable DynDNS client with SSL support. The man page provides examples but little in the way of explanation, accounting for the rating deduction. Checking out the GitHub repository is advised, because the website is out of date.

MyPasswords 2.95

Java password manager


License: LGPLv2

Alternatives: KeePass, Password Gorilla

MyPasswords offers a mnemonic for all users who battle with many passwords on a daily basis. As a Java program the tool runs on all major platforms. After unpacking the archive, type ./ to launch and unlock the password safe using the default password 12345678; you will want to change that without delay.

The New Password dialog is for setting up new passwords. Each entry includes a unique title, a meaningful description, a username, and a password. By default, asterisks appear as you type. A click on the button with the eye reveals the password. A traffic light with colored asterisks indicates the password strength. Each password must be at least eight characters long. Optionally, users can define key words for an entry. These tags offer quick access to the data; a search function looks for titles or key words.

MyPasswords comes with a slightly old-fashioned interface, but in terms of functionality, there are very few complaints. The tool does lack some configuration options, and an option for adjusting the time interval for your own inactivity would be nice. Since MyPasswords in this version only provides the ECB mode of AES, it's not the tool to store top-secret authentication-information. But it might do for private use.

2 Stars --MyPasswords comes with a slightly old-fashioned interface, but in terms of functionality, there are very few complaints. The tool does lack some configuration options, and an option for adjusting the time interval for your own inactivity would be nice.

Psad 2.2.5

Track down suspicious network traffic


License: GPLv2

Alternatives: PortSentry, Snort

The Port Scan Attack Detector (Psad, for short) monitors iptables logs and raises an alarm by email if it senses port scans or break-in attempts. It sends meaningful messages to the system administrator with information about the source, the target, the scanned area, timestamps, TCP flags, and Nmap options. Alternatively, psad blocks addresses with a new iptables rule. The tool supports both the IPv4 and the IPv6 version of iptables and requires an MTA to send messages. Additionally, iptables logging must be enabled.

To detect attack attempts, psad relies on Snort rules, of which the source archive includes 51. In the setup file, /etc/psad/psad.conf, admins can set thresholds that determine at what point an external IP address is considered to be a threat. Psad differentiates between the number of scan attempts and the range of scanned ports. Once the limit has been exceeded, the tool assigns the address a risk level.

On the basis of this information, admins can define further actions, including blocking external IPs. By default, Psad sets up a rule that locks an address for an hour; it permanently blocks IP addresses classified as particularly critical. To lift this block, the system administrator must intervene manually.

5 Stars --Psad does its job reliably and helps improve the security of a system. It offers numerous options, which the well-documented sample configurations and the instructions on the website will help you understand.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More