Fatum Enterprise and Fatum Toolkit beta/evaluation request

Dear Security Focus Security Community:

As a computer security researcher and a professional programmer, I've had a vision of a unified security center capable of handling the multitude of possible computer security problems most security professionals face. I've been developing plans for the creation of a unified security model for years, and been very unsatisfied with the high level tools that have been produced to date.

I've been focused heavily on building this product and I'm still not content with its current feature set, although through strong encouragement from the people around me, I'm putting the preliminary Beta release for public examination.

The programs that are open for Beta testing are:

FATUM Client/Security Toolkit

Fast and easy installation with extensive automation for detecting the security profile of the host
Full GUI control over all components
Standalone and Client-Only modes
File Integrity (SHA-1 hashes, auto-file discovery) Registry Integrity (SHA-1 hashes, stores previous values, auto-critical key discovery)
Security Policy Enforcement (Auto-platform detection, auto-enforcement, supports the creation of pre-Windows 2000 policies, customizable for applications)
Hardware Integrity (detects platform specifications, records hardware changes)
Detailed and formatted for business use Reporting System Client-Side Password Protection to Console for Administrator Only use Does -not- create a client-side open socket

FATUM Enterprise

Install-and-go ease of installation
Full GUI control over all components
Capable of handling large numbers of clients Multiple customizable schedules
Multiple customizable security policies
Multiple security groups
Remote control of Client security functions Detailed information provided about each host Repository for Fatum client logs
"Delta" engine for creating histories and log reduction Graphs and tables for heuristic/statistic analysis of security information, including formatted report text descriptions. Multiple report levels - Executive, Administrative, Technical, and Host All reports generated in both on-the-screen and HTML forms Easy to understand and use archive viewing system Support for "group-like" policies that cover Windows 98, Windows ME, and Windows NT, as well as modern WindowsT releases that already support group policies
Support for local policies, user policies, application policies, and custom policies.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Requirements: The programs function on most Microsoft WindowsT platforms, a Java runtime environment upgrade may be required but works by default on most modern Windows types. The Enterprise Server requires the Microsoft Office Web Object Components libraries to be installed (MSOWC.DLL)

Performance: Large scale testing hasn't been done yet, although the program was developed with the performance of a Duron 750 with 256 megabytes of SDRAM, and tested for reasonable performance on a 333 MHz Pentium II. In theory, the Enterprise Server can support any number of simultaneous clients as long as there are available network sockets, but there's going to be a reasonable cap somewhere. My torture testing seems to indicate that anywhere past 100,000 reported anomalies per hour would make the console difficult to use on the development platform (the cap would probably 1,000,000 anomalies/hour on a modern personal computer optimized for performance.)

There are a lot more features; I went a bit crazy writing the program but why is because I wanted the unified system to have complete depth control. Manuals have been written and are provided with the download and the web site.

The future of Fatum is to create a unified control center with automatic responses to security incidents. Although the code already supports the ability to incorporate IDS, firewalls, anti-virus, log auditing and other common security tools as well as linking into ActiveX/COM components, this 'basic' first release of Fatum is meant to be a proof-of-concept with four basic forensics tools first, then moved to a professional level before I attempt to move any further.

If you would be interested in testing Fatum, both programs can be obtained on the SwordSoft web site at http://www.swordsoft.com/ (alternatively the backup site at http://63.230.73.253/) Directions on getting a test license are provided on the web site. Using the client in stand-alone mode doesn't require a license - I'll probably just provide it for free indefinitely as long as I've got the bandwidth to provide.

Fatum's development has not been in the hands of a any form of corporation, it's the work of a single programmer with a little help from friends. We've discussed a lot of ideas for its continued growth.

With that in mind, we are doing our best to support a future vision for computer security - unified, simplified, professional, detailed and readily available to all people who need security of this type. The target for use is small to medium sized networks - somewhere in the 1 to 254 hosts range. We appreciate your support, feedback, and time.

Final note: We've been experiencing problems with our web site going down periodically and it's out of our control. If the site is unavailable, we have a backup site on http://63.230.73.253 that is slower but more stable.)

Do you need more help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Thank you,

Eric Knight, Programmer/President
SwordSoft
eric@swordsoft.com Received on Fri Aug 1 13:56:45 2003