This is a textfile explaining what flister is and does. FLISTER is proof-of-concept code for detecting files hidden by both usermode and kernelmode Windows rootkits. It exploits the bugs in handling ZwQueryDirectoryFile() calls with ReturnSingleEntry set to TRUE. Flister works on Windows 2000, XP and 2003.
5b6b637cd51329f95822be40d03bfadd2f6be2edba391415b001239b956c157eMonitors paths and sends SMTP mail with changes discovered.
e3944d25376ce0964b5dab2c84a6d55e1f274e72ae232d148a040120b8f35ccbIntact v1.0a - Intact is a system integrity checker which will take a snapshot of your system and verify that none of your files, directories, registries, devices, settings, permissions and auditing have changed. Intact can be used to detect unauthorized intrustion, damage from viruses, trojan horses, rouge installation programs, security alterations, changes to auditing settings--pretty much any changes, additions or deletions which could compromise your system.
f56228666f37268a01f1def1703baeda5129a024cbc1d700c0854eefadba4c5bFind out what files, registry keys and other objects processes have open, or which DLLs they have loaded. A flexible GUI will even show you who owns each process.
b440c26a0be07ab303f221f2946440822115a72c998dfd9f9881e2d236c3f7dcDesktop Sentry is a security alert system for use with Microsoft Windows NT 4.0. It monitors your system and lets you know when someone attaches to any shares on your computer while you are connected to your local network or surfing the Internet. An excellent tool!
fbac1963a2879e5acf24f6589c54e1d4b8ca5a1a70079f23a0b72e643435b5b0Send NT Event Log entries to a syslog daemon.
5b55453af5ba01e4dd1ccc7d3af79685378fede938c3b3da27a0e40a0b4e4fb9Centrax Log Analyst (CLA) v1.b1 - Intrusion Detection software for Windows NT. Features: Detect threats and intrusion across an entire enterprise using an extensive list of activity signatures. Analyze event logs immediately using out-of-the-box security. Preserve and secure security logs in a centralized database to prevent alterations. Compile and archive large volumes of security logs for future reporting and trending. Generate easy-to-understand damage assessment reports. Free, full copy.
532c3fff202f41a7217313f3e506f1daa2dd2b30149ff7be6762a75a4c6c3865CyberSensor enables spying on any WIN32 API call. You can install any number of prehandlers and posthandlers for the API call. It enables spying on a specific process, its children or allows you to put a system wide hook. Features: Network based Machine Activity Monitor (NMAM) will be able to spy remotely on all the machines in the network. This can be used for monitoring user activity. The activities which can be monitored include Registry, File System, Internet, E-mails, Security, etc; API Library for writing your own spys; Framework for adding new monitors to NMAM; No configuration requirements on individual machines in the network; Centralized User Interface for the entire network.
145b71e133fea316414d255689f84c1bf1d123d5ecb6375ed5857a35f4a38fb4This is a Gui/device driver program that watches all hard disk activity.
72cc5948d7fb67b2c015f5d417382c7dd3fcfaaa7aaddab060db5375a18ee618Big Brother system and network monitor ported to NT.
0ca1db6183ee9284a7a9ad1c10db39577d2f6ecec328157152da432cf7b1c03bSecurity management tools for NT.
b6af68391feb5fd4b7e2778eed6b349d7f08a6b3520da436774346b287ceb0baBig Brother system and network monitor ported to NT.
5863060ea27e54bbb026020fb87db97f927b95c4a9773fd52e946629e0952aa5Big Brother system and network monitor ported to NT.
56651259eff0370eb0221f3b6963187ff90ebb4b185bd37dad6722031a3f588fBig Brother system and network monitor ported to NT.
451bd2fa47edb0621187e5c41249ab882a419cafa1241fcce12b4706a142a5afHummingBird is a distributed component for any Intrusion Detection System. Features: Share security information with any Internet host, Powerful search-able database of security relevant data, Easy to use data visualization, Detects light but network wide attacks, Keeps historical data of system status, Hosts can be organized in a hierarchy for better management and information flow, Java interface for alert messages. HummingBird Project
ec0772e72faaffbc96772170d704e654b0d9e24a7ec4e4896594bd6b2f7ef374ViperDB was created as a smaller & faster alternative to Tripwire. Instead of writing to one database, ViperDB writes to database files in each "watched" directory, decreasing the chances of an attacker being able to successfully modify your "watchd" filesystem.
a8502431ea8bb96ec79c6cd4515f597da6e044ca5b5849f542ff5c01a00f653cThe foundation for a "Windows Deception Toolkit". This package contains "fake" telnet and sendmail daemons, coded in Perl, runs on Windows. Cool concept!
d3262e107ed4706fceb6e66c9775bc4de711f7f5dc9dc3f8c3d2187b3168b567
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed