Twenty Year Anniversary
Showing 51 - 75 of 749 RSS Feed

Files

Samhain File Integrity Checker 4.1.0
Posted Sep 24, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed quirks with Linux audit support. Implemented silent check. Various other updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 7ab05e34bdcb428bc91a634b4b57a8ff
Bro Network Security Monitor 2.4.1
Posted Sep 9, 2015
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Moved SIP analyzer to flowunit instead of datagram. Fixed potential ARP out-of-bounds memory access. Various other updates and fixes.
tags | tool, intrusion detection
systems | unix
MD5 | 353e79df458e2bbfa00bdbaa0f183908
Beltane Web-Based Management For Samhain 1.0.20
Posted Jul 20, 2015
Site la-samhna.de

Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.

Changes: Added support for samhain version 4.0 database format. Add mergetool.``
tags | tool, web, intrusion detection
systems | unix
MD5 | b92830afd0ef5377ff1f32ae8ba9c404
Samhain File Integrity Checker 4.0.0
Posted Jul 20, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | bdbf09c7386fc60c865973710372afe1
Bro Network Security Monitor 2.4
Posted Jun 10, 2015
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Bro now has support for external plugins that can extend its core functionality, like protocol/file analysis, via shared libraries. Bro now has support for the MySQL wire protocol. Activity gets logged into mysql.log. Bro now parses DTLS traffic. Activity gets logged into ssl.log. Various other updates and fixes.
tags | tool, intrusion detection
systems | unix
MD5 | b0768ba77e6347d77a20e595f7eee120
Samhain File Integrity Checker 3.1.6
Posted Jun 9, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 3dcc0b291d92a64f82853614c574fa78
Suricata IDPE 2.0.8
Posted May 7, 2015
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bug fixes including tls and pcap parsing issues.
tags | tool, intrusion detection
systems | unix
MD5 | a9553ccf942c0c4aa1e1a188ec1f7d93
Samhain File Integrity Checker 3.1.5
Posted Mar 26, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed IPv6 issue with portcheck. Fixed minor issues with bugs in testing code. Various other updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 51db9d6ac9194eaf94314ba29d90d7eb
Suricata IDPE 2.0.7
Posted Feb 25, 2015
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: DCERPC traffic and http uri parsing issues addressed. Various bug fixes and improvements.
tags | tool, intrusion detection
systems | unix
MD5 | 43cd7dd958d434c580426020079914d7
Samhain File Integrity Checker 3.1.4
Posted Feb 17, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added non-existent file to the regression test config. Multiple bug fixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | bdbed66edcf473b0458a0baf1ebe670b
Bro Network Security Monitor 2.3.2
Posted Jan 27, 2015
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Multiple security-related bug fixes.
tags | tool, intrusion detection
systems | unix
advisories | CVE-2014-9586
MD5 | d89fe0942e41c25869effd959749a730
Suricata IDPE 2.0.6
Posted Jan 15, 2015
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Evasion issues fixed. Various bug fixes and improvements.
tags | tool, intrusion detection
systems | unix
MD5 | 14bfb3adc184d4da321c93ed9abae500
Suricata IDPE 2.0.5
Posted Dec 12, 2014
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Various bug fixes and some stream improvements.
tags | tool, intrusion detection
systems | unix
MD5 | 2ff10b929bf7d5fd4d345b0fd8f268a1
Samhain File Integrity Checker 3.1.3
Posted Nov 4, 2014
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Removed initgroups() from the popen call in unix entropy gatherer. Added error message for update mode if local baseline cannot be found.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | cc286eab828409f4480b70fe6dde390f
Logwatch 7.4.1
Posted Sep 24, 2014
Site logwatch.org

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
MD5 | a0c3d8721f877bdcd4a9089eb1b4691b
Suricata IDPE 2.0.4
Posted Sep 23, 2014
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Various bug fixes.
tags | tool, intrusion detection
systems | unix
MD5 | 90eb4368480c46917c145ff2cb0b6b64
Bro Network Security Monitor 2.3.1
Posted Sep 10, 2014
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Multiple bug fixes.
tags | tool, intrusion detection
systems | unix
MD5 | 29a773ec6da4ee4f8ed86dfc26c60811
Suricata IDPE 2.0.3
Posted Aug 12, 2014
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Various bug fixes.
tags | tool, intrusion detection
systems | unix
MD5 | b7373e6c56c06f94546b96abf4fd8252
Samhain File Integrity Checker 3.1.2
Posted Aug 7, 2014
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed incorrect memset in sh_checksum.c. Fixed a minor bug in exepack_fill.c that was unearthed by the minilzo overflow check. Various other bug fixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 2086798987b0d3f8939725d065e8fd84
Suricata IDPE 2.0.2
Posted Jun 27, 2014
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Various clean up and bug fixes.
tags | tool, intrusion detection
systems | unix
MD5 | 90228925c6a42d41fb2ee86911bc4000
Suricata IDPE 2.0.1
Posted May 22, 2014
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: This release adds TLS Heartbleed detection. It fixes the Unix socket runmode, fixes AF_PACKET IPS mode, and fixes various DNS handling issues. Many other issues were fixed.
tags | tool, intrusion detection
systems | unix
MD5 | 04fedf4c5148125743702ba463614e52
Samhain File Integrity Checker 3.1.1
Posted May 1, 2014
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: All-numeric hostnames are correctly recognized now, and inline asm has been disabled on Cygwin/Windows.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | ba5dfb540f52b906216485cd35c11560
Heartbleed Honeypot Script
Posted Apr 9, 2014
Authored by glitch | Site glitchwrks.com

This Perl script listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's (jspenguin@jspenguin.org) demo for CVE-2014-0160 'Heartbleed'. Run as root for the privileged port. Outputs IPs of suspected heartbleed scan to the console. Rickrolls scanner in the hex dump.

tags | tool, root, perl, tcp, intrusion detection
systems | unix
advisories | CVE-2014-0160
MD5 | aa6604b077be236dfe5f5f3f8c9a84cd
Suricata IDPE 2.0
Posted Mar 25, 2014
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: HTTP support was much improved. CUDA support was updated. A DNS parser and logger were added. Lua support was improved. The stream engine was made more robust. IPS mode was improved. VLAN support was improved. Options were added for enabling and disabling protocol parsers. Protocol detection was improved. IPv6 improvements were made. Profiling options were expanded. Unified JSON output was added. VLAN handling was improved. QinQ support was added. A command line option for overriding configuration settings was added. An optimized NSM runmode was added. An SSH logger was added.
tags | tool, intrusion detection
systems | unix
MD5 | ef3cb7d7aa87a5d9a5b47a6f2e5ab800
Suricata IDPE 1.4.7
Posted Dec 17, 2013
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: The tag keywords session option was fixed. The combination of delayed detect and thresholding was fixed. An IP Reputation loading issue was fixed. IPv6 stream timeout packet setup was fixed. YAML parsing for detection engine options was fixed. Rule ordering for rules with multiple vars was fixed.
tags | tool, intrusion detection
systems | unix
MD5 | da8bf6fc54ffe152921eb279fcfdab0f
Page 3 of 30
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
Appliance Botnet Could Bring Power Grid To Its Knees
Posted Aug 17, 2018

tags | headline, flaw, scada
Chinese Hackers Target Alaska
Posted Aug 17, 2018

tags | headline, hacker, government, usa, china, cyberwar
Necurs Botnet Launches Fresh Assault Against Banks
Posted Aug 17, 2018

tags | headline, malware, bank, cybercrime, botnet, fraud
Apple Hack Teen Pleads Guilty
Posted Aug 17, 2018

tags | headline, hacker, data loss, apple
Google Expands Bug Bounty To Include Fraud Protection Bypass
Posted Aug 16, 2018

tags | headline, fraud, flaw, google
Credit Card Skimmers Now Need To Fear The Reaper
Posted Aug 16, 2018

tags | headline, hacker, bank, cybercrime, fraud, conference
The Hackers Hunting Down Missing People
Posted Aug 16, 2018

tags | headline, hacker, privacy, conference
President Trump Relaxes US Cyber-Attack Rules
Posted Aug 16, 2018

tags | headline, government, usa, cyberwar, fbi, nsa, cia
Mystery Russian Satellite's Behavior Raises Alarm In US
Posted Aug 15, 2018

tags | headline, usa, russia, space, cyberwar, spyware
Adobe Fixes Critical Code Execution Flaws In Latest Patch Update
Posted Aug 15, 2018

tags | headline, flaw, adobe, patch
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close