Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.
819087444baea69dfe5d8042c090ab5b25b7bdafef0f03186555dd1cd6777800
Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
4d729d41b420e1075f78cdd31d2d0302ea9433cea9aae8ec2adc90da8e1f5696
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
6bd1149148ead2a60e8e4240f0e21a2b37902de7897f914e1c6150d44ba17e3f
Nuhe is a rule based log monitoring system which is capable of taking action when rules are matched against log activity. By default, Nuhe runs in the background (as a daemon), but it can also be used in the foreground in a log analyzer mode.
edcc580b161a01f1914a0fc8937717390707daa6ea9844b2b3de2730cfc16cee
Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
0e6f89b84502a73f16d77fc0c4b09d2e8e9ecef8b20022a765731499fd7d9457
Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
6271be61735f69bb62e593a63e93e09b8041860f9375d8738dc55129f5a9741d
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
3edd45608f1349c89561714794ed72cd036203d8a88be49b449fe4531241d492
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
b69d633a7e46644c91fd5ac2cddc9dfcb52224106525b731de32b6cccc6ff88b
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
919c584e8cf7e217bed6fc92527281158522d03d1ed476dd6a46a05b549749a6
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
93b8c3b9cf5b61b20a8a949d338ebdfa0f2c8b7781df5c5ecd27ca269e152fb8
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
1d480badd146e67be914f84d3a014584ce046edce7e3ac77a93a49c4bc17565d
Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
2df0bd4a7f9ae0815a3ca28b808da02c73269e918925e3b1fc136e2e884ad8f5
ttyrpld is a kernel-based TTY shell, screen, and key logger for Linux, FreeBSD/PCBSD, and OpenBSD. It has a real-time log analyzer. It supports any TTY type (vc (console), BSD/Unix98 pty (xterm/SSH), serial, ISDN, USB, etc.).
efd1922d2885b1dc67a360cd76ba95395d45d05c66fe6e0fed2b5cb96817f223
Thumper is a file monitor that highlights services and keywords dependent on its configuration file.
eea3f3d073a71423f2b2123a7c85990ee182957cb4433c567fa5324ed567505b
Thumper is a file monitor that highlights services and keywords dependent on its configuration file.
1d52e18a708b6a6f8e382fa082a53a110dff1d6d93d79de9711c401d1e75e8b3
Proof of concept event interface keystroke logger that records everything coming through /dev/input/event*.
b68f87c88e9f8fdad777f48c8c6a87b751126ee7690c6c02e664b5a0b8d32012
Snare for Squid provides a remote distribution facility for Squid proxy server logs, and is known to run on most Unix variations, including Linux, Solaris, AIX, Tru64, and Irix. Snare for Squid can be used to send data to either a remote or local SYSLOG server, or the Snare Server for centralized collection, analysis, and archival.
85e084194e7c2a32f392552b2b3871997c9ecf13ca413825aa483139a8f78b00
Snare for Apache provides a remote distribution facility for Apache Web server logs. It is known to run on most Unix variations, including Linux, Solaris, AIX, Tru64, and Irix. Snare for Apache can be used to send data to either a remote or local SYSLOG server, or the Snare Server for centralized collection, analysis, and archival.
9dcabe60749e90b6acdd79c63bdceb5abfb7796c105386c53b9a80c5f97095fc
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
39c2fcf2300693ea3700193cf40cb49c90c1e34d63567bef1891076db8e3f013
Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
3b3b3706a8066f701b2e2a17d8a3e0fd0096a28389ae67df0414a5a3cf875215
Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.
eb7ca786fb4fccf96569e9723489e4256e2ce255109fffe448d7d074b99a5534
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
3b9ebc92316afbb83ef18ce2cfd52735fdca5039bcf9064a06c82107f55ef35a
Os-sim attempts to unify network monitoring, security, correlation, and qualification in one single tool. It combines Snort, Acid, MRTG, NTOP, OpenNMS, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security. Supported platform is Linux.
5a9a9d3c040925a64cb058fee06106c436cbfdebe6217dfa97a7e514e06327a6
Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.
85bbb5384f314f1326bb3aa5d7c2532903781c593606a941c95238ae5e163a2b
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
a4e1ba35a0fc66d0d70d56746dd81d3a047c6d3e6cdd65d48dfef81c9da18a81