Twenty Year Anniversary
Showing 1 - 6 of 6 RSS Feed

Files from Tillmann Werner

Email addresstillmann.werner at gmx.de
First Active2006-10-12
Last Active2008-12-10
Nebula Intrusion Signature Generator 0.2.3
Posted Dec 10, 2008
Authored by Tillmann Werner | Site nebula.mwcollect.org

Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.

Changes: Entropy threshold bug corrected. Enabled realtime signal thread control only if available. BSD compatibility changes.
tags | tool, sniffer
MD5 | 06eabd66634e7969203465fb94900f18
nebula-0.2.2.tar.gz
Posted May 30, 2008
Authored by Tillmann Werner | Site nebula.mwcollect.org

Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.

tags | tool, sniffer
MD5 | 9d388753e6bf14c9811a92a586ce8cfa
honeytrap-1.0.0.tar.gz
Posted Oct 29, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: New plugins added, various improvements and bug fixes.
tags | tcp, system logging
systems | unix
MD5 | 2d07e1efcae1b64011c60547544f1f80
honeytrap-0.7.0.tar.gz
Posted May 22, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: Plugins can be prioritized. x86 CPU emulation module for generic shellcode analysis. Various other additions and improvements.
tags | tcp, system logging
systems | unix
MD5 | d2e765e15a4959d0155ba9b83f2fef7a
honeytrap-0.6.4.tar.gz
Posted Jan 27, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: PoC plugin for locality sensitive hashing, Clean solution for giving packet control back to the kernel when using the ip_queue connection monitor, Fixed a segfault in the bpf filter string assembling routine, Failed mirror connections did not fall back to normal mode sometimes due to wrong return value handling for a non-blocking connect(). Fixed. The dynamic server code was redesigned. UDP support added.
tags | tcp, system logging
systems | unix
MD5 | b5aad87bff055fde350a1913baeabdc8
honeytrap-0.6.3.1.tar.gz
Posted Oct 12, 2006
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

tags | tcp, system logging
systems | unix
MD5 | e81c42c4f69046911bd38e255ab66ee7
Page 1 of 1
Back1Next

File Archive:

December 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    11 Files
  • 2
    Dec 2nd
    1 Files
  • 3
    Dec 3rd
    18 Files
  • 4
    Dec 4th
    40 Files
  • 5
    Dec 5th
    16 Files
  • 6
    Dec 6th
    50 Files
  • 7
    Dec 7th
    12 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    1 Files
  • 10
    Dec 10th
    15 Files
  • 11
    Dec 11th
    30 Files
  • 12
    Dec 12th
    25 Files
  • 13
    Dec 13th
    15 Files
  • 14
    Dec 14th
    14 Files
  • 15
    Dec 15th
    2 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    15 Files
  • 18
    Dec 18th
    15 Files
  • 19
    Dec 19th
    4 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close