what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Tillmann Werner

Email addresstillmann.werner at gmx.de
First Active2006-10-12
Last Active2008-12-10
Nebula Intrusion Signature Generator 0.2.3
Posted Dec 10, 2008
Authored by Tillmann Werner | Site nebula.mwcollect.org

Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.

Changes: Entropy threshold bug corrected. Enabled realtime signal thread control only if available. BSD compatibility changes.
tags | tool, sniffer
SHA-256 | 6d90fe1c5c1d81045134485e8ee4e888e9fce5d4323a2b6b321bf8a9765fc856
nebula-0.2.2.tar.gz
Posted May 30, 2008
Authored by Tillmann Werner | Site nebula.mwcollect.org

Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.

tags | tool, sniffer
SHA-256 | a72605776c17e6c7038972b6fcfa0d17f63a693b21e21701518d5f1e328aa4ed
honeytrap-1.0.0.tar.gz
Posted Oct 29, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: New plugins added, various improvements and bug fixes.
tags | tcp, system logging
systems | unix
SHA-256 | f5650b01913e31cc748087063327b1d4f66cf84cf99cd1679f646e70feb16ef4
honeytrap-0.7.0.tar.gz
Posted May 22, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: Plugins can be prioritized. x86 CPU emulation module for generic shellcode analysis. Various other additions and improvements.
tags | tcp, system logging
systems | unix
SHA-256 | 30c5a5de71a068c6cd236063b57173bb15fa8e0408ee74e0eb080ccf00a41cdc
honeytrap-0.6.4.tar.gz
Posted Jan 27, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: PoC plugin for locality sensitive hashing, Clean solution for giving packet control back to the kernel when using the ip_queue connection monitor, Fixed a segfault in the bpf filter string assembling routine, Failed mirror connections did not fall back to normal mode sometimes due to wrong return value handling for a non-blocking connect(). Fixed. The dynamic server code was redesigned. UDP support added.
tags | tcp, system logging
systems | unix
SHA-256 | 80a60ac18ba93c286463134386f029d6e79638b38dcf42d91acf268429230586
honeytrap-0.6.3.1.tar.gz
Posted Oct 12, 2006
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

tags | tcp, system logging
systems | unix
SHA-256 | 819087444baea69dfe5d8042c090ab5b25b7bdafef0f03186555dd1cd6777800
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close