Twenty Year Anniversary
Showing 1 - 6 of 6 RSS Feed

Files from Tillmann Werner

Email addresstillmann.werner at gmx.de
First Active2006-10-12
Last Active2008-12-10
Nebula Intrusion Signature Generator 0.2.3
Posted Dec 10, 2008
Authored by Tillmann Werner | Site nebula.mwcollect.org

Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.

Changes: Entropy threshold bug corrected. Enabled realtime signal thread control only if available. BSD compatibility changes.
tags | tool, sniffer
MD5 | 06eabd66634e7969203465fb94900f18
nebula-0.2.2.tar.gz
Posted May 30, 2008
Authored by Tillmann Werner | Site nebula.mwcollect.org

Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.

tags | tool, sniffer
MD5 | 9d388753e6bf14c9811a92a586ce8cfa
honeytrap-1.0.0.tar.gz
Posted Oct 29, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: New plugins added, various improvements and bug fixes.
tags | tcp, system logging
systems | unix
MD5 | 2d07e1efcae1b64011c60547544f1f80
honeytrap-0.7.0.tar.gz
Posted May 22, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: Plugins can be prioritized. x86 CPU emulation module for generic shellcode analysis. Various other additions and improvements.
tags | tcp, system logging
systems | unix
MD5 | d2e765e15a4959d0155ba9b83f2fef7a
honeytrap-0.6.4.tar.gz
Posted Jan 27, 2007
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

Changes: PoC plugin for locality sensitive hashing, Clean solution for giving packet control back to the kernel when using the ip_queue connection monitor, Fixed a segfault in the bpf filter string assembling routine, Failed mirror connections did not fall back to normal mode sometimes due to wrong return value handling for a non-blocking connect(). Fixed. The dynamic server code was redesigned. UDP support added.
tags | tcp, system logging
systems | unix
MD5 | b5aad87bff055fde350a1913baeabdc8
honeytrap-0.6.3.1.tar.gz
Posted Oct 12, 2006
Authored by Tillmann Werner | Site honeytrap.sourceforge.net

Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.

tags | tcp, system logging
systems | unix
MD5 | e81c42c4f69046911bd38e255ab66ee7
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    8 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    32 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    8 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close