exploit the possibilities
Showing 1 - 22 of 22 RSS Feed

Files

Falco 0.10.0
Posted Apr 25, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: New example puppet module for falco. Various rule updates. Multiple other fixes and improvements.
tags | tool, intrusion detection
systems | unix
MD5 | f4897480542596fb355bfc1fa78897de

Related Files

Falco 0.14.0
Posted Feb 7, 2019
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Rules versioning support: The falco engine and executable now have an engine version that represents the fields they support. Now allows SSL for K8s audit endpoint/embedded webserver. Various other fixes and updates.
tags | tool, intrusion detection
systems | unix
MD5 | ea250cb9b73ba0721f1f5a16c0f6b0a9
Falco 0.13.1
Posted Jan 17, 2019
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Improved documentation for running Falco within K8s and getting K8s Audit Logging to work with Minikube and Falco as a Daemonset within K8s. Fixed AWS Permissions for Kubernetes Response Engine. Fixed a potential crash that could occur when using the falco engine and rulesets. Various other fixes and updates.
tags | tool, intrusion detection
systems | unix
MD5 | 78ce31af76bd1d3dba5742052c7d309b
Falco 0.13.0
Posted Dec 13, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added support for K8s Audit Events. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | b49ca8563faafe59b02e19f9a75e20d4
Falco 0.12.1
Posted Sep 13, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed a regression in the libcurl configure script.
tags | tool, intrusion detection
systems | unix
MD5 | adce7b6ab8554e22fc38cdd621691056
Falco 0.11.1
Posted Jul 31, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed a problem that caused the kernel module to not load on certain kernel versions.
tags | tool, intrusion detection
systems | unix
MD5 | 2c364a28eed999aba8e007dddf9be6dc
Falco 0.11.0
Posted Jul 27, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Falco can now read events via an ebpf program loaded into the kernel instead of the falco-probe kernel module. Multiple other fixes and improvements.
tags | tool, intrusion detection
systems | unix
MD5 | 4c7222749b522accbc1e3c4bfbfb68ff
Falco 0.9.0
Posted Jan 18, 2018
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed driver incompatibility problems with some linux kernel versions that can disable pagefault tracepoints. Fixed OSX Build incompatibility with latest version of libcurl.
tags | tool, intrusion detection
systems | unix
MD5 | 8a3c23cdb8e05cb25272c1a6ea2c9067
Falco 0.8.1
Posted Oct 12, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fixed packaging to specify correct built-in config file.
tags | tool, intrusion detection
systems | unix
MD5 | f3c654ded00f3186f3ff92320204a747
Falco 0.7.0
Posted May 31, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Update the priorities of falco rules to use a wider range of priorities rather than just ERROR/WARNING. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
MD5 | edd8b765f608c7a2e923e6a99b4a7e69
Falco 0.6.1
Posted May 16, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Small changes to token bucket used to throttle falco events. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
MD5 | 5cff672d550bdd68a80566fdd54b00cf
Falco 0.6.0
Posted Mar 29, 2017
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Falco now has its own dedicated kernel module. Third party libraries updated to address security vulnerabilities. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
MD5 | 171cc1233de7c3c266750a4609db6be0
Falco 0.5.0
Posted Dec 22, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added cache event formatting objects so they are not re-created for every falco notification. Falco notifications are now throttled by a token bucket, preventing a flood of notifications when many events match a rule. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
MD5 | b75188e8500778059382e033a42c5772
Falco 0.4.0
Posted Oct 26, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Improved visibility into containers. Improved visibility into orchestration environments. Various other fixes and changes.
tags | exploit, tool
systems | unix
MD5 | a607d134270e88c2812ad62aa13583c7
Falco 0.3.0
Posted Aug 6, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Significantly improved performance, involving changes in the falco and sysdig repositories. Several sets of rule cleanups to reduce false positives. Various other updates.
tags | tool, intrusion detection
systems | unix
MD5 | 4e4cbc354550fa7a2c0c4ac038e20bd7
Falco 0.2.0
Posted Jun 9, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added TravisCI regression tests. Rework of ruleset. Improved JSON output.
tags | tool, intrusion detection
systems | unix
MD5 | 92d33817a8b02da1bf48e534c566ea29
Falco 0.1.0
Posted May 18, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

tags | tool, intrusion detection
systems | unix
MD5 | a492f280002036238daeecc014c8af09
falconcms-rfixss.txt
Posted Dec 10, 2007
Authored by KiNgOfThEwOrLd | Site inj3ct-it.org

Falcon CMS version 1.4.3 suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion
MD5 | 9587e82349f91fe3ea608573fcd93749
falcon.2.0.txt
Posted May 27, 2002
Authored by Tamer Sahin | Site securityoffice.net

The Falcon Web Server v2.0 for Windows 2000 allows remote users to gain read access of known password protected files residing on a Falcon Web Server.

tags | remote, web
systems | windows, 2k
MD5 | 39fbbdf3c448da5cf80f9935c4500b12
falcon-0.1.5-1.tgz
Posted Feb 1, 2000
Authored by Falcon Open Group | Site falcon.naw.de

The Falcon Project (Free Application-Level CONnection kit) is an open firewall project with the intention of developing a free, secure and OS-independent firewall system. Falcon consists of three major modules: Falcons's own proxies (written in Perl); 3rd-party proxies (squid / qmail / BIND8), each modified for chroot environment; and general concepts for OS hardening, chrooting etc.

Changes: Comfortable start-/stop-scripts, and a fix for the download problem.
tags | tool, perl, firewall
systems | unix
MD5 | 90c68c0c2119a00bbc6f476c654292ab
falcon-0.1-1.tgz
Posted Jan 26, 2000
Authored by Falcon Open Group | Site falcon.naw.de

The Falcon Project (the Free Application-Level CONnection) is an open firewall project with the intention of developing a free, secure and OS-independent firewall system. Falcon consists of different modules: Falcons's own proxies (generic TCP proxy and application-specific proxies), Squid for Web access and caching (modified package for Linux), and qmail for mail communication.

tags | tool, web, tcp, firewall
systems | linux, unix
MD5 | 1990c713589a615579123074ad8404c3
falcon-ssh-diffs.tar.gz
Posted Nov 5, 1999
Authored by Falcon

Two rootkit / backdoor patches to ssh-1.2.27. The first diff turns ssh into a major backdoor. it will report itself as nscd in the process list, have ALL logging disabled, run on a different port, ignore all settings in the config file and allow a "magic word" login to all accounts, including root. The other patch simply adds a magic password to sshd, for use in patching an existing sshd.

tags | tool, root, rootkit
systems | unix
MD5 | cd9339f82c165b3b8fddebf126ff7c1d
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    15 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close