exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 862 RSS Feed

Intrusion Detection Files

Suricata IDPE 6.0.8
Posted Sep 28, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Suricata 6.0.8 fixes 2 issues in the 6.0.7 distribution. libhtp 0.5.41 was not actually included and Suricata-Update 1.3.0dev0 was included instead of 1.2.5.
tags | tool, intrusion detection
systems | unix
SHA-256 | 253ce3cc0df967ad9371d6ea8d4eed91ec593df3ed04e08229c7cf85780c91a3
Suricata IDPE 6.0.7
Posted Sep 27, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: One security fix, about a dozen bug fixes, and a couple of features added.
tags | tool, intrusion detection
systems | unix
SHA-256 | d172289358e22d57e85b3f28f4a49f9f7844d99e1b4b4680510fe81fb9b16446
Zeek 5.0.2
Posted Sep 20, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the SMB analyzer when receiving a specially crafted packet. Fixed two possible crashes when converting IP headers for output via the raw_packet event. Fixed a bug that prevented Broker nodes to recover from OpenSSL errors. Fixed handling of buffer sizes that caused Broker to stall despite having sufficient capacity. Fixed an issue with signal handling that could prevent Zeek from exiting via ctrl-c when reading scripts from stdin.
tags | tool, intrusion detection
systems | unix
SHA-256 | 7089fcc06d13803fc7ce19fdc49f96183efd797be3a4fdca083240b9b46e1d2f
Zeek 5.0.1
Posted Aug 30, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed potential overflow in modbus analyzer's bytestring_to_coils. Reset packet cap_len before returning from IP::AnalyzePacket. Swap DNS EDNS field order to match script-land type. Added some sanity checking to BadARPEvent method. Checks for valid ip_hdr length before trying to make a Val out of it. Updated broker submodule to 2.3.2 release tag. Various additional updates since the last release.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3cd43ae446200e7e59a89a9bf8190d964f3198e517f5d4be9cc1daba67ba0b81
Falco 0.32.2
Posted Aug 9, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fix where ARCH is added to the bpf download URL.
tags | tool, intrusion detection
systems | unix
SHA-256 | 12ff59e7b279ef269bc417263ef489f0aea74d8e1b45b1c27839b92627daa61e
Logwatch 7.7
Posted Jul 25, 2022
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 2a10c2c73f85d2ec9d8e9be3f553b7b5849cf795b89a1c1379c99cc36a06adbd
Suricata IDPE 6.0.6
Posted Jul 12, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Three security issues and dozens of bug fixes addressed. Multiple feature and optimization modifications.
tags | tool, intrusion detection
systems | unix
SHA-256 | 00173634fa76aee636e38a90b1c02616c903e42173107d47b4114960b5fbe839
Falco 0.32.1
Posted Jul 11, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 2 major changes, 8 minor changes, 4 bug fixes, 2 rule changes, and about 2 dozen non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6683030c0954015fd2437e241b6da7dd2d804b88f55461c0262ad1a5d96f46e9
Zeek 5.0.0
Posted Jul 6, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Zeek now requires at least CMake version 3.15.0. The script-land union and timer types have been removed. Broker now uses a new network backend with a custom network protocol that is incompatible with the pre-5.0 backend. A large amount of new functionality and changes to functionality have been made in this release and it is suggested you review the entire changelog.
tags | tool, intrusion detection
systems | unix
SHA-256 | d0d300fd8d9a1a485a0198c52e9773db7c532820faaea797e4c63aafac63fd7e
Zeek 4.2.2
Posted Jun 6, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed a potential hang in the DNS analyzer when receiving a specially-crafted packet.
tags | tool, intrusion detection
systems | unix
SHA-256 | f50dd7db8b809a74a72d402494afa00b432ef1e87cd5913687feee21573c700c
Falco 0.32.0
Posted Jun 6, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 5 major changes, over a dozen minor changes, 2 bug fixes, a dozen rule changes, and about 2 dozen non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 1b4774469b9721e8b40ebd568b788323a52b3dc6693f521aca9dc7104bbcc3f9
Samhain File Integrity Checker 4.4.9
Posted May 10, 2022
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added a fix for double newline stripping when reading from database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 9f02f9145915ba4b5ef6657d539d3dbdbd9a4ad9fd35308bb9bb64509f6c4015
Samhain File Integrity Checker 4.4.8
Posted Apr 30, 2022
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: New server option Alias=alias@hostname.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 8970a6f4fea1df3c66f97d3637efbf1c050e5f59e827b30e5428970311648b47
Zeek 4.2.1
Posted Apr 22, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed a potential unbounded state growth in the FTP analyzer when receiving a specially-crafted stream of commands that could lead to a buffer overflow. Fix to ensure both protocol and analyzer confirmation and violation events can be called. Addressed an issue where empty table constructors with &default attributes may cause a crash. Fixed a bug in ZAM when a function containing a loop is inlined. Reduced the interpreter frames generated by ZAM when inlining function bodies. Various other updates.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6b13489b30494c7c5dda453fc50981e5943d6715b6c9b5b7a85abb80bbe6d116
Suricata IDPE 6.0.5
Posted Apr 21, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Three security issues, dozens of bug fixes, three features, three tasks, and some documentation changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 0d4197047c84ba070dfc6b1d9f9ee92f52a71403bfac0e29b2554bb21fe00754
Falco 0.31.1
Posted Mar 10, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 2 major changes. 2 minor changes. 4 bug fixes. 11 rule changes. 7 non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 207b875c5b24717ecc9a5c288ff8df703d5d2a9ad00533f798d530e758f8ae42
Samhain File Integrity Checker 4.4.7
Posted Mar 7, 2022
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fixed compile error on MacOS. Disable dnmalloc for gcc 11. Fixed minor compile issues with gcc 11.2. Fixed problem with login/logout monitoring on MacOS. Fixed problem caused by switch from pubkey.gpg to pubkey.kbx.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 1fa1703c34c1e615e7bcfa6d847c612795623e8bc52d36b15a8846c391362248
Falco 0.31.0
Posted Jan 31, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 3 major changes. 20 minor changes. 9 bug fixes. 15 rule changes. 22 non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 0c7d88bfa2ec8e17e6e27158fabfb1d05982ede3138138b44a0f3ac6ffba5545
Zeek 4.2.0
Posted Jan 27, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: 1 breaking change, 17 new functionality additions, and 9 modifications.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8d9a028ca9fec7ad4a9e48a763e296052384cf402ea4cd371577bff183c27451
Logwatch 7.6
Posted Jan 24, 2022
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 689f3c68b99ef7af7d3c7007c3ff0a55d5674bdbf9c01f69a9f187726d6d4baf
AIDE 0.17.4
Posted Jan 20, 2022
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Fix to prealculate buffer size in base64 functions.
tags | tool, intrusion detection
systems | unix
advisories | CVE-2021-45417
SHA-256 | c81505246f3ffc2e76036d43a77212ae82895b5881d9b9e25c1361b1a9b7a846
Suricata IDPE 6.0.4
Posted Nov 18, 2021
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: A couple security issues, a few dozen bugs, one feature, an optimization, and a task were addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | a8f197e33d1678689ebbf7bc1abe84934c465d22c504c47c2c7e9b74aa042d0d
Zeek 4.1.1
Posted Oct 27, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Two security issues and four bugs have been addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8c0afc999a8dd1c1f677a5cf818479b99c2d527e679e1ef99fb1b03f989c0373
Falco 0.30.0
Posted Oct 1, 2021
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: 3 major changes. 3 minor changes. 2 bug fixes. 2 rule changes. 8 non-user facing changes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 9d90a86752a700dad2d1ea888b2cd33cdc808621faa2b6300bb0463d404744fb
Zeek 4.0.4
Posted Sep 23, 2021
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release addresses six bugs and two security issues.
tags | tool, intrusion detection
systems | unix
SHA-256 | d9991de344fa8ed8c92d130837309655dc9e22c4f5e53c141dce6deee5c0505c
Page 1 of 35
Back12345Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close