what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 905 RSS Feed

Intrusion Detection Files

Suricata IDPE 6.0.12
Posted May 9, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: An optimization and feature added. 18 bug fixes. 1 security fix and a couple dozen bug fixes along with a feature and a task.
tags | tool, intrusion detection
systems | unix
SHA-256 | 04b23160935b03197b085c2ccc9d80875a33f115583054d1460ab0fb66d834b3
Suricata IDPE 6.0.11
Posted Apr 14, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 1 security fix and a couple dozen bug fixes along with a feature and a task.
tags | tool, intrusion detection
systems | unix
SHA-256 | 4da5e4e91e49992633a6024ce10afe6441255b2775a8f20f1ef188bd1129ac66
Zeek 5.0.8
Posted Apr 12, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes 5 security bugs and 5 non-security bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 82fd72c7078fbdb4c025569a6e31fa7f8b9876ca37aab8ac24db92b0c589d2bf
AIDE 0.18.2
Posted Apr 10, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Added warning if rules contain not compiled-in attributes. Added missing lock for tree operations during file system scan.
tags | tool, intrusion detection
systems | unix
SHA-256 | 758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4
AIDE 0.18.1
Posted Mar 6, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Fixed handling of empty growing files. Fixed segfault when using --dry-init. Updated README.
tags | tool, intrusion detection
systems | unix
SHA-256 | 158e72e2fc7f08cb28b66dd5988294c19b035b5a901d7ad5fee010efeca4c0d2
Zeek 5.0.7
Posted Feb 22, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Various issues with signed/unsigned character discrepancies on arm64 builds are fixed. A performance degradation in debug builds involving hashing large keys for Dictionaries was fixed. A DNS related memory leak was addressed. An ftp denial of service was addressed. Two find related BIF methods had a denial of service issue addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | dbb9788260269c5a75eb5d18fd9ad0df1f06f00757cdde9d86994b35428b5776
Falco 0.34.1
Posted Feb 20, 2023
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: Minor fix to userspace/engine where it will now correctly bump FALCO_ENGINE_VERSION after introduction of new fields.
tags | tool, intrusion detection
systems | unix
SHA-256 | 996c138ce94c027c6a27898950c48ee664c380889d564871d14f9b0e48185b77
AIDE 0.18
Posted Feb 7, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Now supports multithreading for hashsum calculation. Added new growing and compressed attributes. Various other additions, minor bug fixes, code clean up, and more.
tags | tool, intrusion detection
systems | unix
SHA-256 | f1166ad01a50f7f4523a585760c673ae11185a38cfa602ae7c9e9266effd038d
Falco 0.34.0
Posted Feb 7, 2023
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: A dozen major changes, over two dozen minor changes, and six bug fixes. There is one breaking change.
tags | tool, intrusion detection
systems | unix
SHA-256 | 23c36580c981ff7de09ab37dd19eff58ace79337657cc06e0f9ae71b20633246
Zeek 5.0.6
Posted Feb 2, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Three security issues and five additional bugs have been addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8e09916c43beba457f76484be46dad2858a5983d95624e55a70e06a1c76ce2d2
Suricata IDPE 6.0.10
Posted Jan 31, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 1 security issue addressed, 19 bugs addressed, and a couple of optimizations.
tags | tool, intrusion detection
systems | unix
SHA-256 | 59bfd1bf5d9c1596226fa4815bf76643ce59698866c107a26269c481f125c4d7
Logwatch 7.8
Posted Jan 23, 2023
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | fb8a7e79c851696800941b1ef7f03ce42b7e1d046eaa6ac8fa69a87b46d8edb7
Zeek 5.0.5
Posted Jan 10, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Updated broker to version 2.3.6. This broker release fixes some failures when building against Python 3.11 and above.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3efed010ab2dcf623667d13b485dfec6d28f2b65f97e4c9f0f9192c37ace88d1
Suricata IDPE 6.0.9
Posted Nov 30, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 4 security issues addressed, 15 bugs addressed, one feature, and a few tasks completed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3225edcbd0277545b7128df7b71652e6816f3b4978347d2f4fe297d55ed070e8
Falco 0.33.1
Posted Nov 24, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: Fixed container-gvisor and kubernetes-gvisor print options. Updated libs to 0.9.2, fixing potential CLBO on gVisor+Kubernetes and crash with eBPF when some CPUs are offline.
tags | tool, intrusion detection
systems | unix
SHA-256 | c17f784c29aa5d80215602a82fa8f43456ed9eb244957e34e17f303fef273642
Zeek 5.0.4
Posted Nov 23, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes security issues where a specially-crafted series of HTTP 0.9 packets can cause Zeek to spend large amounts of time processing the packets, a specially-crafted FTP packet can cause Zeek to spend large amounts of time processing the command, and a specially-crafted IPv6 packet can cause Zeek to overflow memory and potentially crash. Fixed a potential stall in Broker’s internal data pipeline.
tags | tool, intrusion detection
systems | unix
SHA-256 | d01aa72864b1128513c0b3667148e765f83cd9f0befe9a751c51f0f19a8ba280
Zeek 5.0.3
Posted Nov 9, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed an issue where a specially-crafted FTP packet can cause Zeek to spend large amounts of time attempting to search for valid commands in the data stream. Fixed a possible overflow in the Zeek dictionary code that may lead to a memory leak. Fixed an issue where a specially-crafted packet can cause Zeek to spend large amounts of time reporting analyzer violations. Fixed a possible assert and crash in the HTTP analyzer when receiving a specially-crafted packet. Fixed an issue where a specially-crafted HTTP or SMTP packet can cause Zeek to spend a large amount of time attempting to search for filenames within the packet data. Fixed two separate possible crashes when converting processed IP headers for logging via the raw_packet event handlers. Various other bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8f16ed6b51f63f7efaca506c4ee0396b0fd03e83cb6358dbd9ea6ffe5fd0b657
Falco 0.33.0
Posted Oct 20, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A dozen major changes, about 2 dozen minor changes, and a handful of bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 933b5a17271ac0f9acfa54c48997d1b9526759fa9bd929c844cca6471dec33ea
Suricata IDPE 6.0.8
Posted Sep 28, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Suricata 6.0.8 fixes 2 issues in the 6.0.7 distribution. libhtp 0.5.41 was not actually included and Suricata-Update 1.3.0dev0 was included instead of 1.2.5.
tags | tool, intrusion detection
systems | unix
SHA-256 | 253ce3cc0df967ad9371d6ea8d4eed91ec593df3ed04e08229c7cf85780c91a3
Suricata IDPE 6.0.7
Posted Sep 27, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: One security fix, about a dozen bug fixes, and a couple of features added.
tags | tool, intrusion detection
systems | unix
SHA-256 | d172289358e22d57e85b3f28f4a49f9f7844d99e1b4b4680510fe81fb9b16446
Zeek 5.0.2
Posted Sep 20, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the SMB analyzer when receiving a specially crafted packet. Fixed two possible crashes when converting IP headers for output via the raw_packet event. Fixed a bug that prevented Broker nodes to recover from OpenSSL errors. Fixed handling of buffer sizes that caused Broker to stall despite having sufficient capacity. Fixed an issue with signal handling that could prevent Zeek from exiting via ctrl-c when reading scripts from stdin.
tags | tool, intrusion detection
systems | unix
SHA-256 | 7089fcc06d13803fc7ce19fdc49f96183efd797be3a4fdca083240b9b46e1d2f
Zeek 5.0.1
Posted Aug 30, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed potential overflow in modbus analyzer's bytestring_to_coils. Reset packet cap_len before returning from IP::AnalyzePacket. Swap DNS EDNS field order to match script-land type. Added some sanity checking to BadARPEvent method. Checks for valid ip_hdr length before trying to make a Val out of it. Updated broker submodule to 2.3.2 release tag. Various additional updates since the last release.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3cd43ae446200e7e59a89a9bf8190d964f3198e517f5d4be9cc1daba67ba0b81
Falco 0.32.2
Posted Aug 9, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Fix where ARCH is added to the bpf download URL.
tags | tool, intrusion detection
systems | unix
SHA-256 | 12ff59e7b279ef269bc417263ef489f0aea74d8e1b45b1c27839b92627daa61e
Logwatch 7.7
Posted Jul 25, 2022
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 2a10c2c73f85d2ec9d8e9be3f553b7b5849cf795b89a1c1379c99cc36a06adbd
Suricata IDPE 6.0.6
Posted Jul 12, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Three security issues and dozens of bug fixes addressed. Multiple feature and optimization modifications.
tags | tool, intrusion detection
systems | unix
SHA-256 | 00173634fa76aee636e38a90b1c02616c903e42173107d47b4114960b5fbe839
Page 2 of 37
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close