what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 501 - 525 of 918 RSS Feed

Intrusion Detection Files

logwatch-4.2.1.tar.gz
Posted Oct 30, 2002
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | b59f8fce17ec94112c407edf3a795fca1fb1f4aa2672c4972cfd8158bdf6f65d
logwatch-4.1.tar.gz
Posted Oct 22, 2002
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed race conditions.
tags | tool, intrusion detection
systems | unix
SHA-256 | 0fd643ed6ce80f231d2e8aeb0282685d95a821baacdd2963e6c251e0fbff879d
Beltane Web-Based Management For Samhain
Posted Oct 11, 2002
Site la-samhna.de

Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.

tags | tool, web, intrusion detection
systems | unix
SHA-256 | 2d15c7b3b757f83f0d791ef2e19b3418195dee4efcae5dd0157e2db4b9d5c318
Samhain File Integrity Checker
Posted Oct 4, 2002
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Now includes a target to build RPM's, fixed samhain.startRedHat, fixed some bugs, allowed scheduler to accept multiple schedules.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 7657c537a6bc7e2a336650f2d4336be9ccf992a0b360eb1644489a0d3e326f24
pmids-1.6.tar.gz
Posted Oct 1, 2002
Authored by Redox | Site autosec.sourceforge.net

Poor Mans IDS is a couple of scripts which check certain files on your host (any you like) for changes in content, ownership, and mode. Rather than only mailing if something is wrong (like other IDSs), this lean IDS will send you a daily (or weekly or hourly, depending on how you set-up your cron job) security audit, containing details of what it found.

Changes: A GPG bug and grabbing of md5 sigs from the website have been repaired.
tags | tool, intrusion detection
systems | unix
SHA-256 | a378a6338cf70225094a4db783161ff5ebf530f0019fcd6ed9b34099c248e983
prelude-manager-0.8.6.tar.gz
Posted Sep 24, 2002
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

Changes: Fixed a communication problem on Linux kernel 2.2.x due to the non-standards-compliant poll().
tags | tool, remote, local, intrusion detection
systems | unix
SHA-256 | afd65b77468f5d7bb132b9dfa83a9e49b9e73418d9e3371265b7fbfbfbb80d69
NIDSfindshellcode.tgz
Posted Sep 22, 2002
Authored by NGSEC Research Team | Site ngsec.com

Proof of concept code based on the "Polymorphic shellcodes vs. Applications IDS" white paper. It is a Network IDS able to detect shellcodes, even polymorphic ones.

tags | tool, shellcode, intrusion detection, proof of concept
systems | unix
SHA-256 | cb7a2a706ec416a16b6507f847b7ec3050f8267b970f310b4ae1bba2188af83e
shoneypot-0.2-3.tar.gz
Posted Sep 20, 2002
Site sourceforge.net

Single Honeypot simulates many services - SMTP, HTTP, shell, and FTP. It can pretend to be many OS's, such as Windows FTP systems, Windows SMTP systems, different Linux distributions, and some Posix distributions.

Changes: Pop3 target added and commands of the SMTP target have been added and modified.
tags | tool, web, shell, intrusion detection
systems | linux, windows, unix, osx
SHA-256 | 7dad16d66c29a95ba1e3e9264d36977273af7bd19f478539d5b254aa78302492
prosum_0.28.tgz
Posted Sep 12, 2002
Authored by Fkt | Site prosum.sourceforge.net

ProSum is a console based program that protects your files, sys_call_table and IDT in a manor similar to tripwire (All in user space, without kernel modules). In addition, database with files etc. could be encrypted with Blowfish algorithm and files that are protected could be store at any secure/bastion host to later replace them. ProSum could be run on any UNIX system, at least with file protect mode (without IDT and sys_call_table support).

tags | tool, kernel, intrusion detection
systems | unix
SHA-256 | 72b66e29a6d697c84d82391457a17f67d1d3d3851b90c8852fb58ad13688aaf1
prelude-manager-0.8.5.tar.gz
Posted Sep 11, 2002
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

Changes: Fixed a heartbeat insertion problem.
tags | tool, remote, local, intrusion detection
systems | unix
SHA-256 | cc25fccf7ed25fb375d00c621b6dfee54ded352cf253b9b4d100b1279c27857a
libnids-1.17rc1.tar.gz
Posted Sep 10, 2002
Authored by Nergal | Site packetfactory.net

Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.

Changes: Support for libnet-1.1, libpcap save files, 802.1Q VLAN, wireless frames, and more.
tags | tool, local, intrusion detection
systems | unix
SHA-256 | 5639fc9256c8b335e9756b11aac789529d11214de4c4db81fc0b54ec2f2579a6
prelude-manager-0.8.4.tar.gz
Posted Sep 5, 2002
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

Changes: Bugs fixed, and corrects OpenSSL, PgSQL, and MySQL detection.
tags | tool, remote, local, intrusion detection
systems | unix
SHA-256 | b29cdf617272528050d7c6a56f3b81e73bc4b8d10fb00c36bb836d516a8b9ed2
pmids-1.5.tar.gz
Posted Aug 30, 2002
Authored by Redox | Site autosec.sourceforge.net

Poor Mans IDS is a couple of scripts which check certain files on your host (any you like) for changes in content, ownership, and mode. Rather than only mailing if something is wrong (like other IDSs), this lean IDS will send you a daily (or weekly or hourly, depending on how you set-up your cron job) security audit, containing details of what it found.

Changes: Bug fixes and some cool improvements.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6c2bba2937cdbe45c044fa15d5a6a702dee80dfa2c0f7f66611d3fe20ca4b282
prelude-manager-0.8.3.tar.gz
Posted Aug 30, 2002
Site prelude.sourceforge.net

Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.

tags | tool, remote, local, intrusion detection
systems | unix
SHA-256 | 5fd33f6e59d36461dc673f8f8a58b32cbb4aaead2d9e78b2009b07b7357d9f13
prelude-nids-0.8.1.tar.gz
Posted Aug 30, 2002
Site prelude.sourceforge.net

Prelude NIDS is the network sensor part of the Prelude Hybrid IDS suite. It provides network monitoring with fast pattern matching (Boyer-Moore) to detect attacks against a network. Includes protocol and detection analysis plugins featuring Telnet, RPC, HTTP, and FTP decoding and preprocessors for cross-platform polymorphic shellcodes detection, ARP misuse detection, and scanning detection. It supports IP fragmentation and TCP segmentation to track connections and detect stateful events.

tags | tool, web, tcp, shellcode, protocol, intrusion detection
systems | unix
SHA-256 | ca96ec7fdf581ae50704cdd1534c035a1dbd4684cdd86d052c10242b50a890e6
Samhain File Integrity Checker
Posted Aug 30, 2002
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: This release fixes a bug that may cause filename truncation if a filename with special (e.g. non-ASCII) characters is logged to an SQL database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 41e664afd9d562cf8958ebb2cbb3551a0dd0b56b359765252162270de6660d1e
firestorm-0.4.6.tar.gz
Posted Aug 21, 2002
Site scaramanga.co.uk

Firestorm is an extremely high performance network intrusion detection system (NIDS). Right now it is just a sensor but there are plans are to include real support for analysis, reporting, remote console, and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible.

Changes: Fixed a bug which caused tcpdump log files to get overwritten. The TCP state tracking code was completely rewritten and is now much more accurate and efficient. Support for HTTP URI content matching was added. Snort signatures are now bundled with default packages.
tags | tool, remote, intrusion detection
systems | unix
SHA-256 | e93123485333da8b54d632f5ec9c863eb29a49e584a917517507750a6aefcb26
tcpreplay-1.2.tar.gz
Posted Aug 21, 2002
Site sourceforge.net

Tcpreplay v1.2 - Tcpreplay is a set of tools aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.

Changes: Includes many new features and fixes, including removal of libpcap dependency, support for libnet 1.1.x, better dual nic support, fixing of truncated packets, Solaris snoop file support, and more.
tags | tool, arbitrary, protocol, intrusion detection
systems | unix
SHA-256 | 057068ea8ded353c7910c2c940842c04bf213fedd43e58b902125c578c66ab1f
shoneypot-0.2.tar.gz
Posted Aug 14, 2002
Site sourceforge.net

Single Honeypot simulates many services - SMTP, HTTP, shell, and FTP. It can pretend to be many OS's, such as Windows FTP systems, Windows SMTP systems, different Linux distributions, and some Posix distributions.

Changes: Added install script, and added more responses to the SMTP target.
tags | tool, web, shell, intrusion detection
systems | linux, windows, unix, osx
SHA-256 | f5e62c5a90684667ed1cb1875d4d7fcb6e0400f740888c294334eb1a48c3e570
honeyd-0.3.tar.gz
Posted Jul 31, 2002
Site citi.umich.edu

Honeyd is a small daemon that creates virtual honey pot hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.

Changes: Included UDP support (including proxying), and many bugfixes.
tags | tool, arbitrary, tcp, intrusion detection
systems | unix
SHA-256 | 71953be88fe40dd10108080de26dbd1c1ec9589f541747989be8d856255bcd05
Samhain File Integrity Checker
Posted Jul 24, 2002
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Fixes potential buffer overflow in the client/standalone code of samhain, versions 1.3.4 to 1.5.3 if compiled with the 'stealth' or 'micro-stealth' option. Other bugs were fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | ffa74ffac9f6fd324dc72211172b17144efed59f789ab45f7eecfb30df33a226
lsof_4.64.tar.gz
Posted Jul 11, 2002
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port. FAQ available here.

Changes: This release has various fixes and feature enhancements for FreeBSD, NetBSD, Darwin, OpenBSD, HP-UX, OpenUnix, and Solaris.
tags | tool, intrusion detection
systems | unix
SHA-256 | 7720fceff4e2052bd743ba4c6d29110e7fde5dc3615c90189669e0bbf07a24e8
clownids.tgz
Posted Jul 6, 2002
Authored by Mimayin | Site lsa.mine.nu

ClownIDS v1.0 verifies the md5 checksums of files and mails the admin and runs scripts when a problem is found.

tags | tool, intrusion detection
systems | unix
SHA-256 | db4e0cada39f0e39c5956c78aabb2715bfd2c2c20424edcaa0f4dda27a2166d0
logwatch-3.3.tar.gz
Posted Jul 4, 2002
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed the iptables and sendmail parsing routines. Some Solaris compatibility changes were made. An arpwatch filter was added.
tags | tool, intrusion detection
systems | unix
SHA-256 | b0a88b449253c7c50702f211df80b74c34cf121804e38f475ff70a2f9b099870
pmids-1.3.tgz
Posted Jun 13, 2002
Authored by Redox | Site darkie.net

Poor Mans IDS is a couple of scripts which check certain files on your host (any you like) for changes in content, ownership, and mode. Rather than only mailing if something is wrong (like other IDSs), this lean IDS will send you a daily (or weekly or hourly, depending on how you set-up your cron job) security audit, containing details of what it found.

Changes: New self-check portion, a new ability to pull signatures from a remote location (default is the author's Web site, and you must have wget for this feature to work).
tags | tool, intrusion detection
systems | unix
SHA-256 | 298794e2cf9d6abfa7c29c30582db1988cec10ea7123f8b7f3fb6b9c7b1ea774
Page 21 of 37
Back1920212223Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    47 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close