exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 551 - 575 of 906 RSS Feed

Intrusion Detection Files

nabou-1.8.tar.gz
Posted Jun 4, 2001
Authored by Thomas Linden | Site nabou.org

nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.

Changes: While 1.7 fixed many bugs, it included some new ones. Everybody who has 1.7 in use is urged to upgrade to 1.8. Directory recursion and some other ugly bugs have been fixed. Two new statements are available, and all features of the program have been tested before release.
tags | tool, perl, intrusion detection
systems | unix
SHA-256 | 010142ce00991528e4574140d8f28405e7b861e6f089ed82898daee29a17273d
nabou-1.7.tar.gz
Posted Jun 1, 2001
Authored by Thomas Linden | Site nabou.org

nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.

Changes: Better command line behavior which now supports more configuration options. It is now possible to completely replace tripwire with nabou.
tags | tool, perl, intrusion detection
systems | unix
SHA-256 | c44df76e0243a39a2e20929811f25408efeebda1bab7c75378e8138c85488077
Samhain File Integrity Checker
Posted Jun 1, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: A fix for a bug in the parsing of signed database/configuration files.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 2b26539157d7d860474fdc522cb212ec6d4b3a32f4400304c6a57f6bf867402f
rdC-sf.1.0.tgz
Posted May 30, 2001
Authored by venomous | Site rdcrew.com.ar

SF (securefiles) is a local intrusion detection system (IDS) which will get the hashes for the specified files and create a database which is then then it is encrypted with AES. The executable checks itself, and a phrase is displayed (we select it on the installation) every time the program run successfully.

tags | tool, local, intrusion detection
systems | unix
SHA-256 | 3149931855b0aa87c4b6852889675d677b6c52f94dc9e41de421798f404d911a
firestorm-0.1.2.tar.gz
Posted May 29, 2001
Site scaramanga.co.uk

Firestorm is a Network Intrusion Detection sensor which is multi-threaded, fast, and is pluggable at almost every point.

Changes: This release allows rule criteria to be negated, includes a string/content matcher, support for bidirectional snort rules, a TTL matcher, an IP ID matcher, and lots of other little fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 14bfbb77c591e461df226ab6cf3bf3e88bb05b6b3ae04d348f44d007fd0bf10c
Samhain File Integrity Checker
Posted May 23, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: Now detects Linux LKM rootkits. Problems with repetitive reports by the daemon have been fixed, the installation has been streamlined, init scripts for Linux (SuSE, Redhat, and Debian) have been added, and the docs have been revised.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 5d1dad7c0b0a2a4dd188767a5f3f037cf9749b1bb98b06900f7c8d21c445aba1
lsof_4.56_W.tar.gz
Posted May 8, 2001
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.

Changes: Fixes memory usage errors, adds support for FreeBSD 4.3 and 5.0, nonstop clusters, and CFS. Also includes fixes for Solaris and Linux.
tags | tool, intrusion detection
systems | unix
SHA-256 | 20bede6af359e9b2e9e2c464bd4e26ce16d488d584ffb85add31d8c501381a07
prelude-0.3.tar.gz
Posted May 3, 2001
Site linux-mandrake.com

Prelude is a Network Intrusion Detection system which captures packets and performs data analysis and reporting. Important and current features of Prelude include an IP defragmentation stack and detection plugins with persistent state.

Changes: Now includes on-demand SSL authentication and encryption between Prelude client and the Report server, an HTML reporting plugin, support for PPPOE layer, avoids duplicate operations between report plugins, and report server support for long options. The backup interface has been improved.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6feda35afe8a18ce578080c77f7a2f91d4a84d46bdb43ac7788feb8c64552cba
sentinel-1.2.1c.tar.gz
Posted Apr 25, 2001
Site zurk.sourceforge.net

Sentinel is a fast file integrity checker similar to Tripwire or ViperDB with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database.

Changes: Sentinel-user for individual users has been added. The copyright has been changed to the FSF. This release also contains minor makefile updates.
tags | tool, root, intrusion detection
systems | unix
SHA-256 | 5fd4cedb481fb37ba5e0c4cedf76af09d5bb6fd958d27a817f21132886c5c9a1
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (stable branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The stable version does not support all features that are mentioned in the summary. Client/Server communication is not encrypted, and wildcard patterns for filenames are not supported.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 95b8dc0feb825c5838066c1efa265cacbdb56ba1ec54e264939c3b70b8099cd9
Samhain File Integrity Checker
Posted Apr 22, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain (development branch) is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6. The devel version has more advanced features, but not all options are thoroughly tested yet.

Changes: Verifying the integrity of the log file has become more convenient, alignment for the memory profiling code has been fixed to make it work on Solaris, and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 59110c9b17c7a9e01f591414e5ac61ae4abf9a086b8ddef3f20dec0cb95804c0
attackwatch-0.0.1.tgz
Posted Apr 22, 2001

Attackwatch is intended to enhance the security of small private networks that are already protected by a restrictively configured firewall but which still have a few ports open. Attackwatch will analyze the firewall output in near-realtime and will run scripts in response to incoming packets that got logged.

tags | tool, intrusion detection
systems | unix
SHA-256 | 0316aef9a7258b5cb0b6a35451300ac411dc50becc8b986cdb22034bc221f0a0
check-ps-1.3.2.tar.gz
Posted Apr 19, 2001
Authored by Duncan Simpson | Site checkps.alcom.co.uk

Check-ps is a program that is designed to detect rootkit versions of ps that fail to tell you about selected processes. It currently requires /proc but other scanning methods can be implemented. The program will run in the background or one-shot mode. Check-ps has grown rather to better resist increasingly sophisticated attacks, generate more useful reports, and implement more detection methods. You are encouraged to check the signatures, available here.

Changes: Includes extended kill scanning which will detect LKM's such as adore-0.34. Includes new tests to generate a list of PID's by brute force.
tags | tool, intrusion detection
systems | unix
SHA-256 | b1c08424547c197563f6641aee28b0b9450246b337ba74064bd85a9711b9b8a1
lsof_4.55_W.tar.gz
Posted Apr 13, 2001
Authored by Vic Abell

Lsof is an extremely powerful unix diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system. It easily pinpoints which process is using each network connection / open port.

Changes: Added support for deleted files in /proc/PID/maps, added support for command name selection by regular expression, restored UnixWare support, and changed PGRP output title to PGID.
tags | tool, intrusion detection
systems | unix
SHA-256 | 2b5754c7e622dddba5c5a239bc5a2d98728bd9c47f904ac552bc93a627dffe31
Samhain File Integrity Checker
Posted Apr 10, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Lots of small bugfixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 09a63845ac98e809c95542526a65794687886f028534896e431f63e0814e1bc4
riley-0.2.tar.gz
Posted Mar 29, 2001
Site bigredrockeater.com

Riley is a file integrity checker written in Perl, somewhat similar to Tripwire.

tags | tool, perl, intrusion detection
systems | unix
SHA-256 | 0003d72c1eadfdc96f434b6d85ce289d6f291acc228f773f009cdfecb5b6b4cc
sentinel-1.2.1.tar.gz
Posted Mar 21, 2001
Site zurk.sourceforge.net

Sentinel is a fast file integrity checker similar to Tripwire or ViperDB with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database.

Changes: A -fullcheck option has been added which allows you to check for files added to the drive even if they are not in the database. The efficiency and speed of the algorithms for checking and database creation have also been improved, allowing it to work at or near a hard disk's max throughput limits.
tags | tool, root, intrusion detection
systems | unix
SHA-256 | 99707698a2a7d4bd78f5f2d02cf28df6ed1cc818d354adea561001735cac2a5b
Samhain File Integrity Checker
Posted Mar 21, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Minor problems with the 'stealth' option have been fixed, client/server encryption uses CBC mode, and HMAC-TIGER is used for message authentication.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 7586fdf2b2be87916768c7d10baaa36b29608cb4bde146ce3e9a228ca9029385
viperdb-0.9.8.tar.gz
Posted Mar 17, 2001
Authored by Peter Surda | Site panorama.sth.ac.at

ViperDB is a file checker. It is meant to be run from cron on a regular basis in order to monitor strange activity on a system. It supports checking of size, mtime, privileges, UID/GID, added/deleted files, and (as of 0.9.3) MD5 checksums. Data isn't stored in a single archive as in tripwire, but is split among all the monitored directories. This ViperDB is in fact a fork of the original, as the original authors seem unreachable.

Changes: Bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | f729531a492d04be06ca697599161e6844352023230474180464d8d06a3c189f
Samhain File Integrity Checker
Posted Mar 10, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: Problems with logging to syslog and with templates for the HTML server status page have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 668359b668a71b61438b1ab2f12daabe3a31ac1b11e9dd4fdf840819bce81d6a
viperdb-0.9.7.tar.gz
Posted Mar 10, 2001
Authored by Peter Surda | Site panorama.sth.ac.at

ViperDB is a file checker. It is meant to be run from cron on a regular basis in order to monitor strange activity on a system. It supports checking of size, mtime, privileges, UID/GID, added/deleted files, and (as of 0.9.3) MD5 checksums. Data isn't stored in a single archive as in tripwire, but is split among all the monitored directories. This ViperDB is in fact a fork of the original, as the original authors seem unreachable.

Changes: This release adds bugfixes in symlink handling, improved detecting of corrupted databases, and a directory-specific option to ignore mtime changes. Upgrading and re-initing of databases is recommended.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3cb38576519cd7ae00a09aa9a3652653cfedf7ce8409a1a400538db02dec7f83
viperdb-0.9.6.tar.gz
Posted Mar 6, 2001
Authored by Peter Surda | Site panorama.sth.ac.at

ViperDB is a file checker. It is meant to be run from cron on a regular basis in order to monitor strange activity on a system. It supports checking of size, mtime, privileges, UID/GID, added/deleted files, and (as of 0.9.3) MD5 checksums. Data isn't stored in a single archive as in tripwire, but is split among all the monitored directories. This ViperDB is in fact a fork of the original, as the original authors seem unreachable.

Changes: Fixes for bugs introduced by the 0.9.5 rewrite, new/strengthened internal security checks, and minor updates.
tags | tool, intrusion detection
systems | unix
SHA-256 | 9beeb32344be8185db433775f799de2b79b2dddd9a21ba40738b083810070ddc
tripwire-2.3.1-2.tar.gz
Posted Mar 5, 2001
Site sourceforge.net

Tripwire is a very popular system integrity checker, a utility that compares properties of designated files and directories against information stored in a previously generated database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email and pager reporting. Support files (databases, reports, etc.) are cryptographically signed.

Changes: Support for FreeBSD 4.2 and bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | d339fbc093ce9e9f0c98fa2b454735bb2c13613103d6edcfcce57dbd3a394d2a
Samhain File Integrity Checker
Posted Mar 3, 2001
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.

Changes: This release includes support for specifying files as shell-style wildcard patterns, fixes for some compilation problems on FreeBSD and Alpha/Linux, and a couple of fixes for other bugs.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 990646118fc67738df6e20049f2f0b490c9268689ad4d8830bf778393b11b9a2
mod_id_1.0.tar.gz
Posted Feb 27, 2001
Authored by Burak | Site hacettepe.edu.tr

Mod_Id is an interesting Apache Module which is an IDS system watching for suspicious URL's.

tags | tool, intrusion detection
systems | unix
SHA-256 | e611f4ddfa50d863dbee64de332fb55bda3cc532ddfaa9b45fa3e423d83b4d3d
Page 23 of 37
Back2122232425Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close