exploit the possibilities
Showing 601 - 625 of 788 RSS Feed

Intrusion Detection Files

instmon-1.5.tar.gz
Posted Aug 17, 1999
Authored by Vasilis Vasaitis

instmon is a shell script that monitors installations and detects the files that were added or modified.

Changes: Slightly changed the default search list (added /var/lib) and the default exclude list (added /root); instmon now uses $TMPDIR when set; Comparisons between version numbers are now done in a different way, which is more correct for the UN*X world; Fixed to work with RPM >= 2.5.0; Empty directories are now removed even more aggressively; Things are becoming complicated, so the awk command is now required, and instmon has to store some helper scripts (currently one) in /usr/local/lib/instmon.
tags | tool, shell, intrusion detection
systems | unix
MD5 | 84857431c0daee01c59e1231e2340712
nettest-1.1.tar.gz
Posted Aug 17, 1999
Authored by Rene Chaddock

nettest 1.1 - Nettest is a program which monitors a network connection, and takes some action (either email, audible notification, syslog entries, or all of the above) if/when the connection goes down. It's great for xDSL/Cable/Mission Critical Network Connections.

Changes: Fixed bug where pingnumber exibited other (unwanted) behaviour, fixed bug which caused nettest to crash under certain situations, more reliable email-sending code, added retrytime variable which allows nettest to try connection more frequently when connection is actually down.
tags | tool, intrusion detection
systems | unix
MD5 | f233bf84fc53e84eda01124435b36dea
qps-1.7.tar.gz
Posted Aug 17, 1999
Authored by Mattias Engdegard

Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them. Qps can: change nice value of a process, alter the scheduling policy and soft realtime priority of a process, display the TCP/UDP sockets used by a process, and names of the connected hosts, display the memory mappings of the process (which files and shared libraries are loaded where), display the open files of a process, kill or send any other signal to selected processes, display the load average as a graph, and use this as its icon when iconified, show (as graph or numbers) current CPU, memory and swap usage, sort the process table on any attribute (size, cpu usage, owner etc), and does much, much more. UNIX domain sockets are visible in the Files table, SMP support. Very nice GUI. Requires Qt library 1.40 or later and Linux 2.0 or later, or Solaris 2.5.x.

tags | tool, udp, tcp, intrusion detection
systems | linux, unix, solaris
MD5 | 448504e02509674a1d61899e37e4628c
sxid_3.2.5.tar.gz
Posted Aug 17, 1999
Authored by Ben Collins

sXid 3.2.5 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.

Changes: added option to specify other than the default mail program, patch to make use of TMPDIR if set.
tags | tool, intrusion detection
systems | unix
MD5 | 8a573d8916efa87a40be6854fc763189
top-3.5beta9.tar.gz
Posted Aug 17, 1999
Authored by William LeFebvre

Top - A Top-CPU Usage Display provides a rolling display of top-CPU using processes on a Unix system. It also displays other information about the overall health of the system, including load averages and memory utilization. Numerous portability patches and optimizations in this release.

tags | tool, intrusion detection
systems | unix
MD5 | 70d5f5461bb45a53c207557c354e8108
treeps-1.1.0.tar.gz
Posted Aug 17, 1999
Authored by George MacDonald

treeps 1.1.0 - Treeps is a X/Motif program for Unix/Linux that is designed to make monitoring and interacting with the running programs on your system easy and intuative. A "real time" tree view shows the relationships between the processes and is color coded to provide easy interpretation of various values. The process tree displays any combination of users/groups and can be used to drill down into process details and then extract key fields for continous monitoring.

Changes: Process Activity "LED's" to show state/load/priority, leader bars to show /group/session leaders, process tips for mouseover glances at key process info, many icon bar changes, color icons, larger and more icons, much more linux info, better user/group selection from group/user tree dialog, std. usage of colors, better auto sizing of window, many layout changes (esp star layout), RPM packages, KDE install script, man/strace/renice processes, renice subtree, single click kill, and many bug fixes.
tags | tool, intrusion detection
systems | linux, unix
MD5 | 6a8c7ab7b0a851ee9d34a651d4ab2540
watchdog-4.5.tar.gz
Posted Aug 17, 1999
Authored by Michael Meskes

watchdog is a daemon that monitors systems processes and loads, and will automatically reboot a server if the load rises above a defined level. Very useful tool.

tags | tool, intrusion detection
systems | unix
MD5 | 3260bd2682363b46084df55e3652b870
qps-1.6.6.tar.gz
Posted Aug 17, 1999
Authored by Mattias Engdegard

qps 1.6.6 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.

Changes: Limited Solaris 2.6 support (no sockets listing; several fields missing). Source code. Requires Qt library 1.40 or later.
tags | tool, intrusion detection
systems | unix
MD5 | c917ee8e402b4eef81fa0f96a0e63213
qps-1.6.7.tar.gz
Posted Aug 17, 1999
Authored by Mattias Engdegard

qps 1.6.7 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.

Changes: replaced delete with delete[] in proc.C and fixed another Linux segfault. Source code. Requires Qt library 1.40 or later.
tags | tool, intrusion detection
systems | unix
MD5 | 44c7c163569aa4264abc3094004a5f44
qps-1.6.8.tar.gz
Posted Aug 17, 1999
Authored by Mattias Engdegard

qps 1.6.8 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.

Changes: TTY field width made variable (mostly for Solaris) and Linux cpu usage bug fixed. Source code. Requires Qt library 1.40 or later.
tags | tool, intrusion detection
systems | unix
MD5 | d3fffd1514f4fbd59b78233b5fb04c3f
gogmagog-3.tar.gz
Posted Aug 17, 1999
Authored by C.Parisel

GogMagog is a multiplatform sysadmin tool for monitoring the integrity of network-wide systems. Communication between the Magog server (ideally a PC running Linux) and the Gog hosts relies on FTP only, so it is pretty network architecture independant. Sysadmins monitor their machines at a glance, through a very simple WWW graphical interface on the server.

tags | tool, intrusion detection
systems | linux, unix
MD5 | 8ef23b61a15ccdbe831cb688278deedd
lsof_4.42_W.tar.gz
Posted Aug 17, 1999
Authored by Vic Abell

lsof 4.42 - Lsof is a Unix-specific diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system.

Changes: Patched an x86 stack overflow exploit found in 4.40, updated VM support in Freebsd 4.0-CURRENT and added support for NetBSD's UVM as well as additional patches for HP-UX, Solaris 2.6, DU 4.0. and support for Digital Unix 5.0, OpenBSD 2.5.
tags | tool, intrusion detection
systems | unix
MD5 | 30b4bf27f46f397d7be5dd0bc1cf1753
overcr-1.49.02.tar.gz
Posted Aug 17, 1999
Authored by Eric Molitor

OverCR 1.49.02 - OverCR is a remote systems monitoring tool that utilizes a simple language for queries. It is designed as a GPL'd program similar to the popular (and non-GPL) Big Brother Monitoring system.

Changes: Configuration file support completed, minor documentation fixes, minor cleaning and formating of source.
tags | tool, remote, intrusion detection
systems | unix
MD5 | 6ae461e9e01a97b6e47695f87462fd1b
sxid_3.2.4.tar.gz
Posted Aug 17, 1999
Authored by Ben Collins

sXid 3.2.4 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.

Changes: Minor bugfixes and a new IGNORE_DIRS option.
tags | tool, intrusion detection
systems | unix
MD5 | 97e3eeed57749e91262b1a49563be456
tmp-audit-0.3.tar.gz
Posted Aug 17, 1999
Authored by Proof Of Concept

tmp-audit is a simple tool designed to monitor a directory and log changes (i.e /tmp). New file size, variable refresh, and header beep options in this release.

tags | tool, intrusion detection
systems | unix
MD5 | b902f220dd12ba87319a661c9f9f361c
traffic-vis-0.34.tar.gz
Posted Aug 17, 1999
Authored by Damien Miller

traffic-vis is a network monitoring/auditing tool that can plot communications between hosts on a TCP/IP network, and quickly answer questions such as Who is saturating your Internet link. This version is a major rewrite, splitting the program up into several smaller tools. 40k.

tags | tool, tcp, intrusion detection
systems | unix
MD5 | cc37484bbb537dd80d52d05961bd5624
overcr-1.49.01.tar.gz
Posted Aug 17, 1999
Authored by Eric Molitor

OverCR 1.49.01 - OverCR is a simple system monitoring tool that utilizes a simple language for queries. It is designed as a GPL'd program similar to the popular (and non-GPL) Big Brother Monitoring system.

Changes: First 1.50 beta featuring new config file based configuration. "System Monitoring is an important and expensive task. Fortunately free tools such as Big Brother have become available. Unfortunately these tools are not free in the GNU sense. In addition the shell script format of Big Brother leaves something to be desired in my opinion. Therefore I've started writing Over-CR, a GPL Network Monitoring software."--Eric Molitor
tags | tool, intrusion detection
systems | unix
MD5 | a68cee6f17be4e0806ee23797f112899
qps-1.6.3-static.gz
Posted Aug 17, 1999
Authored by Mattias Engdegard

qps v1.6.3-static: Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them. Static binary of alpha code.

tags | tool, intrusion detection
systems | unix
MD5 | 850b5aff83b74a3a04148103958f1b24
qps-1.6.3.tar.gz
Posted Aug 17, 1999
Authored by Mattias Engdegard

Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them. Qps can: change nice value of a process, alter the scheduling policy and soft realtime priority of a process, display the TCP/UDP sockets used by a process, and names of the connected hosts, display the memory mappings of the process (which files and shared libraries are loaded where), display the open files of a process, kill or send any other signal to selected processes, display the load average as a graph, and use this as its icon when iconified, show (as graph or numbers) current CPU, memory and swap usage, sort the process table on any attribute (size, cpu usage, owner etc), and does much, much more. UNIX domain sockets are visible in the Files table, SMP support. Very nice GUI. Requires Qt library 1.40 or later and Linux 2.0 or later, or Solaris 2.5.x.

tags | tool, udp, tcp, intrusion detection
systems | linux, unix, solaris
MD5 | 631a834da72aa37bbc4691e4ba54c07d
qps-1.6.4.tar.gz
Posted Aug 17, 1999
Authored by Mattias Engdegard

qps 1.6.4 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.

Changes: Compile error fixed and tiny tweak in proc.C (skip unused fields). Source code. Requires Qt library 1.40 or later.
tags | tool, intrusion detection
systems | unix
MD5 | a74cad190fc47332ae2fa9c4e70531ca
whowatch-1.0.5.tar.gz
Posted Aug 17, 1999
Authored by Michal Suszycki

whowatch 1.0.5 - Whowatch is an ncurses who-like utility which displays informations about the users currently on the machine in real time. Besides standard information (login name, tty, host, user's process) you can see the connection type (ie. telnet or ssh).

Changes: Added ability to toggle display between processes and users' idle time, added 'local' type of login, better response for key pressing, and several bugfixes.
tags | tool, intrusion detection
systems | unix
MD5 | 5e0e39d1e3d1ad8051abeb0b5d4a9ccc
whowatch-1.0.tar.gz
Posted Aug 17, 1999
Authored by Michal Suszycki

whowatch v1.0 is an ncurses who-like utility that displays informations about the users currently on the machine in real time. Besides standard information (login name, tty, host, user's process) you can see the connection type (ie. telnet or ssh). Initial release. 4k.

tags | tool, intrusion detection
systems | unix
MD5 | 3a2c7f8fe56376fea72014c4f5980605
xlogmaster-1.6.0.tar.gz
Posted Aug 17, 1999
Authored by Georg C. F. Greve

Xlogmaster 1.6.0 is a program that lets you monitor everything that's going on on your system in a very quick and comfortable way. It allows reading logfiles, devices or running status-gathering programs, translating all data (if wished) and displaying it with filters for highlithing / lowlighting / hiding lines or taking actions upon user-defined events. Filters allow to raise/lower/hide lines. Due to usage of the GTK+ toolkit and full runtime configurability the user can modify the appearance of the xlogmaster to whatever fits his desktop best.

Changes: Complete "Customize" Menu rewrite, Plugin support, GTK+ 1.2.0 compliant, the EXEC lines now allow pipes, keyboard accelerators for entries and for menu, support for a system wide entry database and for personal entry database, now catches logfile rotation and a new mode (RUN) that allows execution of any program to gather information about the system and evaluate it's stdout and stderr. Excellent program! Compiles and runs on just about every flavor of UNIX/Linux. Too many features to list here, so check out the Xlogmaster web site.
tags | tool, intrusion detection
systems | unix
MD5 | b1900ebae821656fb6b7f028fab8bf10
abacus-sentry.lsm
Posted Aug 17, 1999

Detailed descriptions of the PortSentry, HostSentry, and LogCheck tools included in the Abacus Project suite of Intrusion Detection tools. Abacus Project web site

tags | tool, web, intrusion detection
systems | unix
MD5 | 54b8d9d6eadd7f6f9195e6c9b8027646
hostsentry-0.02.tar.gz
Posted Aug 17, 1999
Authored by Craig H. Rowland

HostSentry v0.02 is a host based intrusion detection tool that performs Login Anomaly Detection (LAD), and is the most recent edition to the Abacus Project suite of security tools. This tool allows administrators to spot strange login behavior and quickly respond to compromised accounts and unusual behavior. HostSentry incorporates a dynamic database and actually "learns" the user login behavior. This behavior is then utilized by modular signatures to detect unusual events. Specifically, HostSentry monitors system login accounting records in real-time (wtmp/utmp). These records are used to build a dynamic database of active users and run a series of signature modules during the login and logout phases. The signature modules are pluggable and easily activated or deactivated by the admin. An example wrapper is included to allow administrators to add new signatures. The current list of signatures includes: moduleLoginLogout - Generic audit trail of all user login and logouts. moduleFirstLogin - Alerts administrators if this user is logging in for the first time. moduleForeignDomain - A login was detected from a domain not listed in the allowed domains file. moduleRhostCheck - A user's .rhosts file contains a wildcard or other dangerous modification. moduleHistoryTruncated - A user's .history file is missing, truncated to zero bytes, or symlinked (i.e. /dev/null). moduleOddDirnames - A user's directory contains suspicious directory names on logout (" ..", "...", etc.). moduleMultipleLogins - A single username has multiple concurrent logins from different domains. moduleOddLoginTime - A user is logging in at an odd hour for their usage pattern (not implemented yet). moduleInvalidUtmp - A corresponding utmp/wtmp entry for this login cannot be found (entry possibly removed) (not implemented yet). moduleHistorySuspicious - The user's history file contains suspicious commands (not implemented yet). moduleNetworkDaemon - The user logged out but left a listening network socket operating (private web server, IRC bot, etc.) (not implemented yet). moduleFileExists - A file was found in the user's directory that is listed in the banned/monitored list of the site (not implemented yet). First release.

tags | tool, web, intrusion detection
systems | unix
MD5 | 3de0bbb7d456bb53683de56dfdf98362
Page 25 of 32
Back2324252627Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    22 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close