exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 676 - 700 of 906 RSS Feed

Intrusion Detection Files

sherpa-0.1.3.tar.gz
Posted Oct 20, 1999
Authored by Rick Crelia | Site sherpa.lavamonkeys.com

sherpa is a tool for configuring and then checking system security via the console. Written in perl, it allows an admin to maintain a custom database of file and directory permissions and ownership attributes as local needs dictate. Any changes from the prescribed layout will be detected each time sherpa is run. Also, sherpa does some basic system checks (world-writable files, .rhosts and hosts.equiv files, etc.) that help the busy admin keep on top of a system.

tags | tool, local, perl, intrusion detection
systems | unix
SHA-256 | 7d9a5cdc6b941a0b37126d89ee9153a4a21c836a27c959ffff39bb272ea1fff5
FCheck_2.07.45.tar.gz
Posted Oct 20, 1999
Authored by Mike Gumienny | Site sites.netscape.net

FCHECK is a very stable PERL script written to generate and comparatively monitor a UNIX system against its baseline for any file alterations and report them through syslog, console, or any log monitoring interface. Monitoring events can be done in as little as one minute intervals if a system's drive space is small enough, making it very difficult to circumvent. This is a freely-available open-source alternative to 'tripwire' that is time tested, and is easier to configure and use.

tags | tool, perl, intrusion detection
systems | unix
SHA-256 | b496520b28cfcbbf5d352dfe9a9b74dfc01978e4a1988f2a59f9f2c6ef4cf28b
tailbeep-0.2.tar.gz
Posted Oct 19, 1999
Authored by Tommy.

Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.)

tags | tool, intrusion detection
systems | unix
SHA-256 | b0291d4a76fe976aae9873a5039b4f8ff351c4f610e7b617251814bdc375a0c3
iplimit-0.9.tar.gz
Posted Oct 7, 1999

IPLimit is a security tool to prevent some denial of services on common internet daemons. It will dynamically reject connections from hosts thatalready connected too many times on the same service or the same server. And only these strobe makers will be rejected, not trusted people. IPLimit is fully configurable : you can, for instance, allow 40 connections per second for SMTP, and only 1 per minute for Telnet. It needs the TCPREMOTEIP and TCPLOCALPORT environment variables, so that IPLimit has to be used with a super-server like G2S or TCPServer. You can also use any other inetd variant if you have the tcp-env program (from Qmail). IPLimit was tested on Linux but should work on any other Unix implementation with or without minor changes.

tags | tool, denial of service, tcp, intrusion detection
systems | linux, unix
SHA-256 | 9b0eb17b70cae3acbd2924d8bb3df048ceccc94275bad8e5a541747e0235eb3d
tcp_wrappers_7.6.BLURB
Posted Oct 5, 1999

Blurb for tcp_wrappers_7.6.tar.gz

tags | tool, intrusion detection
systems | unix
SHA-256 | ba6ca8ba9ee13ef06fd505b3d9e5b285d454a0e72b86349ac550c1bf7bb075cc
tcp_wrappers_7.6.tar.gz
Posted Oct 5, 1999

Wietse Venema's tcp wrapper. The package provides tiny daemon wrapper programs that can be installed without any changes to existing software or to existing configuration files. The wrappers report the name of the client host and of the requested service; the wrappers do not exchange information with the client or server applications, and impose no overhead on the actual conversation between the client and server applications.

tags | tool, tcp, intrusion detection
systems | unix
SHA-256 | 9543d7adedf78a6de0b221ccbbd1952e08b5138717f4ade814039bb489a4315d
decfingerd-0.7.tar.gz
Posted Oct 4, 1999
Authored by Jon Beaton

decfingerd 0.7: The Deception Finger Daemon. This program will take place of the original finger service, providing totally false information to clients. This can be useful to catch people trying to crack your server, or to just really confuse them. You can define output for individual users, empty requests, and forward requests to another system. Tested on: Linux 2.2.7 -- GCC 2.7.2.3, Solaris 2.7 -- EGCS 1.1.1, OpenBSD 2.5 -- GCC 2.8.1.

tags | tool, intrusion detection
systems | linux, unix, solaris, openbsd
SHA-256 | 2f0703745ed109808ec2722a88bd0d120af0c3d11b4423d1453b61c8462f9e91
killerd-0_2.tar.gz
Posted Sep 30, 1999
Authored by Martin Mares

A daemon which kills shells with idle time above a certain limit.

tags | tool, shell, intrusion detection
systems | unix
SHA-256 | 8818b38a84283a859e30dd27f85c70af3e475a7baf52cfc154568f631e07ceff
tcpreplay-1.0.1.tar.gz
Posted Sep 23, 1999

Tcprelay v1.0.1 - Tcpreplay is aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.

tags | tool, arbitrary, protocol, intrusion detection
systems | unix
SHA-256 | 406ba86835be13f285736bfac9780708a0537ea26d50fe6a211628d0fdafb6ec
fragrouter-1.6.tar.gz
Posted Sep 23, 1999

Fragrouter v1.6 - Fragrouter is aimed at testing the correctness of a NIDS, according to the specific TCP/IP attacks listed in the Secure Networks NIDS evasion paper. Other NIDS evasion toolkits which implement these attacks are in circulation among hackers or publically available, and it is assumed that they are currently being used to bypass NIDSs.

tags | tool, tcp, intrusion detection
systems | unix
SHA-256 | db066e3e55a97f5623e5bfbd742d5eb934037b4f3b467e1e1535c40778bdcbe8
rpc_gotcha_beta1.0-Sep-Tue-99-12.tar.gz
Posted Sep 17, 1999
Authored by Chad Renfro

Rpc_Gotcha is a network based intrusion detection tool for detecting rpc based scans and attacks (buffer overflows). The program will passively sit on the network perimeter and process packets while analyzing the rpc message data payload looking for signs of a possible attack. Rpc_Gotcha will log all rpc calls made to the network and display payload data for possible attacks.

tags | tool, overflow, intrusion detection
systems | unix
SHA-256 | e2ccfd68a343a3485c93f6ce4cc1b8bf77c771ab659892b0f547ca1fb0ed14d2
aafid2-0.10.tar.gz
Posted Sep 11, 1999
Site cerias.purdue.edu

AAFID is a distributed monitoring and intrusion detection system that employs small stand-alone programs/Agents to perform monitoring functions in the hosts of a network. AAFID uses a hierarchical structure to collect the information produced by each agent, by each host, and by each set of hosts, to be able to detect suspicious activity. This release is a prototype and does not implement full functionality. All modules of the system are written in Perl, and thus it is extremely portable. Although some of the Agents included with AAFID2 perform NIDS functionality, the system as a whole is a host-based intrusion detection system.

tags | tool, perl, intrusion detection
systems | unix
SHA-256 | 0790ec3c2a9d54d716ac14f299330ea2472623d7f4b2419781dfacc1d8ef40bd
AIDE 0.4
Posted Aug 25, 1999
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

tags | tool, intrusion detection
systems | unix
SHA-256 | d995ff1e66845a2e0725d86d2ef681f559fcaf430b984f9180a1b2a746798742
drawbridge-2.0.1.tar.gz
Posted Aug 17, 1999

Packet filter that allows you to control IP packets going to and from your LAN and the Internet.

tags | tool, intrusion detection
systems | unix
SHA-256 | d0b0a7fcb3bef6b332b36bf8b7ef46ff399688a17573a0b1228f4c3ea4e5f408
hummer-A-062799.tar.gz
Posted Aug 17, 1999
Authored by HummingBird Project

HummingBird is a distributed component for any Intrusion Detection System. Features: Share security information with any Internet host, Powerful search-able database of security relevant data, Easy to use data visualization, Detects light but network wide attacks, Keeps historical data of system status, Hosts can be organized in a hierarchy for better management and information flow, Java interface for alert messages.

tags | tool, java, intrusion detection
systems | unix
SHA-256 | 49f2ff6ce1537346482f3c34b42bb0ba7898cb751019f7190d6fe7a668cbe2a7
icmpinfo-1.11.tar.gz
Posted Aug 17, 1999

Tracks ICMP packets, allowing you to proactively watch for suspicious behaviour, mainly ICMP unreachables.

tags | tool, intrusion detection
systems | unix
SHA-256 | 73a3106fab2ed9e187145c88a7914a0b09ff54e1a5bb05b0a222bff1840c4d12
bgcheck-0.5.tar.gz
Posted Aug 17, 1999
Authored by blue

bgcheck 0.5 - bgcheck is a process monitor for Linux written in perl that can be used by administrators to limit the number of background processes that each user can run.

Changes: added support for long usernames, fixed ftpd spawn detection to work with proftpd, possibly others.
tags | tool, perl, intrusion detection
systems | linux, unix
SHA-256 | 8a5e5a642bebb41d281e0916c6df99c8661b31c2576f42915d167c36debb6391
ctm-1.2.tar.gz
Posted Aug 17, 1999
Authored by Lars Fenneberg

ctm 1.2 - CTM is an SNMP interface statistics gatherer which works as a daemon and polls SNMP capable routers in regular intervals and puts the gathered information into a database. Information gathered includes operational status of the interface, octets and packets sent and received, line errors, and queue discards, but CTM can easily be changed to log any interface specific SNMP variable. CTM comes with an example report script which gives traffic and line error summaries for certain periods of time.

Changes: Version 1.2 corrects delta counters accordingly when the router is rebooted.
tags | tool, intrusion detection
systems | unix
SHA-256 | 27308bc4087287161826a889483c1a4e0e34328f7e8fbc5be4478362342adc72
decfingerd-0.6.tar.gz
Posted Aug 17, 1999
Authored by Jon Beaton

dfingerd v0.6 takes the place of your original finger service, providing totally false information to clients. This can be useful to catch people trying to crack your server, or to just really confuse them. You can define output for individual users, empty requests, and forward requests to another system.

tags | tool, intrusion detection
systems | unix
SHA-256 | e02c0b42a26d48042ebd6629ed114dd8c4f5cc9ff6df6e94067d7ccbc40f0f24
gogmagog-4.tar.gz
Posted Aug 17, 1999
Authored by C. Parisel

gogmagog 4 - GogMagog is a multiplatform sysadmin tool for monitoring the integrity of networkwide systems. Communication between the Magog server (ideally a PC running Linux) and the Gog hosts relies on FTP only, so it is relatively network architecture independent. Sysadmins monitor their machines at a glance, through a very simple WWW graphical interface (named GogView) on the server. GogMagog works on Linux, AIX, HP-UX and Solaris.

Changes: encrypted profiles, security improvements.
tags | tool, intrusion detection
systems | linux, unix, solaris, aix, hpux
SHA-256 | b9e75e70b99d04fb2121c6bf3c917a993b0dd53051668aa32ef9a8d765cfb779
lslk_1.25_W.tar.gz
Posted Aug 17, 1999

lslk_1.25_W.tar.gz

tags | tool, intrusion detection
systems | unix
SHA-256 | 10317b610522e71539e136f55f49f10e4d50f822614958dcf5894592fec4e130
lsof_4.43_W.tar.gz
Posted Aug 17, 1999
Authored by Vic Abell

lsof 4.43 - Lsof is a Unix-specific diagnostic tool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system.

Changes: Too many changes and bugfixes to mention here - read the 00DIST file for details.
tags | tool, intrusion detection
systems | unix
SHA-256 | 36e8d7f7aef8f8d581491bb31a45a5039408158fa056404c6a464be485b0fe64
lsof_4.45_W.tar.gz
Posted Aug 17, 1999
Authored by Vic Abell

lsof 4.45 - Lsof is a Unix-specific diagnostic t ool. Its name stands for LiSt Open Files, and it does just that. It lists information about any files that are open by processes currently running on the system.

Changes: Too many changes and bugfixes to mention here - read the 00DIST file for details.
tags | tool, intrusion detection
systems | unix
SHA-256 | a55dfefdd9402561822821885e8b6cdfdb2a4ba741e747c643ad04a9466464f2
slocate-1.6.tar.gz
Posted Aug 17, 1999
Authored by Kevin Lindsay

Secure Locate 1.6 - Secure locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also store file permissions and ownership so that users will not see files they do not have access to. It is a bit slower than the GNU locate, but thats the price for security.

Changes: Optimized some code to make updating the database much faster, patched to allow smoother installation on FreeBSD, and some other minor bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | bd8e2060cec9a7743ca9fa2ca80d1ee15f6863ba004f2fd54b9c108896bfc5c4
swatch-3.0b1.tar.gz
Posted Aug 17, 1999
Authored by Todd Atkins | Site stanford.edu

Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.

Changes: Fixed a big bug involving key value assignment when throttling.
tags | tool, intrusion detection
systems | unix
SHA-256 | 4f3ddf8efc4c8d14733cbf56329630704c9634db8183de27fd66a8e745e043a9
Page 28 of 37
Back2627282930Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close