Section: .. / UNIX / IDS /
| /// File Name: |
acid-0.9.6b12.tar.gz |
Description:
|
The Analysis Console for Intrusion Databases (ACID) is a PHP-based analysis engine to search and process a database of incidents generated by security software such as IDS's and firewalls (e.g., Snort or ipchains). It provides a search interface for finding alerts matching practically any criteria, including arrival time, signature time, source/dest address/port, flags, payload, etc. ACID also provides the ability to annotate and logically group related events, delete false positives, or archive alerts among databases. A variety of statistics and graphs can be generated based on time, IP address, ports, alert classification, and sensor.
| | Homepage: | http://acidlab.sourceforge.net | | File Size: | 81899 | | Last Modified: | Aug 4 08:29:14 2001 |
| MD5 Checksum: | 52060fdcb7bf9a5604286396e0f4ba02 |
|
| /// File Name: |
qps-1.6.6.tar.gz |
Description:
|
qps 1.6.6 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.
| | Author: | Mattias Engdegard | | Changes: | Limited Solaris 2.6 support (no sockets listing; several fields missing). Source code. Requires Qt library 1.40 or later. | | File Size: | 81702 | | Last Modified: | Aug 16 20:02:43 1999 |
| MD5 Checksum: | c917ee8e402b4eef81fa0f96a0e63213 |
|
| /// File Name: |
qps-1.7.tar.gz |
Description:
|
See description above.
| | File Size: | 81664 | | Last Modified: | Aug 16 20:02:44 1999 |
| MD5 Checksum: | 448504e02509674a1d61899e37e4628c |
|
| /// File Name: |
qps-1.6.8.tar.gz |
Description:
|
qps 1.6.8 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.
| | Author: | Mattias Engdegard | | Changes: | TTY field width made variable (mostly for Solaris) and Linux cpu usage bug fixed. Source code. Requires Qt library 1.40 or later. | | File Size: | 81659 | | Last Modified: | Aug 16 20:02:43 1999 |
| MD5 Checksum: | d3fffd1514f4fbd59b78233b5fb04c3f |
|
| /// File Name: |
qps-1.6.7.tar.gz |
Description:
|
qps 1.6.7 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.
| | Author: | Mattias Engdegard | | Changes: | replaced delete with delete[] in proc.C and fixed another Linux segfault. Source code. Requires Qt library 1.40 or later. | | File Size: | 81486 | | Last Modified: | Aug 16 20:02:43 1999 |
| MD5 Checksum: | 44c7c163569aa4264abc3094004a5f44 |
|
| /// File Name: |
lslk_1.25_W.tar.gz |
Description:
|
lslk_1.25_W.tar.gz
| | File Size: | 80900 | | Last Modified: | Aug 16 20:02:47 1999 |
| MD5 Checksum: | 89818f576e10d560f8f806ea8894ff8f |
|
| /// File Name: |
qps-1.6.4.tar.gz |
Description:
|
qps 1.6.4 - Qps is a visual process manager, an X11 version of "top" or "ps" that displays processes in a window and lets you sort and manipulate them.
| | Author: | Mattias Engdegard | | Changes: | Compile error fixed and tiny tweak in proc.C (skip unused fields). Source code. Requires Qt library 1.40 or later. | | File Size: | 76914 | | Last Modified: | Aug 16 20:02:41 1999 |
| MD5 Checksum: | a74cad190fc47332ae2fa9c4e70531ca |
|
| /// File Name: |
qps-1.6.2.tar.gz |
Description:
|
See description above.
| | File Size: | 76493 | | Last Modified: | Aug 16 20:02:40 1999 |
| MD5 Checksum: | 2ac9af439f59b480a69dac24ef2c1921 |
|
| /// File Name: |
nabou-2.4.tar.gz |
Description:
|
nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.
| | Author: | Thomas Linden | | Homepage: | http://www.nabou.org | | Changes: | Security bug fix. | | File Size: | 76345 | | Last Modified: | Aug 30 23:01:20 2004 |
| MD5 Checksum: | 508fc306ff5816970986f5d8a320483d |
|
| /// File Name: |
mom.tar.gz |
Description:
|
System monitoring front end tool.
| | Author: | William Annis | | File Size: | 72988 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | fec4ef04c43faf5abde09fcf00c75531 |
|
| /// File Name: |
mwcollect-3.0.3.tar.bz2 |
Description:
|
mwcollect is an easy solution to collect worms and other autonomous spreading malware in a non-native environment like Linux. The mwcollect daemon mwcollectd opens ports that are known to be commonly exploited by Malware and simulates certain known vulnerabilities on them.
| | Author: | Honeynet Project | | Homepage: | http://www.mwcollect.org/ | | Changes: | The Threestone mwcollect version fixes some timeout bugs and should increase overall performance. The submit-gotek module for Alliance support has been added and this version now finally builds and runs very good on FreeBSD. | | File Size: | 72623 | | Last Modified: | Feb 5 22:13:14 2006 |
| MD5 Checksum: | d9ecc6cd8838d6ade4b486e9e27e4cfb |
|
| /// File Name: |
sherpa-0.1.8.tgz |
Description:
|
sherpa is a tool for configuring and then checking system security via the console. Written in perl, it allows an admin to maintain a custom database of file and directory permissions and ownership attributes as local needs dictate. Any changes from the prescribed layout will be detected each time sherpa is run. Also, sherpa does some basic system checks (world-writable files, .rhosts and hosts.equiv files, etc.) that help the busy admin keep on top of a system.
| | Author: | Rick Crelia | | Homepage: | http://sherpa.lavamonkeys.com/ | | Changes: | Bug fixes and some optimizations. | | File Size: | 72308 | | Last Modified: | Nov 4 23:22:23 2004 |
| MD5 Checksum: | f19a47d6634f4ccea7dedef052a1b7c8 |
|
| /// File Name: |
libnids-1.16.tar.gz |
Description:
|
Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. The libnids library offers IP defragmentation, TCP stream assembly and TCP port scan detection. Libnids is highly configurable, reliable, and portable.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | File Size: | 72292 | | Last Modified: | Nov 3 14:35:46 2000 |
| MD5 Checksum: | f463bb8269b9958679f0f912715f2843 |
|
| /// File Name: |
Monitor-1.0.0.tar.gz |
Description:
|
The Monitor is a small file monitoring program. Can handle an unlimited number of files, and can be configured to timestamp each line displayed. It also supports basic parsing of syslogs (compressing the output).
| | File Size: | 70621 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | d0254959a5673f4c94c3384b3ea4d7ba |
|
| /// File Name: |
xwatch-0.1.0.tar.gz |
Description:
|
Xwatch is a tool to monitor one or several files (especially syslogs), optionally parsing the output, and displaying it in an X window. Requires GTK+.
| | File Size: | 68760 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | c25992f17e25fe0d96605eacd7f4597d |
|
| /// File Name: |
libnids-1.14.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/libnids | | Changes: | Added support to capture packets on all interfaces, including loopback, added ability to refrain from setting promisc flag, added ability to disable tcp processing, libc5 support, alpha platform support, and bug fixes. | | File Size: | 67678 | | Last Modified: | Jul 11 20:13:18 2000 |
| MD5 Checksum: | fee6fd45b55ab67cd599b066710ce1bc |
|
| /// File Name: |
mon-0.37l.tar.gz |
Description:
|
mon is an extensible service monitoring daemon which can be used to monitor network or non-network resources. Service monitors that come with the distribution can test for ping, telnet, ftp, smtp, http, nntp, pop3, imap, disk space, and SNMP queries.
| | File Size: | 67654 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | 2d7e58d1d933d31c0eeffc997121edb3 |
|
| /// File Name: |
watchdog-4.1.tar.gz |
Description:
|
A software watchdog (i.e. Automatic reboot daemon).
| | File Size: | 63939 | | Last Modified: | Aug 16 20:02:28 1999 |
| MD5 Checksum: | 8a54a794af31721190c62f13214adca8 |
|
| /// File Name: |
wipl-990221.src.tar.gz |
Description:
|
See description above.
| | File Size: | 63193 | | Last Modified: | Aug 16 20:02:39 1999 |
| MD5 Checksum: | e2d5ebb43b3dc12e121b6fad6b56bb94 |
|
| /// File Name: |
swatch-2.2.tar.Z |
Description:
|
Monitor logfiles, scan for specific entries in the log file, and take the action you have determined. Use with tcp_wrappers for excellent monitoring system.
| | File Size: | 63081 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 187aab00dfe0427d2aac13d4672b9a8c |
|
| /// File Name: |
getstatd-1.1.981014.tar.gz |
Description:
|
Allows users to watch their accounting statistics and admins to watch general users statistics, terminal lines and other system wide statistics for any period of time.
| | Author: | Maxim Chirkov | | File Size: | 63031 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | 1cf958fd87f98f6ffe9fa666266bb2a1 |
|
| /// File Name: |
libnids-1.13.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | Changes: | GNU autoconf support, code cleanup and new libnids(3) manpage, pcap_filter field in nids_params, bugfix in ip_check_ext(), Solaris support. | | File Size: | 62959 | | Last Modified: | Jan 28 17:59:37 2000 |
| MD5 Checksum: | 801b12ad1bce956af1d2e03b4d70f851 |
|
| /// File Name: |
watchdog-4.0.tar.gz |
Description:
|
A software watchdog (i.e. Automatic reboot daemon).
| | File Size: | 62595 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | bf41a6b4791c07d51018b9b8584629e8 |
|
| /// File Name: |
step.htm |
Description:
|
Eight Steps to A Working Intrusion Detection System - The SANS Institute. Preface and instructions for STEP package below.
| | File Size: | 60436 | | Last Modified: | Aug 16 20:02:35 1999 |
| MD5 Checksum: | c880c48f3099b3cb999cf34e2e224ffd |
|
| /// File Name: |
sid-0.4.2.tar.gz |
Description:
|
SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
| | Author: | belpo | | Homepage: | http://sid.sourceforge.net | | Changes: | Various updates. | | File Size: | 59661 | | Last Modified: | Jul 19 11:18:50 2005 |
| MD5 Checksum: | 970cdce20fc74a60d5923f6f39fcc519 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
