.:[ packet storm ]:.
                               
plan for the worst
plan for the worst

 Section:  .. / UNIX / IDS  /

Also see UNIX Network Logging Utilities.

Page 13 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 300 - 325 of 531
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sxid_3.2.5.tar.gz
Description:
 sXid 3.2.5 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.
Author:Ben Collins
Changes:added option to specify other than the default mail program, patch to make use of TMPDIR if set.
File Size:43378
Last Modified:Aug 16 20:02:44 1999
MD5 Checksum:8a573d8916efa87a40be6854fc763189

 ///  File Name: sherpa-0.1.3.tar.gz
Description:
 sherpa is a tool for configuring and then checking system security via the console. Written in perl, it allows an admin to maintain a custom database of file and directory permissions and ownership attributes as local needs dictate. Any changes from the prescribed layout will be detected each time sherpa is run. Also, sherpa does some basic system checks (world-writable files, .rhosts and hosts.equiv files, etc.) that help the busy admin keep on top of a system.
Author:Rick Crelia
Homepage:http://sherpa.lavamonkeys.com/
File Size:43362
Last Modified:Oct 20 15:21:54 1999
MD5 Checksum:8bbb31cc9de6a094556aef48cb9d2410

 ///  File Name: sxid_3.2.4.tar.gz
Description:
 sXid 3.2.4 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.
Author:Ben Collins
Changes:Minor bugfixes and a new IGNORE_DIRS option.
File Size:43354
Last Modified:Aug 16 20:02:42 1999
MD5 Checksum:97e3eeed57749e91262b1a49563be456

 ///  File Name: sid-0.3.5.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
Changes:Various updates.
File Size:43346
Last Modified:Jun 7 23:44:57 2004
MD5 Checksum:40ede1091f7a36800078a85259ff3a1b

 ///  File Name: whowatch-1.4.tar.gz
Description:
 Whowatch is an interactive utility that displays information about the users currently on the machine in real time. Besides standard information (login name, tty, host, user's process) you can see the connection type (ie. telnet or ssh). You can also watch the process tree, navigate it, and send INT and KILL signals. Ncurses ascii graphics.
Author:Michal Suszycki
Homepage:http://wizard.ae.krakow.pl/~mike/
Changes:Average load information and new keys for navigation were added, in addition to OpenBSD and FreeBSD support. Also bug fixes and major code optimalization changes.
File Size:43084
Last Modified:Jun 13 16:44:23 2000
MD5 Checksum:0870155e8b75b99f9954e76fb20f9528

 ///  File Name: portsentry-1.0.tar.gz
Description:
 PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. It runs on TCP and UDP sockets and works on most UNIX systems. Advanced stealth detection modes are available under Linux only and detect SYN, FIN, NULL, XMAS, and Oddball packet scans. All modes support real-time blocking and reporting of violations.
Author:Craig Rowland
Homepage:http://www.psionic.com/abacus/portsentry/
Changes:Correct ignoring of hosts, and a Y2K fix for log file output, using a four-digit year. This doesn't affect PortSentry, but may affect programs that look at the log files it generates.
File Size:43034
Last Modified:Dec 2 14:59:02 1999
MD5 Checksum:d2d29e614f1604bd62a23e33d7a7564f

 ///  File Name: SnmpMonitorEx-1.0.1.tar.gz
Description:
 Safely monitor SNMP variables on the net. If there are changes, you can get a message on your cellular, by mail or on screen. Requires Scotty and Tcl/Tk
File Size:42929
Last Modified:Aug 16 20:02:21 1999
MD5 Checksum:ef1457bcc056e25307efe5361fd4e453

 ///  File Name: sid-0.3.4.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
Changes:Various updates.
File Size:41665
Last Modified:Apr 20 08:02:00 2004
MD5 Checksum:56b27dbe49befdd875de879144c968c0

 ///  File Name: nodewatch-1.6.tar.gz
Description:
 NodeWatch is an open source TCP/IP network monitoring tool written in Perl for UNIX.
File Size:41583
Last Modified:Aug 16 20:02:16 1999
MD5 Checksum:d8c67cc9a35db752fa3233130a4e3fee

 ///  File Name: traffic-vis-0.30.tar.gz
Description:
 traffic-vis v0.30 - traffic-vis is a network monitoring/auditing tool that can plot communications between hosts on a TCP/IP network, and quickly answer questions such as Who is saturating your Internet link. This version is a major rewrite, splitting the program up into several smaller tools. 40k.
Author:Damien Miller
File Size:41222
Last Modified:Aug 16 20:02:38 1999
MD5 Checksum:ded93d0ff3b59bf70abac936e748e45e

 ///  File Name: sid-0.3.3.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
File Size:41017
Last Modified:Apr 10 12:06:00 2004
MD5 Checksum:cec3a3f4fec35389049ac63d4df66efe

 ///  File Name: trojan.tar
Description:
 trojan.tar
File Size:40960
Last Modified:Aug 16 20:02:16 1999
MD5 Checksum:a4b1af99be48ba2399825512f78a2185

 ///  File Name: portsentry-0.90.tar.gz
Description:
 PortSentry 0.90 - PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. It runs on TCP and UDP sockets and works on most UNIX systems. Advanced stealth detection modes are available under Linux only and detect SYN, FIN, NULL, XMAS, and Oddball packet scans. All modes support real-time blocking and reporting of violations.
Author:Craig Rowland
Changes:Renamed from Abacus Sentry to PortSentry, lots of internal code clean up and optimizations, Docs updated and it now works under Solaris, Linux, BSD variants and others. portsentry.sample.txt.
File Size:37936
Last Modified:Aug 16 20:02:46 1999
MD5 Checksum:80eead64b3d6efb10748b80ecec0f54a

 ///  File Name: sid-0.3.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
File Size:37889
Last Modified:Feb 22 21:52:00 2004
MD5 Checksum:f1edd0767a8217958f1048b4aeb66fd3

 ///  File Name: bh-0.8.6.tgz
Description:
 Beholder is a wireless intrusion detection tool that looks for anomalies in a wifi environment.
Author:Nelson Murilo
Homepage:http://www.beholderwireless.org/
File Size:37682
Last Modified:Aug 20 03:19:46 2008
MD5 Checksum:65eaed3776355063d4cd9131f1515a07

 ///  File Name: logwatch-1.6.6.tar.gz
Description:
 LogWatch 1.6.6 is a customizable, pluggable log-monitoring system that analyzes and reports on system logs. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Easy to use - works right out of the package on almost all systems. Now analyzes samba logs.
Author:Kirk Bauer
Changes:fewer unmatched entries in 'secure' service, ftp-messages module prettier, name-lookups now optional for named module, added and improved ProFTPd module, much more.
File Size:36751
Last Modified:Aug 16 20:02:46 1999
MD5 Checksum:e9c686de214ded15c89216fae1c21094

 ///  File Name: fupids2-0.8.5.tgz
Description:
 fupids2 is a so-called human oriented IDS based on the FUPIDS project. fupids2 calculates an attacker level for every user on all Unix/Linux/BSD systems in the network. It looks at the behavior of the user (the programs the user uses, the daytime the user is active, the building and room the user uses, the part of the room in which the user sits, and so on) and reports if the user engages in behavior that is unusual for that person. This method can often detect accounts overtaken by attackers.
Author:Steffen Wendzel
Homepage:http://www.doomed-reality.org/site/projekte/fupids2/index.html
File Size:36594
Last Modified:Feb 16 13:33:12 2006
MD5 Checksum:99b34dafee4ef81a3ec9b008071a12b8

 ///  File Name: clobberd-4.3-1.tar.bz2
Description:
 User/Resource Monitor. Used to keep tabs on users.
Author:Jason Nunn
File Size:36426
Last Modified:Aug 16 20:02:34 1999
MD5 Checksum:042a2b284c49537a75b6fa2d1d7e32a0

 ///  File Name: logwatch-2.7.tar.gz
Description:
 Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
Homepage:http://www.logwatch.org
Changes:If you are running v2.4 or below it is imperative that you upgrade! This version supports multiple copies of the same command (such as *remove) in config files, no longer requires an = sign when no arguments are given, and adds some more filtering.
File Size:35965
Last Modified:Apr 6 02:32:09 2002
MD5 Checksum:c193360765959f2b6126dee663f3e207

 ///  File Name: ICU-0.1.tar.gz
Description:
 ICU (Integrity Checking Utility) is a PERL program used for executing AIDE filesystem integrity checks on remote hosts from an ICU server and sending reports via email. This is done with help from SSH. This version is still under development.
Homepage:http://nitzer.dhs.org/ICU/ICU.html
File Size:35881
Last Modified:Dec 8 03:21:55 2000
MD5 Checksum:ed1e20bda4f0c0ba76e78556712282b9

 ///  File Name: portsentry-0.61.tar.gz
Description:
 PortSentry v0.61beta is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. There are other port scan detectors that perform similar detection of scans, but PortSentry has some unique features that may make it worth looking into: Runs on TCP and UDP sockets to detect port scans against your system. PortSentry is configurable to run on multiple sockets at the same time so you only need to start one copy to cover dozens of tripwired services. Stealth scan detection (Linux only right now). PortSentry will now detect SYN/half-open, FIN, NULL, X-MAS and oddball packet stealth scans. Four new stealth scan operation modes have been added to greatly increase the power of this package. PortSentry will react to a port scan attempt by blocking the host in real-time. This is done through configured options of either dropping the local route back to the attacker, using the Linux ipfwadm command, *BSD ipfw command, and/or dropping the attacker host IP into a TCP Wrappers host.deny file automatically. PortSentry has an internal state engine to remember hosts that connected previously. This allows the setting of a trigger value to prevent false alarms and detect "random" port probing. PortSentry will report all violations to the local or remote syslog daemons indicating the system name, time of attack, attacking host IP and the TCP or UDP port a connection attempt was made to. When used in conjunction with Logcheck it will provide an alert to administrators through e-mail.
Author:Craig H. Rowland
File Size:34968
Last Modified:Aug 16 20:02:40 1999
MD5 Checksum:57bf7e0caf99188018ef1ab6131faf4b

 ///  File Name: logwatch-1.6.4.tar.gz
Description:
 LogWatch is a customizable, pluggable log-monitoring system. Easy to use and highly configurable. Now analyzes samba logs!
File Size:34628
Last Modified:Aug 16 20:02:37 1999
MD5 Checksum:efba2db1b27075be80395858ce1ea883

 ///  File Name: nabou-1.5.tar.gz
Description:
 nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.
Author:Thomas Linden
Homepage:http://www.0x49.org/nabou/
Changes:This release includes many bugfixes, database encryption support, process monitoring capabilities, and some more output options.
File Size:34553
Last Modified:Sep 12 17:58:40 2000
MD5 Checksum:c84b8d6df7348aec42e97cdb36ace23a

 ///  File Name: monitord-4.0beta.tar.gz
Description:
 The Network Security Monitor Daemon is a lightweight (distributed?) network security monitor for TCP/IP LANs which will capture certain network events and record them in a relational database. The recorded data is then made available for analysis via a CGI-based interface.
Homepage:http://sourceforge.net/projects/monitord
Changes:Improved security - No threads run as root. Added a new statistical thread and an HTTP server thread (which serves statistics in XML/XSL).
File Size:34185
Last Modified:Dec 18 01:02:29 2001
MD5 Checksum:ce6dfe55f8de34afa03e3e5d51685b7a

 ///  File Name: logwatch-1.6.3.tar.gz
Description:
 LogWatch is a customizable, pluggable log-monitoring system. Easy to use and highly configurable. Now analyzes samba logs!
File Size:34163
Last Modified:Aug 16 20:02:37 1999
MD5 Checksum:471214d809eeccee70f4515e70e593fe
 

 ///  Last 10 Files
  1. :· MDVSA-2008-235.txt
  2. :· cambridge-sql.txt
  3. :· verlihub-exec.txt
  4. :· DDIVRT-2008-15.txt
  5. :· openssh-cbc-adv.txt
  6. :· joomlathyme-sql.txt
  7. :· BitDefenderDOS.zip
  8. :· fwknop-1.9.9.tar.gz
  9. :· kvirc-exec.txt
  10. :· vcalendar-disclose.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2008-235.txt
  2. :· DDIVRT-2008-15.txt
  3. :· openssh-cbc-adv.txt
  4. :· ZDI-08-076.txt
  5. :· ZDI-08-075.txt
  6. :· MDVSA-2008-233.txt
  7. :· SSRT080059.txt
  8. :· MDVSA-2008-220-1.txt
  9. :· MDVSA-2008-232.txt
  10. :· USN-674-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· cambridge-sql.txt
  2. :· verlihub-exec.txt
  3. :· joomlathyme-sql.txt
  4. :· BitDefenderDOS.zip
  5. :· kvirc-exec.txt
  6. :· vcalendar-disclose.txt
  7. :· toursmanager-blindsql.txt
  8. :· phprsgal-sql.txt
  9. :· natterchat-sql.txt
  10. :· php526-bypass.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· fwknop-1.9.9.tar.gz
  2. :· pysumpas-0.2.0.tar.gz
  3. :· framework-3.2.tar.gz
  4. :· tor.uclibc.i686.20081115.iso
  5. :· RFIDIOt-Windows-0.1u.zip
  6. :· RFIDIOt-0.1u.tgz
  7. :· dps-v1.5.tar.gz
  8. :· smbrelay3.zip
  9. :· mptrey.tar.gz
  10. :· dotnetsploitsrc-1.0.zip
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· java2-malware.pdf
  2. :· return-to-libc-linux.txt
  3. :· stack-overflow-linux.txt
  4. :· smallest_setuid_execve_sc.c
  5. :· sudoers-shellcode.txt
  6. :· strongswan-4.2.9.tar.gz
  7. :· hodetector-shellcode.txt
  8. :· rtm-essential5.pdf
  9. :· unixasm-1.3.0.tar.gz
  10. :· bnd-networks.pdf
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice