Section: .. / UNIX / IDS /
| /// File Name: |
dtk-0.6.tar |
Description:
|
Deception Toolkit v0.6 - Tools and tactics based on deception to counter hacking/cracking attacks. DTK Version 0.6 adds the 'slowly' pragma to 'orders'. V0.6 also adds logging of accesses by IP address and retrieval of roll-up information from these log files via the deception port in a manner similar to that of InfoCon information. V0.6 also adds time-based passwords (also can be used in a use-based mode if desired) and the utility program tbp.pl. TBP allows remote systems to authenticate themselves automatically over time without reuse of the same old passwords. Too many more features to list in this major release. 400k.
| | Author: | Fred Cohen and Associates | | File Size: | 399360 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | ae64a9f31e388ac3410ed79ad3f8a1e4 |
|
| /// File Name: |
radmind-1.10.0.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Added a couple of options and various tweaks. | | File Size: | 397065 | | Last Modified: | Sep 1 00:07:46 2007 |
| MD5 Checksum: | ade8dd2e2ef68f29f105611e793bd393 |
|
| /// File Name: |
sentinel-1.2.0.tar.gz |
Description:
|
Sentinel is a fast file/drive scanning utility similar to the Tripwire and Viper.pl utilities available. It uses a database similar to Tripwire, but uses a RIPEMD-160bit MAC checksumming algorithm (no patents) which is more secure than the patented MD5 128 bit checksum. It should run on most unixes (tested on redhat linux v6.0 & v5.2, slackware linux v3.x & 4.xb and IRIX (v5.2 and v6.x). Several other utilities which are used for Sentinel development are also posted here. Most utilities are included with the sentinel tarball. gSentinel is a graphical front-end to sentinel. Newbies should download gSentinel as it comes with a very simple rpm based installation and offers a friendly interface. Beware that gSentinel is currently under development and may be fairly crude compared to most GUI packages.
| | Homepage: | http://zurk.netpedia.net/zfile.html | | File Size: | 395168 | | Last Modified: | Jan 24 19:55:33 2000 |
| MD5 Checksum: | 6c7adcd611c90494db94c4e3f9b579cc |
|
| /// File Name: |
radmind-1.11.1.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Fixed port failover on Mac OS X 10.5 clients. Exclude patterns support escape sequences now. fsdiff manpage: clarification of exclude behavior. | | File Size: | 390810 | | Last Modified: | Jan 14 17:18:51 2008 |
| MD5 Checksum: | 62419551c6b83873f10b5eb4462cd007 |
|
| /// File Name: |
radmind-1.8.1.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | lapply doesn't attempt to report when run with -n, some other changes. | | File Size: | 387410 | | Last Modified: | May 23 22:14:01 2007 |
| MD5 Checksum: | 77687b759a05cc34a8611469ded5c667 |
|
| /// File Name: |
radmind-1.7.0.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Major changes from 1.6.1 include performance improvements to fsdiff and functionality on Linux. | | File Size: | 383633 | | Last Modified: | Aug 17 02:22:25 2006 |
| MD5 Checksum: | b3dd376739d639c381795d25a66019b4 |
|
| /// File Name: |
radmind-1.7.1.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | fsdiff does not checksum files that are going to be deleted. Added additional wildcard patterns for config file. Using updated DNSServiceDiscovery APIs. | | File Size: | 378163 | | Last Modified: | Oct 5 00:09:04 2006 |
| MD5 Checksum: | cdc83d33a111bdf883ca8291129c81fc |
|
| /// File Name: |
prelude-manager-0.8.3.tar.gz |
Description:
|
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
| | Homepage: | http://prelude.sourceforge.net | | File Size: | 372329 | | Last Modified: | Aug 30 01:41:34 2002 |
| MD5 Checksum: | b9097c765fd7e396dca45398dc84ab88 |
|
| /// File Name: |
impost-0.1rc1.tar.gz |
Description:
|
Impost is a multi-purpose scriptable network protocol security auditing tool designed for analyzing network attacks and exploitations while operating as a honey pot or packet sniffer.
| | Author: | ziplock | | Homepage: | http://impost.sourceforge.net/ | | Changes: | New features and various algorithmic improvements. | | File Size: | 369524 | | Last Modified: | Aug 30 23:34:33 2004 |
| MD5 Checksum: | 41c2e3e9c2b19df1a0f2e20b7c6a565f |
|
| /// File Name: |
honeyd-0.6.tar.gz |
Description:
|
Honeyd is a small daemon that creates virtual honey pot hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.
| | Author: | Niels Provos | | Homepage: | http://www.citi.umich.edu/u/provos/honeyd | | Changes: | This release includes faster routing lookups, asymmetric routing, GRE tunneling, plugins and configuration systems, integration of physical machines into the virtual routing topology for network simulation, performance improvements, and several bugfixes. | | File Size: | 365913 | | Last Modified: | Jun 24 02:10:02 2003 |
| MD5 Checksum: | 20cc97bee4188ccad9831292bbdb885c |
|
| /// File Name: |
argus-1.7.beta.1b.tar.gz |
Description:
|
IP network transaction auditing tool. Reads network datagrams promiscuously, and generates network traffic status records.
| | File Size: | 365865 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | c67479072f0e46fbbf8ae029408ea60d |
|
| /// File Name: |
xnetsentry-1.1.tgz |
Description:
|
Network sentry tool; uses libpcap.
| | File Size: | 361894 | | Last Modified: | Aug 16 20:02:26 1999 |
| MD5 Checksum: | fe7b2dcbe9eab30e24b2092e4b6dc0b0 |
|
| /// File Name: |
radmind-1.6.0.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Added support for network communication compression. OS X Package contains universal binaries. | | File Size: | 360040 | | Last Modified: | Mar 28 01:40:40 2006 |
| MD5 Checksum: | 19ca1d4b40e6dbdf7fc15611236c9093 |
|
| /// File Name: |
xlogmaster-1.6.0.tar.gz |
Description:
|
Xlogmaster 1.6.0 is a program that lets you monitor everything that's going on on your system in a very quick and comfortable way. It allows reading logfiles, devices or running status-gathering programs, translating all data (if wished) and displaying it with filters for highlithing / lowlighting / hiding lines or taking actions upon user-defined events. Filters allow to raise/lower/hide lines. Due to usage of the GTK+ toolkit and full runtime configurability the user can modify the appearance of the xlogmaster to whatever fits his desktop best.
| | Author: | Georg C. F. Greve | | Changes: | Complete "Customize" Menu rewrite, Plugin support, GTK+ 1.2.0 compliant, the EXEC lines now allow pipes, keyboard accelerators for entries and for menu, support for a system wide entry database and for personal entry database, now catches logfile rotation and a new mode (RUN) that allows execution of any program to gather information about the system and evaluate it's stdout and stderr. Excellent program! Compiles and runs on just about every flavor of UNIX/Linux. Too many features to list here, so check out the Xlogmaster web site. | | File Size: | 358648 | | Last Modified: | Aug 16 20:02:41 1999 |
| MD5 Checksum: | b1900ebae821656fb6b7f028fab8bf10 |
|
| /// File Name: |
radmind-1.5.1.tgz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Added support for case insensitive file systems. Added lsort to sort transcripts. Various bug fixes. | | File Size: | 353879 | | Last Modified: | Dec 28 19:14:27 2005 |
| MD5 Checksum: | 6c8d0e9a9e954e89cffcc64421b783f5 |
|
| /// File Name: |
gnetsentry-0.0.0.tgz |
Description:
|
Network sentry.
| | File Size: | 349598 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | 204099530bda6eb01a5713bc089647a7 |
|
| /// File Name: |
radmind-1.4.0.tgz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Added various support and bug fixes. | | File Size: | 342647 | | Last Modified: | Jan 18 01:55:03 2005 |
| MD5 Checksum: | 9e2eb883e5c4cfc6495f169594f4d180 |
|
| /// File Name: |
radmind-1.5.0.tgz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Major networking and speed improvements. Various other additions and fixes. | | File Size: | 341574 | | Last Modified: | Feb 25 02:46:50 2005 |
| MD5 Checksum: | c636f5c27cec2aeb4d0031a14d91aff5 |
|
| /// File Name: |
radmind-1.4.1.tgz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Build fix. | | File Size: | 335094 | | Last Modified: | Jan 29 03:58:40 2005 |
| MD5 Checksum: | a7c1bf571df3d13c3fe4c13abb3ff858 |
|
| /// File Name: |
xlogmaster-1.4.4.src.tar.gz |
Description:
|
Xlogmaster is a program that lets you monitor an almost infinite number of logfiles and all devices that can be read via "cat" like the /proc ones.
| | File Size: | 327148 | | Last Modified: | Aug 16 20:02:22 1999 |
| MD5 Checksum: | 3e1f062a4ed7fcdd1988aa997d819a57 |
|
| /// File Name: |
tripwire-1.30-1.linux.tar.gz |
Description:
|
Tripwire v1.30-1 for Linux - Tripwire detects any variance in file integrity. This version has been "optimized" for Linux.
| | Author: | Tripwire Security Systems | | File Size: | 303968 | | Last Modified: | Aug 16 20:02:35 1999 |
| MD5 Checksum: | fd3374db2ba26fe11428e5fac3a98cfa |
|
| /// File Name: |
tripwire-1.30-1.tar.gz |
Description:
|
Tripwire v1.30-1 - Intrusion Detection Security Tool for UNIX platforms.
| | File Size: | 303968 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | fd3374db2ba26fe11428e5fac3a98cfa |
|
| /// File Name: |
tripwire-1.2.tar.gz |
Description:
|
Tripwire creates a signature of binary files, and then checks to see if these files have been modified. Track binary file mods.
| | File Size: | 301527 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 0fe52587e243efc94e395043e25635c0 |
|
| /// File Name: |
libnids-1.12.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | File Size: | 292984 | | Last Modified: | Oct 25 18:23:18 1999 |
| MD5 Checksum: | 1d5eb8ef14c2729ab1871599ac05734f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
