.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / UNIX / IDS  /

Also see UNIX Network Logging Utilities.

Page 4 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 75 - 100 of 526
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: logcheck_1.2.42.tar.gz
Description:
 Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
Author:Todd Troxell
Homepage:http://logcheck.org/
Changes:Various updates. See changelog.
File Size:104787
Last Modified:Oct 26 12:10:33 2005
MD5 Checksum:a17f485774e5c00cb314b74c30d0929c

 ///  File Name: samhain-2.0.10a.tar.gz
Description:
 Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Author:Rainer Wichmann
Homepage:http://samhain.sourceforge.net
Changes:Various updates.
File Size:1302539
Last Modified:Sep 23 03:16:45 2005
MD5 Checksum:cda447df6273812e5f7f5b45235975ea

 ///  File Name: integrit-3.05.tar.gz
Description:
 Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
Homepage:http://integrit.sourceforge.net
Changes:Documented Chris Johns changes and updated Makefile targets for developers.
File Size:262784
Last Modified:Sep 22 03:22:14 2005
MD5 Checksum:a251a27f6b815e51c356cf81e8f2dc5e

 ///  File Name: prelude-manager-0.9.0.tar.gz
Description:
 Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
Homepage:http://prelude.sourceforge.net
Changes:Improved error reporting, Fixed failover on relaying, Fixed warnings.
File Size:547077
Last Modified:Sep 22 03:19:13 2005
MD5 Checksum:c847bd9ae8fc497cf8f7cd1c4c5f0aa2

 ///  File Name: ninja-0.1.2.tar.bz2
Description:
 Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user.
Author:Tom Rune Flo
Homepage:http://forkbomb.org/ninja/
Changes:Minor updates.
File Size:10796
Last Modified:Sep 1 02:57:33 2005
MD5 Checksum:3a94d665869c2c87adf194662353a211

 ///  File Name: samhain-2.0.9.tar.gz
Description:
 Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Author:Rainer Wichmann
Homepage:http://samhain.sourceforge.net
Changes:Various updates.
File Size:1214166
Last Modified:Aug 31 03:10:51 2005
MD5 Checksum:d88ccdba4d7eea683a098d4275e88fb9

 ///  File Name: logcheck_1.2.41.tar.gz
Description:
 Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
Author:Todd Troxell
Homepage:http://logcheck.org/
Changes:Various updates. See changelog.
File Size:101085
Last Modified:Aug 24 03:48:53 2005
MD5 Checksum:1a946e45f82a0dc98838c896510dfca9

 ///  File Name: ninja-0.1.1.tar.bz2
Description:
 Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user.
Author:Tom Rune Flo
Homepage:http://forkbomb.org/ninja/
Changes:Minor updates.
File Size:10591
Last Modified:Aug 19 01:14:13 2005
MD5 Checksum:deb27909168eb6707fb5a139eef80571

 ///  File Name: ninja-0.1.0.tar.bz2
Description:
 Ninja is a privilege escalation detection and prevention system for GNU/Linux hosts. While running, it will monitor process activity on the local host, and keep track of all processes running as root. If a process is spawned with UID or GID zero (root), ninja will log necessary information about this process, and optionally kill the process if it was spawned by an unauthorized user.
Author:Tom Rune Flo
Homepage:http://forkbomb.org/ninja/
File Size:10011
Last Modified:Aug 18 04:02:49 2005
MD5 Checksum:ff28fafa11525573e22a075fcdbfd7a3

 ///  File Name: darc-0.2.tgz
Description:
 Darc is a utility for managing large Aide installations in heterogeneous environments. It eliminates the need to maintain read-only media on every system, and provides unified reporting on filesystem changes across all machines.
Author:Jacob Martinson
Homepage:http://www.info234.com/~jmartinson/darc.html
File Size:13830
Last Modified:Aug 14 18:21:46 2005
MD5 Checksum:d889f51c71280ea7a1829799379e58c9

 ///  File Name: kojoney-0.0.3.1.tar.gz
Description:
 Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
Author:Joxean Koret
Homepage:http://kojoney.sourceforge.net/
Changes:Various corrections.
File Size:1861096
Last Modified:Aug 12 03:21:33 2005
MD5 Checksum:e97e693600a4a231d675ce495d59ab25

 ///  File Name: kojoney-0.0.2.tar.gz
Description:
 Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
Author:Joxean Koret
Homepage:http://kojoney.sourceforge.net/
Changes:Various corrections and additions.
File Size:182704
Last Modified:Aug 5 04:32:40 2005
MD5 Checksum:c56d92e2dee42557e1a71826edc96405

 ///  File Name: kojoney-0.0.1.tar.gz
Description:
 Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
Author:Joxean Koret
Homepage:http://kojoney.sourceforge.net/
File Size:171425
Last Modified:Aug 5 02:40:51 2005
MD5 Checksum:54a3fa3d62a3fc3ee1cd09e096c04828

 ///  File Name: beltane-1.0.8.tar.gz
Description:
 Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
Homepage:http://la-samhna.de/beltane
Changes:Various bug fixes.
File Size:177787
Last Modified:Jul 21 02:32:25 2005
MD5 Checksum:c2abeccb565bb080291029e2489094a0

 ///  File Name: sid-0.4.2.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
Changes:Various updates.
File Size:59661
Last Modified:Jul 19 11:18:50 2005
MD5 Checksum:970cdce20fc74a60d5923f6f39fcc519

 ///  File Name: samhain-2.0.8.tar.gz
Description:
 Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Author:Rainer Wichmann
Homepage:http://samhain.sourceforge.net
Changes:Various updates.
File Size:1197672
Last Modified:Jul 7 02:32:19 2005
MD5 Checksum:54a513861b735c057b2d9c445fd1a7f7

 ///  File Name: logcheck_1.2.40.tar.gz
Description:
 Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
Author:Todd Troxell
Homepage:http://logcheck.org/
Changes:Various updates. See changelog.
File Size:97252
Last Modified:Jun 1 03:55:29 2005
MD5 Checksum:5d551961f207686d742238091a9690c5

 ///  File Name: samhain-2.0.6.tar.gz
Description:
 Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Author:Rainer Wichmann
Homepage:http://samhain.sourceforge.net
Changes:Various updates.
File Size:1182835
Last Modified:Jun 1 03:05:36 2005
MD5 Checksum:1e5f026a6c6289fdc33970c803599e56

 ///  File Name: samhain-2.0.4.tar.gz
Description:
 Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Author:Rainer Wichmann
Homepage:http://samhain.sourceforge.net
Changes:Multiple bug fixes.
File Size:1031433
Last Modified:Feb 25 02:58:51 2005
MD5 Checksum:548c4825b8166a98b2808d5ff8ab7e60

 ///  File Name: radmind-1.5.0.tgz
Description:
 radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
Homepage:http://rsug.itd.umich.edu/software/radmind
Changes:Major networking and speed improvements. Various other additions and fixes.
File Size:341574
Last Modified:Feb 25 02:46:50 2005
MD5 Checksum:c636f5c27cec2aeb4d0031a14d91aff5

 ///  File Name: flister.zip
Description:
 FLISTER is a proof-of-concept code for detecting files hidden by both usermode and kernelmode Windows rootkits. It exploits the bugs in handling ZwQueryDirectoryFile() calls with ReturnSingleEntry set to TRUE. Flister works on Windows 2000, XP and 2003.
Author:joanna
Homepage:http://www.invisiblethings.org
File Size:16083
Last Modified:Feb 24 06:01:37 2005
MD5 Checksum:e54c133c50a5b1a45c482def06ac83e8

 ///  File Name: sid-0.4.1.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
Changes:Various updates.
File Size:55602
Last Modified:Feb 22 22:30:39 2005
MD5 Checksum:727dab87560a8f57a1f2d21b140a6e1a

 ///  File Name: libnids-1.20.tar.gz
Description:
 Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
Author:Nergal
Homepage:http://libnids.sourceforge.net
Changes:Added wscale option parsing; surprisingly, it seems to be in some use, added nids_dispatch(), for systems which do not ignore pcap timeout, and the ability to specify hosts/networks for which we do not check checksums.
File Size:119226
Last Modified:Feb 18 00:18:56 2005
MD5 Checksum:a36cbd45cbada12420ecc8f82a7e0852

 ///  File Name: radmind-1.4.1.tgz
Description:
 radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
Homepage:http://rsug.itd.umich.edu/software/radmind
Changes:Build fix.
File Size:335094
Last Modified:Jan 29 03:58:40 2005
MD5 Checksum:a7c1bf571df3d13c3fe4c13abb3ff858

 ///  File Name: radmind-1.4.0.tgz
Description:
 radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
Homepage:http://rsug.itd.umich.edu/software/radmind
Changes:Added various support and bug fixes.
File Size:342647
Last Modified:Jan 18 01:55:03 2005
MD5 Checksum:9e2eb883e5c4cfc6495f169594f4d180
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice