.:[ packet storm ]:.
                             
all things security
all things security

 Section:  .. / UNIX / IDS  /

Also see UNIX Network Logging Utilities.

Page 13 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 300 - 325 of 528
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sherpa-0.1.3.tar.gz
Description:
 sherpa is a tool for configuring and then checking system security via the console. Written in perl, it allows an admin to maintain a custom database of file and directory permissions and ownership attributes as local needs dictate. Any changes from the prescribed layout will be detected each time sherpa is run. Also, sherpa does some basic system checks (world-writable files, .rhosts and hosts.equiv files, etc.) that help the busy admin keep on top of a system.
Author:Rick Crelia
Homepage:http://sherpa.lavamonkeys.com/
File Size:43362
Last Modified:Oct 20 15:21:54 1999
MD5 Checksum:8bbb31cc9de6a094556aef48cb9d2410

 ///  File Name: sxid_3.2.4.tar.gz
Description:
 sXid 3.2.4 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.
Author:Ben Collins
Changes:Minor bugfixes and a new IGNORE_DIRS option.
File Size:43354
Last Modified:Aug 16 20:02:42 1999
MD5 Checksum:97e3eeed57749e91262b1a49563be456

 ///  File Name: sid-0.3.5.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
Changes:Various updates.
File Size:43346
Last Modified:Jun 7 23:44:57 2004
MD5 Checksum:40ede1091f7a36800078a85259ff3a1b

 ///  File Name: whowatch-1.4.tar.gz
Description:
 Whowatch is an interactive utility that displays information about the users currently on the machine in real time. Besides standard information (login name, tty, host, user's process) you can see the connection type (ie. telnet or ssh). You can also watch the process tree, navigate it, and send INT and KILL signals. Ncurses ascii graphics.
Author:Michal Suszycki
Homepage:http://wizard.ae.krakow.pl/~mike/
Changes:Average load information and new keys for navigation were added, in addition to OpenBSD and FreeBSD support. Also bug fixes and major code optimalization changes.
File Size:43084
Last Modified:Jun 13 16:44:23 2000
MD5 Checksum:0870155e8b75b99f9954e76fb20f9528

 ///  File Name: portsentry-1.0.tar.gz
Description:
 PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. It runs on TCP and UDP sockets and works on most UNIX systems. Advanced stealth detection modes are available under Linux only and detect SYN, FIN, NULL, XMAS, and Oddball packet scans. All modes support real-time blocking and reporting of violations.
Author:Craig Rowland
Homepage:http://www.psionic.com/abacus/portsentry/
Changes:Correct ignoring of hosts, and a Y2K fix for log file output, using a four-digit year. This doesn't affect PortSentry, but may affect programs that look at the log files it generates.
File Size:43034
Last Modified:Dec 2 14:59:02 1999
MD5 Checksum:d2d29e614f1604bd62a23e33d7a7564f

 ///  File Name: SnmpMonitorEx-1.0.1.tar.gz
Description:
 Safely monitor SNMP variables on the net. If there are changes, you can get a message on your cellular, by mail or on screen. Requires Scotty and Tcl/Tk
File Size:42929
Last Modified:Aug 16 20:02:21 1999
MD5 Checksum:ef1457bcc056e25307efe5361fd4e453

 ///  File Name: sid-0.3.4.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
Changes:Various updates.
File Size:41665
Last Modified:Apr 20 08:02:00 2004
MD5 Checksum:56b27dbe49befdd875de879144c968c0

 ///  File Name: nodewatch-1.6.tar.gz
Description:
 NodeWatch is an open source TCP/IP network monitoring tool written in Perl for UNIX.
File Size:41583
Last Modified:Aug 16 20:02:16 1999
MD5 Checksum:d8c67cc9a35db752fa3233130a4e3fee

 ///  File Name: traffic-vis-0.30.tar.gz
Description:
 traffic-vis v0.30 - traffic-vis is a network monitoring/auditing tool that can plot communications between hosts on a TCP/IP network, and quickly answer questions such as Who is saturating your Internet link. This version is a major rewrite, splitting the program up into several smaller tools. 40k.
Author:Damien Miller
File Size:41222
Last Modified:Aug 16 20:02:38 1999
MD5 Checksum:ded93d0ff3b59bf70abac936e748e45e

 ///  File Name: sid-0.3.3.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
File Size:41017
Last Modified:Apr 10 12:06:00 2004
MD5 Checksum:cec3a3f4fec35389049ac63d4df66efe

 ///  File Name: trojan.tar
Description:
 trojan.tar
File Size:40960
Last Modified:Aug 16 20:02:16 1999
MD5 Checksum:a4b1af99be48ba2399825512f78a2185

 ///  File Name: portsentry-0.90.tar.gz
Description:
 PortSentry 0.90 - PortSentry is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. It runs on TCP and UDP sockets and works on most UNIX systems. Advanced stealth detection modes are available under Linux only and detect SYN, FIN, NULL, XMAS, and Oddball packet scans. All modes support real-time blocking and reporting of violations.
Author:Craig Rowland
Changes:Renamed from Abacus Sentry to PortSentry, lots of internal code clean up and optimizations, Docs updated and it now works under Solaris, Linux, BSD variants and others. portsentry.sample.txt.
File Size:37936
Last Modified:Aug 16 20:02:46 1999
MD5 Checksum:80eead64b3d6efb10748b80ecec0f54a

 ///  File Name: sid-0.3.tar.gz
Description:
 SID is a Shell Intrusion Detection system. The kernel part plugs into a terminal-processing subsystem and logs hashed terminal lines. The user part reads log entries (hashes), consults a list of allowed entries, and takes appropriate action upon unexpected log entries. Currently supported are Solaris and Linux.
Author:belpo
Homepage:http://sid.sourceforge.net
File Size:37889
Last Modified:Feb 22 21:52:00 2004
MD5 Checksum:f1edd0767a8217958f1048b4aeb66fd3

 ///  File Name: bh-0.8.6.tgz
Description:
 Beholder is a wireless intrusion detection tool that looks for anomalies in a wifi environment.
Author:Nelson Murilo
Homepage:http://www.beholderwireless.org/
File Size:37682
Last Modified:Aug 20 03:19:46 2008
MD5 Checksum:65eaed3776355063d4cd9131f1515a07

 ///  File Name: logwatch-1.6.6.tar.gz
Description:
 LogWatch 1.6.6 is a customizable, pluggable log-monitoring system that analyzes and reports on system logs. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Easy to use - works right out of the package on almost all systems. Now analyzes samba logs.
Author:Kirk Bauer
Changes:fewer unmatched entries in 'secure' service, ftp-messages module prettier, name-lookups now optional for named module, added and improved ProFTPd module, much more.
File Size:36751
Last Modified:Aug 16 20:02:46 1999
MD5 Checksum:e9c686de214ded15c89216fae1c21094

 ///  File Name: clobberd-4.3-1.tar.bz2
Description:
 User/Resource Monitor. Used to keep tabs on users.
Author:Jason Nunn
File Size:36426
Last Modified:Aug 16 20:02:34 1999
MD5 Checksum:042a2b284c49537a75b6fa2d1d7e32a0

 ///  File Name: logwatch-2.7.tar.gz
Description:
 Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
Homepage:http://www.logwatch.org
Changes:If you are running v2.4 or below it is imperative that you upgrade! This version supports multiple copies of the same command (such as *remove) in config files, no longer requires an = sign when no arguments are given, and adds some more filtering.
File Size:35965
Last Modified:Apr 6 02:32:09 2002
MD5 Checksum:c193360765959f2b6126dee663f3e207

 ///  File Name: ICU-0.1.tar.gz
Description:
 ICU (Integrity Checking Utility) is a PERL program used for executing AIDE filesystem integrity checks on remote hosts from an ICU server and sending reports via email. This is done with help from SSH. This version is still under development.
Homepage:http://nitzer.dhs.org/ICU/ICU.html
File Size:35881
Last Modified:Dec 8 03:21:55 2000
MD5 Checksum:ed1e20bda4f0c0ba76e78556712282b9

 ///  File Name: portsentry-0.61.tar.gz
Description:
 PortSentry v0.61beta is part of the Abacus Project suite of security tools. It is a program designed to detect and respond to port scans against a target host in real-time. There are other port scan detectors that perform similar detection of scans, but PortSentry has some unique features that may make it worth looking into: Runs on TCP and UDP sockets to detect port scans against your system. PortSentry is configurable to run on multiple sockets at the same time so you only need to start one copy to cover dozens of tripwired services. Stealth scan detection (Linux only right now). PortSentry will now detect SYN/half-open, FIN, NULL, X-MAS and oddball packet stealth scans. Four new stealth scan operation modes have been added to greatly increase the power of this package. PortSentry will react to a port scan attempt by blocking the host in real-time. This is done through configured options of either dropping the local route back to the attacker, using the Linux ipfwadm command, *BSD ipfw command, and/or dropping the attacker host IP into a TCP Wrappers host.deny file automatically. PortSentry has an internal state engine to remember hosts that connected previously. This allows the setting of a trigger value to prevent false alarms and detect "random" port probing. PortSentry will report all violations to the local or remote syslog daemons indicating the system name, time of attack, attacking host IP and the TCP or UDP port a connection attempt was made to. When used in conjunction with Logcheck it will provide an alert to administrators through e-mail.
Author:Craig H. Rowland
File Size:34968
Last Modified:Aug 16 20:02:40 1999
MD5 Checksum:57bf7e0caf99188018ef1ab6131faf4b

 ///  File Name: logwatch-1.6.4.tar.gz
Description:
 LogWatch is a customizable, pluggable log-monitoring system. Easy to use and highly configurable. Now analyzes samba logs!
File Size:34628
Last Modified:Aug 16 20:02:37 1999
MD5 Checksum:efba2db1b27075be80395858ce1ea883

 ///  File Name: nabou-1.5.tar.gz
Description:
 nabou is a Perl script which can be used to monitor changes to your system. It provides file integrity checking, and can also watch crontabs, suid files and user accounts for changes. It stores all data in standard dbm databases.
Author:Thomas Linden
Homepage:http://www.0x49.org/nabou/
Changes:This release includes many bugfixes, database encryption support, process monitoring capabilities, and some more output options.
File Size:34553
Last Modified:Sep 12 17:58:40 2000
MD5 Checksum:c84b8d6df7348aec42e97cdb36ace23a

 ///  File Name: monitord-4.0beta.tar.gz
Description:
 The Network Security Monitor Daemon is a lightweight (distributed?) network security monitor for TCP/IP LANs which will capture certain network events and record them in a relational database. The recorded data is then made available for analysis via a CGI-based interface.
Homepage:http://sourceforge.net/projects/monitord
Changes:Improved security - No threads run as root. Added a new statistical thread and an HTTP server thread (which serves statistics in XML/XSL).
File Size:34185
Last Modified:Dec 18 01:02:29 2001
MD5 Checksum:ce6dfe55f8de34afa03e3e5d51685b7a

 ///  File Name: logwatch-1.6.3.tar.gz
Description:
 LogWatch is a customizable, pluggable log-monitoring system. Easy to use and highly configurable. Now analyzes samba logs!
File Size:34163
Last Modified:Aug 16 20:02:37 1999
MD5 Checksum:471214d809eeccee70f4515e70e593fe

 ///  File Name: hostsentry-0.02.tar.gz
Description:
 HostSentry v0.02 is a host based intrusion detection tool that performs Login Anomaly Detection (LAD), and is the most recent edition to the Abacus Project suite of security tools. This tool allows administrators to spot strange login behavior and quickly respond to compromised accounts and unusual behavior. HostSentry incorporates a dynamic database and actually "learns" the user login behavior. This behavior is then utilized by modular signatures to detect unusual events. Specifically, HostSentry monitors system login accounting records in real-time (wtmp/utmp). These records are used to build a dynamic database of active users and run a series of signature modules during the login and logout phases. The signature modules are pluggable and easily activated or deactivated by the admin. An example wrapper is included to allow administrators to add new signatures. The current list of signatures includes: moduleLoginLogout - Generic audit trail of all user login and logouts. moduleFirstLogin - Alerts administrators if this user is logging in for the first time. moduleForeignDomain - A login was detected from a domain not listed in the allowed domains file. moduleRhostCheck - A user's .rhosts file contains a wildcard or other dangerous modification. moduleHistoryTruncated - A user's .history file is missing, truncated to zero bytes, or symlinked (i.e. /dev/null). moduleOddDirnames - A user's directory contains suspicious directory names on logout (" ..", "...", etc.). moduleMultipleLogins - A single username has multiple concurrent logins from different domains. moduleOddLoginTime - A user is logging in at an odd hour for their usage pattern (not implemented yet). moduleInvalidUtmp - A corresponding utmp/wtmp entry for this login cannot be found (entry possibly removed) (not implemented yet). moduleHistorySuspicious - The user's history file contains suspicious commands (not implemented yet). moduleNetworkDaemon - The user logged out but left a listening network socket operating (private web server, IRC bot, etc.) (not implemented yet). moduleFileExists - A file was found in the user's directory that is listed in the banned/monitored list of the site (not implemented yet). First release.
Author:Craig H. Rowland
File Size:33983
Last Modified:Aug 16 20:02:40 1999
MD5 Checksum:3de0bbb7d456bb53683de56dfdf98362

 ///  File Name: logwatch-1.6.1.tar.gz
Description:
 logwatch v1.6.1 - Analysis of and report on system logs - LogWatch is a customizable, pluggable log-monitoring system. It will go through your logs for a given period of time and make a report in the areas that you wish with the detail that you wish. Easy to use - works right out of the package on almost all systems. Now analyzes samba logs!
Author:Kirk Bauer
File Size:33968
Last Modified:Aug 16 20:02:37 1999
MD5 Checksum:6b08bbbe752310b702d3cd8e97ed8800
 

 ///  Last 10 Files
  1. :· SSRT080122.txt
  2. :· OPENX-SA-2008-002.txt
  3. :· built2go-sql.txt
  4. :· glsa-200810-01.txt
  5. :· dirTraversal.txt
  6. :· phpautos-sql.txt
  7. :· phpautodealer-sql.txt
  8. :· phprealtor-sql.txt
  9. :· yourownbux40-sql.txt
  10. :· dsa-1647-1.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· SSRT080122.txt
  2. :· OPENX-SA-2008-002.txt
  3. :· glsa-200810-01.txt
  4. :· dsa-1647-1.txt
  5. :· dsa-1646-1.txt
  6. :· apple-store.txt
  7. :· dsa-1645-1.txt
  8. :· dsa-1644-1.txt
  9. :· dsa-1643-1.txt
  10. :· vmware-emulation.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· built2go-sql.txt
  2. :· phpautos-sql.txt
  3. :· phpautodealer-sql.txt
  4. :· phprealtor-sql.txt
  5. :· yourownbux40-sql.txt
  6. :· hostadmin-rfi.txt
  7. :· konquerorfont-dos.txt
  8. :· skype-poc.txt
  9. :· joomlahotspots-sql.txt
  10. :· yerba-multi.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· opennhrp-0.8.tar.bz2
  2. :· zfz20BETA.tar.gz
  3. :· fwknop-1.9.8.tar.gz
  4. :· msnshadow-0.3_beta.tar.bz2
  5. :· geoipgen0.2b.tgz
  6. :· thc-rfidiot.zip
  7. :· sp3.rar
  8. :· openstego-0.5.0.tgz
  9. :· Vuurmuur-0.6.tar.gz
  10. :· ctunnel-0.2.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· dirTraversal.txt
  2. :· targeting-voip.pdf
  3. :· oracle-assault.pdf
  4. :· ShellCodeForBeginners.pdf
  5. :· linux-setresuid.txt
  6. :· nufw-2.2.17.tar.gz
  7. :· slackfire-0.65.d-noarch-1.tgz
  8. :· strongswan-4.2.7.tar.gz
  9. :· linux-iopl.txt
  10. :· ShmooConCFP-2009.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice