.:[ packet storm ]:. - http://packetstormsecurity.org/

Section: .. / UNIX / IDS /

Also see UNIX Network Logging Utilities.

Page 7 of 22
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 >> Files 150 - 175 of 528

Currently sorted by: File Size Sort By: File Name, Last Modified

/// File Name:	fragrouter-1.6.tar.gz
Description:	Fragrouter v1.6 - Fragrouter is aimed at testing the correctness of a NIDS, according to the specific TCP/IP attacks listed in the Secure Networks NIDS evasion paper. Other NIDS evasion toolkits which implement these attacks are in circulation among hackers or publically available, and it is assumed that they are currently being used to bypass NIDSs.
File Size:	277726
Last Modified:	Sep 23 01:36:37 1999
MD5 Checksum:	73fdc73f8da0b41b995420ded00533cc

/// File Name:	treeps-1.1.0.tar.gz
Description:	treeps 1.1.0 - Treeps is a X/Motif program for Unix/Linux that is designed to make monitoring and interacting with the running programs on your system easy and intuative. A "real time" tree view shows the relationships between the processes and is color coded to provide easy interpretation of various values. The process tree displays any combination of users/groups and can be used to drill down into process details and then extract key fields for continous monitoring.
Author:	George MacDonald
Changes:	Process Activity "LED's" to show state/load/priority, leader bars to show /group/session leaders, process tips for mouseover glances at key process info, many icon bar changes, color icons, larger and more icons, much more linux info, better user/group selection from group/user tree dialog, std. usage of colors, better auto sizing of window, many layout changes (esp star layout), RPM packages, KDE install script, man/strace/renice processes, renice subtree, single click kill, and many bug fixes.
File Size:	276357
Last Modified:	Aug 16 20:02:44 1999
MD5 Checksum:	6a8c7ab7b0a851ee9d34a651d4ab2540

/// File Name:	netl-1.09.tar.gz
Description:	netl v1.09 is a network logger/sniffer suitable for TCP/IP over Ethernet and loopback which provides functionality not found in similar programs. netl is capable of logging everything from pings to telnet, including low level IP like SYNs and RSTs.
Author:	Graham Ollis
Homepage:	http://www.netl.org
Changes:	Added perl/Tk interface, fixed some bugs.
File Size:	275120
Last Modified:	Sep 19 20:43:20 2001
MD5 Checksum:	8bd85e4f9398ec16cdee9dfe9577628b

/// File Name:	honeyd-0.5.tar.gz
Description:	Honeyd is a small daemon that creates virtual honey pot hosts on a network. The hosts can be configured to run arbitrary services, and their TCP personality can be adapted so that they appear to be running certain versions of operating systems. Any type of service on the virtual machine can be simulated according to a simple configuration file. Instead of simulating a service, it is also possible to proxy it to another machine.
Author:	Niels Provos
Homepage:	http://www.citi.umich.edu/u/provos/honeyd
Changes:	Bug fixes and improvements.
File Size:	272149
Last Modified:	Apr 15 04:29:12 2003
MD5 Checksum:	3aec5101f44ef21b29c213496d92c1c1

/// File Name:	integrit-4.1.tar.gz
Description:	Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
Homepage:	http://integrit.sourceforge.net
Changes:	Fixed exit status, considering missing files correctly as a change.
File Size:	271626
Last Modified:	Jun 6 18:30:51 2007
MD5 Checksum:	f51a5b558981a5d90e7d6f4e7e269a46

/// File Name:	puresecure-1.6-personal.tar.gz
Description:	Demarc PureSecure is a tool that combines all major aspects of network security into a centralized location. It integrates Network Intrusion Detection using the Snort IDS engine with host-based System Integrity Verification and a distributed plugin-based Extensible Service Monitoring system. Screenshots available here.
Homepage:	http://www.demarc.com
Changes:	Numerous and significant changes made to the current features, and the addition of many more. Lots of bugs were fixed.
File Size:	268790
Last Modified:	Apr 24 22:28:01 2002
MD5 Checksum:	d608f583c21814c00e80c5f12b82f11d

/// File Name:	aide-0.11.tar.gz
Description:	AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
Author:	Rami Lehti
Homepage:	http://www.cs.tut.fi/~rammer/aide.html
Changes:	Various bug fixes.
File Size:	266978
Last Modified:	Feb 25 21:08:59 2006
MD5 Checksum:	9a44e5386b0355ef57c60f627ff4d085

/// File Name:	radmind-0.9.2.tgz
Description:	radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
Homepage:	http://rsug.itd.umich.edu/software/radmind
Changes:	User support has been added to the server with PAM, and there is a new version of libsnet. Bugs were fixed.
File Size:	266349
Last Modified:	Dec 18 12:13:05 2002
MD5 Checksum:	c2ecfdba298bb324f4196ef5d063ba9c

/// File Name:	integrit-4.0.tar.gz
Description:	Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
Homepage:	http://integrit.sourceforge.net
Changes:	Updated output format for "new" file checksums to match "removed".
File Size:	266001
Last Modified:	Aug 17 02:26:02 2006
MD5 Checksum:	2f6a7e28e48b0cbc8214648e3224703b

/// File Name:	integrit-3.05.tar.gz
Description:	Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
Homepage:	http://integrit.sourceforge.net
Changes:	Documented Chris Johns changes and updated Makefile targets for developers.
File Size:	262784
Last Modified:	Sep 22 03:22:14 2005
MD5 Checksum:	a251a27f6b815e51c356cf81e8f2dc5e

/// File Name:	tcpreplay-1.0.1.tar.gz
Description:	Tcprelay v1.0.1 - Tcpreplay is aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.
File Size:	252686
Last Modified:	Sep 23 01:36:39 1999
MD5 Checksum:	4b9335761e9202abfc175c06b169e991

/// File Name:	review-1.5.tar.gz
Description:	review-1.5.tar.gz
File Size:	251932
Last Modified:	Aug 16 20:02:16 1999
MD5 Checksum:	9c76f06e2eff65cf2c7b525fc4068008

/// File Name:	grundschober_1998.letter.ps.gz
Description:	Sniffer Detector Report, Diploma Thesis, June 1998.
Author:	Stephane Grundschober
File Size:	242029
Last Modified:	Aug 16 20:02:39 1999
MD5 Checksum:	5ac207af8e5c5de735b4ae595fbbc7ca

/// File Name:	radmind-0.9.3.tgz
Description:	radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
Homepage:	http://rsug.itd.umich.edu/software/radmind
Changes:	Fixed connection accepting code, added argument checking, and various other bug fixes.
File Size:	238988
Last Modified:	Jan 27 13:41:21 2003
MD5 Checksum:	a1f5f6d35263239c8e9ed78bea69ad7b

/// File Name:	top-3.5beta9.tar.gz
Description:	Top - A Top-CPU Usage Display provides a rolling display of top-CPU using processes on a Unix system. It also displays other information about the overall health of the system, including load averages and memory utilization. Numerous portability patches and optimizations in this release.
Author:	William LeFebvre
File Size:	234762
Last Modified:	Aug 16 20:02:44 1999
MD5 Checksum:	70d5f5461bb45a53c207557c354e8108

/// File Name:	firestorm-0.4.6.tar.gz
Description:	Firestorm is an extremely high performance network intrusion detection system (NIDS). Right now it is just a sensor but there are plans are to include real support for analysis, reporting, remote console, and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible.
Homepage:	http://www.scaramanga.co.uk/firestorm
Changes:	Fixed a bug which caused tcpdump log files to get overwritten. The TCP state tracking code was completely rewritten and is now much more accurate and efficient. Support for HTTP URI content matching was added. Snort signatures are now bundled with default packages.
File Size:	226441
Last Modified:	Aug 21 01:52:18 2002
MD5 Checksum:	e8be7fbdee729a9e2d862d16fcbcefc3

/// File Name:	aide-0.7.tar.gz
Description:	AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
Author:	Rami Lehti
Homepage:	http://www.cs.tut.fi/~rammer/aide.html
Changes:	Bug fixes, support for compressed database using zlib, and updated Mhash support along with linkname checking.
File Size:	219837
Last Modified:	May 9 18:52:22 2000
MD5 Checksum:	0b2ed9eb3b608a19418800b87f5be848

/// File Name:	aide-0.9.tar.gz
Description:	AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
Author:	Rami Lehti
Homepage:	http://www.cs.tut.fi/~rammer/aide.html
Changes:	Now has the ability to compare two databases, support for using HMAC to verify configuration and the database, and includes bugfixes.
File Size:	216096
Last Modified:	Jun 5 01:14:41 2002
MD5 Checksum:	877b1f515a9e25afda75e06805d687fb

/// File Name:	aide-0.6.tar.gz
Description:	AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
Author:	Rami Lehti
Homepage:	http://www.cs.tut.fi/~rammer/aide.html
Changes:	A lot of bug fixes. MD-sums were again broken; please update.
File Size:	212475
Last Modified:	Feb 8 13:55:35 2000
MD5 Checksum:	3697a80834816c022756acdbb4c8ec21

/// File Name:	top-3.5beta6.tar.gz
Description:	A Top-CPU Usage Display.
Author:	William LeFebvre
File Size:	209405
Last Modified:	Aug 16 20:02:16 1999
MD5 Checksum:	4627b01bde558f4fcb3d8dbd0ad10a07

/// File Name:	capture-server-2.1.0-300-src.zip
Description:	Capture is a high interaction client honeypot / honeyclient. A client honeypot/ honeyclient is a security technology that allows one to find malicious servers on a network. Capture identifies malicious servers by interacting with potentially malicious servers using a dedicated virtual machine and observing its system state changes. If a system state change is detected, since no other activity occurs on the dedicated client machine, the server Capture interacted with is classified as malicious. This is the source code for the server.
Homepage:	https://projects.honeynet.org/capture-hpc
File Size:	207257
Last Modified:	Apr 29 20:29:45 2008
MD5 Checksum:	34ea2bc70bcba80e269f0064e798c9e8

/// File Name:	prosum_0.28.tgz
Description:	ProSum is a console based program that protects your files, sys_call_table and IDT in a manor similar to tripwire (All in user space, without kernel modules). In addition, database with files etc. could be encrypted with Blowfish algorithm and files that are protected could be store at any secure/bastion host to later replace them. ProSum could be run on any UNIX system, at least with file protect mode (without IDT and sys_call_table support).
Author:	Fkt
Homepage:	http://prosum.sourceforge.net
File Size:	206508
Last Modified:	Sep 12 07:20:00 2002
MD5 Checksum:	c1b76d2566d99e47f62152a0465e73c7

/// File Name:	demarc-1.05-stable.tar.gz
Description:	Unavailable.
File Size:	199214
Last Modified:	Nov 12 21:16:23 2001
MD5 Checksum:	c7e9585b1c50df16c7c97566dffbc9e6

/// File Name:	aide-0.8.tar.gz
Description:	AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
Author:	Rami Lehti
Homepage:	http://www.cs.tut.fi/~rammer/aide.html
Changes:	Lots of bugs were fixed! A syslog backend was added. The report format was changed. Lots of parameters were added. ACL support for SunOS 5.x (and compatibles) was added. libgcrypt is now separate and required.
File Size:	197272
Last Modified:	Feb 19 02:43:06 2002
MD5 Checksum:	84b608ccf5051d41a8ccfee87ced5428

/// File Name:	samhain-2.1.2.tar.gz
Description:	Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
Author:	Rainer Wichmann
Homepage:	http://samhain.sourceforge.net
Changes:	Various updates.
File Size:	196096
Last Modified:	Feb 8 00:38:39 2006
MD5 Checksum:	25bbf93bca768e66e553b24c92ab11b0

/// Last 10 Files

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Advisories

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Exploits

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Tools

[ Last 20 | Last 50 | Last 100 ]

/// Last 10 Misc

[ Last 20 | Last 50 | Last 100 ]