Section: .. / sniffers / snort /
| /// File Name: |
base-1.2.tar.gz |
Description:
|
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
| | Author: | Kevin Johnson | | Homepage: | http://sourceforge.net/projects/secureideas/ | | Changes: | Multiple bug fixes. Added ISC Source/Subnet report. Added TrustedSource IP lookup. Various other additions and tweaks. | | File Size: | 340007 | | Last Modified: | Oct 11 01:43:37 2005 |
| MD5 Checksum: | 66acf9b2f565cbebb1d33e49d360ed3c |
|
| /// File Name: |
cctde-0.1.tar.gz |
Description:
|
CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
| | Author: | Simon Castro | | Homepage: | http://gray-world.net/pr_cctde.shtml | | File Size: | 251040 | | Last Modified: | Feb 6 13:03:00 2004 |
| MD5 Checksum: | 0ee9ae61c16fdaa0acb6d139485636bc |
|
| /// File Name: |
cctde-0.2.tar.gz |
Description:
|
CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
| | Author: | Simon Castro | | Homepage: | http://gray-world.net/pr_cctde.shtml | | Changes: | First public release. | | File Size: | 263600 | | Last Modified: | Apr 19 12:36:00 2004 |
| MD5 Checksum: | a0fd7e48315d3e38b1c6a3fd689fb47a |
|
| /// File Name: |
covertsession-0.4.c |
Description:
|
covertsession is a command line tool that allows you to create a TCP session that IDS sensors cannot parse correctly. What this tool lets you do is inject bytes into your outbound data stream that an IDS sensor will treat as part of the data stream but the remote OS will ignore. If used correctly it can cause a signature not to match. This tool provides command line options to control how bytes are injected. It can use a file as its source of input. Or it can listen on a local port, redirecting the TCP session covertly to an IP:Port specified on the command line. Tested against Snort 2.2.
| | Author: | Javier G. Sanchez | | File Size: | 18879 | | Last Modified: | Mar 15 01:33:53 2005 |
| MD5 Checksum: | aaab53e9865995b9550806ece94557d1 |
|
| /// File Name: |
current-attack.sh.txt |
Description:
|
Snortattack is a bash shell script that is designed to make the installation of snort in inline mode on Fedora or Debian as easy as possible.
| | Author: | snortattack | | Homepage: | http://www.snortattack.org/ | | File Size: | 3897 | | Last Modified: | Mar 15 15:03:35 2006 |
| MD5 Checksum: | 6b6a49505070bcc0fa3137a86710ae0b |
|
| /// File Name: |
dupl.pl |
Description:
|
dupl.pl v0.4 is a snort rules beautifier which removes duplicate rules from *-lib, vision.conf, and xxxx-rules files.
| | Author: | Zas | | Homepage: | http://www.norz.org | | File Size: | 14617 | | Last Modified: | Aug 14 14:59:15 2000 |
| MD5 Checksum: | a9fd81622de9c25ef6be15f4dfcd356b |
|
| /// File Name: |
FLoP-1.0.6.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 473910 | | Last Modified: | Dec 18 00:28:24 2003 |
| MD5 Checksum: | 02bb58658b58d506b32a5aa7024cf635 |
|
| /// File Name: |
FLoP-1.2.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 521163 | | Last Modified: | Apr 3 09:01:00 2004 |
| MD5 Checksum: | 76a3e5a3bc4d9c95c53631cde6585956 |
|
| /// File Name: |
FLoP-1.2.1.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 521824 | | Last Modified: | Apr 22 00:19:00 2004 |
| MD5 Checksum: | b920e0a575df8a4a141744e694ff852d |
|
| /// File Name: |
FLoP-1.2.3.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 537905 | | Last Modified: | May 29 14:06:49 2004 |
| MD5 Checksum: | cc5a7a0a07131d462b94458ca4521724 |
|
| /// File Name: |
FLoP-1.3.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Feature enhancements and bug fixes. | | File Size: | 555098 | | Last Modified: | Jul 8 11:28:00 2004 |
| MD5 Checksum: | 012d38e1efe8ea51d1c2f08790bccaf5 |
|
| /// File Name: |
FLoP-1.4.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Feature enhancements and bug fixes. | | File Size: | 578420 | | Last Modified: | Oct 13 03:58:10 2004 |
| MD5 Checksum: | 612df03e2ca4ddd05cded6f08561889d |
|
| /// File Name: |
FLoP-1.4.1.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Feature enhancements and bug fixes. | | File Size: | 654638 | | Last Modified: | Jan 27 00:48:44 2005 |
| MD5 Checksum: | 2e33c55685182751c21622e91320b506 |
|
| /// File Name: |
FLoP-1.5.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Feature enhancements and bug fixes. | | File Size: | 697591 | | Last Modified: | Jan 21 15:24:53 2006 |
| MD5 Checksum: | d2a2fc3191e078c234d8b23f52a56227 |
|
| /// File Name: |
FLoP-1.5.1.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Feature enhancements and bug fixes. | | File Size: | 722347 | | Last Modified: | Feb 14 00:29:02 2006 |
| MD5 Checksum: | 284cd0579b1afda45db4ac93f2dc41d8 |
|
| /// File Name: |
FLoP-1.6.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Documentation was updated and extended. Various bug fixes. | | File Size: | 766604 | | Last Modified: | Jun 12 03:25:07 2006 |
| MD5 Checksum: | fbe918235e97994a50f3b54855f3c876 |
|
| /// File Name: |
Guardian.tar |
Description:
|
Guardian watches the output from Snort, a lightweight intrustion detection system, and uses ipchains to deny any further packets from the attacker to get to the system.
| | Author: | Anthony Stevens | | Homepage: | http://www.clark.net/~roesch/security.html | | File Size: | 20480 | | Last Modified: | Mar 1 16:06:33 2000 |
| MD5 Checksum: | ba8f89a0580e09f73cb8cbe004344863 |
|
| /// File Name: |
hogwash-0.1.d.tgz |
Description:
|
Hogwash is designed to take out 95% of the stock attacks all the kiddies throw at your network by dropping packets flagged by Snort. Hogwash is a layer 2 packet scrubber which sits in line, dropping packets based on signature matches. The rule set will be familiar to anyone that has used snort before. Hogwash supports passive host identification and adaptive rule sets for added accuracy.
| | Author: | Jason Larsen | | Homepage: | http://hogwash.sourceforge.net | | Changes: | Many bugfixes, unicode decoding, and session tear down. | | File Size: | 385344 | | Last Modified: | Aug 8 20:33:11 2001 |
| MD5 Checksum: | b81c69f54c2b7fa496601870ec2c61bf |
|
| /// File Name: |
iamdohv1.tgz |
Description:
|
i-am-doh is a utility that filters approximately 75% of all false-positives given by an IDS. It uses existing reliable tools like Nmap, Nessus, and Amap to validate IDS alerts based on the following criteria and techniques: OS identification, service identification, port scanning, vulnerability scanning, online CVE and bug interpretation, and server importance weighting.
| | Author: | loud-fat-bloke | | File Size: | 16209 | | Last Modified: | Dec 23 04:33:36 2003 |
| MD5 Checksum: | e678dc630586ec0cbf1e183c4318ac35 |
|
| /// File Name: |
IDMEF-xml-plugin_0.1.tar.gz |
Description:
|
Intrusion Detection Message Exchange Format (IDMEF) XML output plugin for Snort - Produces IDMEF messages in response to events triggering Snort rules. It is configured in a standard Snort configuration file, and can run concurrently with existing Snort logging output.
| | Author: | Joe McAlerney | | Homepage: | http://www.silicondefense.com/idwg/snort-idmef | | File Size: | 57423 | | Last Modified: | Dec 15 17:52:10 2000 |
| MD5 Checksum: | 8a70dd0d26986bb8f7915e1f3d2935f7 |
|
| /// File Name: |
idscenter.exe |
Description:
|
IDSCenter v1.08c is a panel for SNORT-Win32, a tool for managing, controlling, and monitoring the Snort IDS. IDScenter support alarm sound functions and has error checking procedures. If Snort is killed, IDScenter restarts Snort immediately.
| | Author: | Ueli Kistler | | Homepage: | http://www.eclipse.fr.fm/snort.htm | | Changes: | An email alert system has been added. | | File Size: | 691828 | | Last Modified: | May 31 17:40:24 2001 |
| MD5 Checksum: | fddcecc47d697265cc0875a70650bc8e |
|
| /// File Name: |
idscenter.zip |
Description:
|
Unavailable.
| | File Size: | 581600 | | Last Modified: | Jan 26 02:40:20 2001 |
| MD5 Checksum: | 24e7aa9772a9a5fbece3a70d2abe90af |
|
| /// File Name: |
idscenter109b1_2.zip |
Description:
|
IDSCenter v1.09b1_2 is a panel for SNORT-Win32, a tool for managing, controlling, and monitoring the Snort IDS. IDScenter support alarm sound functions and has error checking procedures. If Snort is killed, IDScenter restarts Snort immediately.
| | Author: | Ueli Kistler | | Homepage: | http://www.eclipse.fr.fm/snort.htm | | Changes: | IDScenter can parse Snort 1.8.x logs (all plugins supported), It's very cool... try it!!! Try to start an attack. | | File Size: | 826966 | | Last Modified: | Jun 6 01:51:31 2002 |
| MD5 Checksum: | fe0081584ae830a32924f725227a777f |
|
| /// File Name: |
idscenter109b22.zip |
Description:
|
IDScenter is a free configuration and management GUI for Snort IDS on Windows platform. Features: Snort 1.9 / 1.8 / 1.7 support, Snort service mode support, Snort configuration wizard (Variables, Preprocessor plugins, Output plugins, Rulesets), Ruleset editor (supports all Snort 1.9.1 rule options), AutoBlock plugin support (ISS NetworkICE BlackICE Defender plugin included, Delphi framework too), Alert notification (via e-mail, alarm sound or only visual notification), Test configuration* feature (fast testing of your IDS configuration), Monitoring of up to 10 files and MySQL alert detection (allows centralized monitoring of all Snort sensors), Log rotation* (compressed archiving of log files), Integrated log viewer, Program execution if an attack was detected, and more.
| | Author: | Ueli Kistler | | Homepage: | http://www.packx.net | | File Size: | 1630909 | | Last Modified: | Dec 10 23:51:06 2002 |
| MD5 Checksum: | a20894265ae9e01f88dd3920a401272b |
|
| /// File Name: |
idscenter109b23.zip |
Description:
|
IDScenter is a control and management front-end for Windows platform. Main features: Snort 1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
| | Author: | Eclipse | | Homepage: | http://www.packx.net | | Changes: | Working setup package, Delphi libraries compiled in program, Plugin framework update, and small fixes. | | File Size: | 2131231 | | Last Modified: | Dec 17 22:13:37 2002 |
| MD5 Checksum: | ea3f7592d14c57dc4654d876b7b166ca |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
