Section: .. / UNIX / IDS /
| /// File Name: |
prelude-manager-0.9.13.tar.gz |
Description:
|
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
| | Homepage: | http://prelude.sourceforge.net | | Changes: | Updated libev and GnuLib code. Prelude-Manager-SMTP plugin is now open sourced. | | File Size: | 746817 | | Last Modified: | Jun 27 11:58:35 2008 |
| MD5 Checksum: | b83b6bf8ce7ca3976446c830c0602ce2 |
|
| /// File Name: |
samhain-2.4.4.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1729502 | | Last Modified: | May 6 16:13:34 2008 |
| MD5 Checksum: | 6777eb51fb868b543ba846a6fa5f41fd |
|
| /// File Name: |
capture-server-2.1.0-300-src.zip |
Description:
|
Capture is a high interaction client honeypot / honeyclient. A client honeypot/ honeyclient is a security technology that allows one to find malicious servers on a network. Capture identifies malicious servers by interacting with potentially malicious servers using a dedicated virtual machine and observing its system state changes. If a system state change is detected, since no other activity occurs on the dedicated client machine, the server Capture interacted with is classified as malicious. This is the source code for the server.
| | Homepage: | https://projects.honeynet.org/capture-hpc | | File Size: | 207257 | | Last Modified: | Apr 29 20:29:45 2008 |
| MD5 Checksum: | 34ea2bc70bcba80e269f0064e798c9e8 |
|
| /// File Name: |
capture-client-2.1.0-300-src.zip |
Description:
|
Capture is a high interaction client honeypot / honeyclient. A client honeypot/ honeyclient is a security technology that allows one to find malicious servers on a network. Capture identifies malicious servers by interacting with potentially malicious servers using a dedicated virtual machine and observing its system state changes. If a system state change is detected, since no other activity occurs on the dedicated client machine, the server Capture interacted with is classified as malicious. This is the source code for the client.
| | Homepage: | https://projects.honeynet.org/capture-hpc | | File Size: | 451900 | | Last Modified: | Apr 29 20:29:01 2008 |
| MD5 Checksum: | 24cb2e5a49f09244576dd9d27c798d92 |
|
| /// File Name: |
prelude-manager-0.9.12.tar.gz |
Description:
|
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
| | Homepage: | http://prelude.sourceforge.net | | Changes: | New connection-timeout option, various fixes. | | File Size: | 716120 | | Last Modified: | Apr 4 19:09:14 2008 |
| MD5 Checksum: | 60be3113caa01d3389433aa5b43880b6 |
|
| /// File Name: |
honeyclient-1.0.2.tar.gz |
Description:
|
A 'honeypot' is designed to detect server-side attacks. In contrast, a 'honeyclient' is designed to detect client-side attacks. Specifically, a honeyclient is a dedicated host that drives specially instrumented applications to access remote servers to see if those servers are behaving in a malicious manner (by compromising the client). Honeyclients can proactively detect exploits against client applications without known signatures. This framework uses a client-server model with SOAP messaging as the primary communication method, and uses the free version of VMware Server as a means of virtualizing the client environment.
| | Author: | MITRE Honeyclient Project | | Homepage: | http://www.honeyclient.org/trac | | File Size: | 22264167 | | Last Modified: | Mar 12 17:52:30 2008 |
| MD5 Checksum: | 4bda6d726ea764bca41ebe69e5df0b14 |
|
| /// File Name: |
prelude-manager-0.9.11.tar.gz |
Description:
|
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
| | Homepage: | http://prelude.sourceforge.net | | Changes: | Multiple enhancements. One bug fixed. | | File Size: | 675250 | | Last Modified: | Feb 5 20:04:37 2008 |
| MD5 Checksum: | eb7863fc6ce2212b519e704604740f1a |
|
| /// File Name: |
samhain-2.4.3.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1760941 | | Last Modified: | Feb 5 20:03:18 2008 |
| MD5 Checksum: | 96b16066ea69f95687444b5dcb41f2d7 |
|
| /// File Name: |
radmind-1.11.1.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Fixed port failover on Mac OS X 10.5 clients. Exclude patterns support escape sequences now. fsdiff manpage: clarification of exclude behavior. | | File Size: | 390810 | | Last Modified: | Jan 14 17:18:51 2008 |
| MD5 Checksum: | 62419551c6b83873f10b5eb4462cd007 |
|
| /// File Name: |
radmind-1.11.0.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Support added for exclude patterns. The default server port is now the IANA-registered 6222. Various other changes. | | File Size: | 402880 | | Last Modified: | Dec 18 12:54:16 2007 |
| MD5 Checksum: | 851d4560bf5d6a5b2e8cf6b9fb21793a |
|
| /// File Name: |
samhain-2.4.1.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1757118 | | Last Modified: | Nov 27 23:14:51 2007 |
| MD5 Checksum: | 21caeeb781f17d94df2cfc23e2404435 |
|
| /// File Name: |
samhain-2.4.0.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1756687 | | Last Modified: | Nov 2 11:56:52 2007 |
| MD5 Checksum: | 930d1382a741604c0aa943280cc9484e |
|
| /// File Name: |
samhain-2.3.8.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1737900 | | Last Modified: | Oct 5 23:05:59 2007 |
| MD5 Checksum: | 022ca74d63b1c850ac016dc9af061838 |
|
| /// File Name: |
prelude-manager-0.9.10.tar.gz |
Description:
|
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
| | Homepage: | http://prelude.sourceforge.net | | Changes: | Multiple enhancements. Various bug fixes concerning plugin instance un-subscribtion. | | File Size: | 662751 | | Last Modified: | Oct 3 19:21:47 2007 |
| MD5 Checksum: | 7f164d7ec6ffbfc6ab065165ea39b6fd |
|
| /// File Name: |
samhain-2.3.7.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1736992 | | Last Modified: | Sep 18 12:04:30 2007 |
| MD5 Checksum: | 250e5b4ec9127e4847805af3300a37ec |
|
| /// File Name: |
samhain-2.3.6.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1743505 | | Last Modified: | Sep 7 20:09:15 2007 |
| MD5 Checksum: | f120378aa3083ef1e7b6c621af09bbf1 |
|
| /// Directory: |
/ sentinel / |
Description:
|
The Sentinel project is designed to be a portable, accurate implementation of all publicly known promiscuous detection techniques.
| | Total Files: | 5 | | Last Modified: | Sep 5 21:21:00 2007 |
|
| /// Directory: |
/ samhain / |
Description:
|
Unavailable.
| | Total Files: | 17 | | Last Modified: | Sep 5 21:20:57 2007 |
|
| /// Directory: |
/ nidsbench / |
Description:
|
nidsbench is a network intrusion detection system test suite. nidsbench is being published in the hopes that a more precise testing methodology might be applied to network intrusion detection, which is still a black art at best. This release of nidsbench includes: fragrouter: Implement all IP fragmentation attacks outlined in T. Ptacek and T. Newsham's "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January, 1998. tcpreplay: Replay saved tcpdump(8) dumpfiles at arbitrary speeds. nidsbench is published under a BSD-style license, and has been tested on the following platforms: OpenBSD 2.x, FreeBSD 3.x, BSD/OS 2.x, Linux (2.x kernels), Solaris 2.x (tcpreplay only).
| | Author: | Anzen Computing. | | Total Files: | 18 | | Last Modified: | Sep 5 21:20:54 2007 |
|
| /// Directory: |
/ lsof / |
Description:
|
Unavailable.
| | Total Files: | 35 | | Last Modified: | Sep 5 21:20:51 2007 |
|
| /// Directory: |
/ cpm / |
Description:
|
Tool for checking network nterfaces in promisc mode.
| | Total Files: | 8 | | Last Modified: | Sep 5 21:20:48 2007 |
|
| /// Directory: |
/ L6 / |
Description:
|
L6 is a file data integrity checker using both the MD5 and SHA-1 hash algorithms. This tool can detect file tampering based on hashes generated by both algorithms and other inode information. It also provides a useful, lightweight and flexible interface (written in perl) to verify file data integrity, and the output and functionality resembles that of L5.
| | Author: | Programmaton, Gestion et Consultation, Informatique, INC.. | | Total Files: | 6 | | Last Modified: | Sep 5 21:20:45 2007 |
|
| /// File Name: |
radmind-1.10.0.tar.gz |
Description:
|
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. Radmind operates as a tripwire which is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change.
| | Homepage: | http://rsug.itd.umich.edu/software/radmind | | Changes: | Added a couple of options and various tweaks. | | File Size: | 397065 | | Last Modified: | Sep 1 00:07:46 2007 |
| MD5 Checksum: | ade8dd2e2ef68f29f105611e793bd393 |
|
| /// File Name: |
prelude-manager-0.9.9.tar.gz |
Description:
|
Prelude Manager is the main program of the Prelude Hybrid IDS suite. It is able to register local or remote sensors, let the operator configure them remotely, receive alerts, and store alerts in a database or any format supported by reporting plugins, thus providing centralized logging and analysis.
| | Homepage: | http://prelude.sourceforge.net | | Changes: | Updated configuration template, added documentation for Prelude generic TCP options. Various other tweaks and changes. | | File Size: | 647696 | | Last Modified: | Aug 8 01:34:13 2007 |
| MD5 Checksum: | ca9258faadb7306863dffeac8f855161 |
|
| /// File Name: |
samhain-2.3.5.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Various updates. | | File Size: | 1726134 | | Last Modified: | Jun 21 15:49:55 2007 |
| MD5 Checksum: | 0351a6baee5d177432c6b7200b096105 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
