Section: .. / UNIX / IDS /
| /// File Name: |
sysmon.pl |
Description:
|
This script, run on a regular (daily) basis, keeps tabs on root accounts and set[ug]id root files.
| | File Size: | 7148 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | e63a290974e3c6dc991a866f53e5ad5a |
|
| /// File Name: |
sysmon.tar |
Description:
|
This script, run on a regular (daily) basis, keeps tabs on root accounts and set[ug]id root files.
| | File Size: | 10240 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | 3e11720e7ea1d158a068a1dba02739ba |
|
| /// File Name: |
tailbeep-0.2.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.) ;Homepage.
| | Author: | Tommy. | | File Size: | 8670 | | Last Modified: | Oct 19 14:51:19 1999 |
| MD5 Checksum: | b3cbddae198819c742871b1a6324fc1f |
|
| /// File Name: |
tailbeep-0.3.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.)
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | Speech (through speechd) and a debug option. | | File Size: | 9042 | | Last Modified: | Oct 22 17:43:36 1999 |
| MD5 Checksum: | a735879e8c6948b88c63f21c4c57532b |
|
| /// File Name: |
tailbeep-0.41.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.)
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | The Ability to specify a message to speak instead of the line in the watched file (using -p), the old -p has been moved to -P to speak the line in the file, and the -V (version) and -S (sleep time) options have been added. | | File Size: | 10122 | | Last Modified: | Oct 26 15:01:31 1999 |
| MD5 Checksum: | 09af9ef12d56fe02fa381a2c671aa959 |
|
| /// File Name: |
tailbeep-0.43.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall).
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | Added -F (frequency) and -M (milliseconds) option, added -x "command" option, cleaned up the help screen, and you can use -p and -P at the same time now if you want both the entire line and a predefined message. | | File Size: | 10930 | | Last Modified: | Oct 27 17:13:20 1999 |
| MD5 Checksum: | 15a439c9a8a5db135a96122b367ceb9b |
|
| /// File Name: |
tailbeep-0.44.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall).
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | Added make rh60 so people with red hat 6.x can make binaries for glibc20 systems. | | File Size: | 11098 | | Last Modified: | Nov 15 16:27:00 2000 |
| MD5 Checksum: | 015101471825fd96f8214aea4fc96c42 |
|
| /// File Name: |
tcp_wrappers_7.6.BLURB |
Description:
|
Blurb for tcp_wrappers_7.6.tar.gz
| | File Size: | 1736 | | Last Modified: | Oct 5 18:31:44 1999 |
| MD5 Checksum: | 627fc45308e852c446c3606647fa8c34 |
|
| /// File Name: |
tcp_wrappers_7.6.tar.gz |
Description:
|
Wietse Venema's tcp wrapper. The package provides tiny daemon wrapper programs that can be installed without any changes to existing software or to existing configuration files. The wrappers report the name of the client host and of the requested service; the wrappers do not exchange information with the client or server applications, and impose no overhead on the actual conversation between the client and server applications.
| | File Size: | 99438 | | Last Modified: | Oct 5 18:31:39 1999 |
| MD5 Checksum: | e6fa25f71226d090f34de3f6b122fb5a |
|
| /// File Name: |
tcpreplay-1.0.1.tar.gz |
Description:
|
Tcprelay v1.0.1 - Tcpreplay is aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.
| | File Size: | 252686 | | Last Modified: | Sep 23 01:36:39 1999 |
| MD5 Checksum: | 4b9335761e9202abfc175c06b169e991 |
|
| /// File Name: |
tcpstatflow_v1.1.tgz |
Description:
|
TCPStatFlow is a tool for network administrators which detects covert network tunnels running on ports which are accepted by most outbound firewalls by sniffing the network and measuring the symmetry of the data sent. HTTP / HTTPS / FTP / SMTP / POP3 protocols send much more data one direction than the other, and if a ssh server is set up on these ports, this tool will detect it by noticing that the amounts of data sent don't look like the protocol which is supposed to run on that port.
| | Author: | Fryaxr | | Homepage: | http://www.geocities.com/fryxar | | File Size: | 9338 | | Last Modified: | Nov 21 13:32:20 2003 |
| MD5 Checksum: | 40e65e3771f0d7e8d24e43286b1ecc0c |
|
| /// File Name: |
thor1.0.tar.gz |
Description:
|
thor.pl 1.0 - thor.pl keeps tabs on suid and sgid files on your file system. It also keeps track of the checksums of your binaries and the root accounts on the system as well as a few other things. It's a handy script that helps you find possible security risks, or breakins.
| | Author: | Jerry Kilpatrick. | | File Size: | 5264 | | Last Modified: | Aug 16 20:02:46 1999 |
| MD5 Checksum: | d25bf542ae37a2fadc15d28b5f92faab |
|
| /// File Name: |
tmp-audit-0.3.tar.gz |
Description:
|
tmp-audit is a simple tool designed to monitor a directory and log changes (i.e /tmp). New file size, variable refresh, and header beep options in this release.
| | Author: | Proof Of Concept. | | File Size: | 3401 | | Last Modified: | Aug 16 20:02:42 1999 |
| MD5 Checksum: | b902f220dd12ba87319a661c9f9f361c |
|
| /// File Name: |
tmp-audit-0.4.tar.gz |
Description:
|
tmp-audit is a simple tool designed to monitor a directory and log changes (i.e /tmp).
| | Author: | Proof Of Concept. | | Changes: | added -w option (dump file content), fixed some stuff in tmp-audit.h. | | File Size: | 3824 | | Last Modified: | Apr 25 11:21:33 1999 |
| MD5 Checksum: | 87e25b432b71a5685ae7cf21e217233e |
|
| /// File Name: |
tmp-audit.tar.gz |
Description:
|
tmp-audit is a tool designed to log directory changes (i.e /tmp). This release includes a signal-oriented interface instead sleep().
| | Author: | Proof Of Concept. | | File Size: | 1823 | | Last Modified: | Aug 16 20:02:38 1999 |
| MD5 Checksum: | 4c8e94167bb2a9c5d2716be718c3dee8 |
|
| /// File Name: |
tocsin116.tar.gz |
Description:
|
toscin is a basic IDS system that uses packet filtering to warn against possible attacks against specified services. It basically watches the local network for SYN connections to certain services, and sends notification. Solaris 2.x possibly others.
| | Homepage: | http://www.eng.auburn.edu/users/doug/second.html | | File Size: | 9245 | | Last Modified: | Dec 12 17:32:34 1999 |
| MD5 Checksum: | 65a7bb6db5dc3be7060bd1e5d7bbb134 |
|
| /// File Name: |
top-3.5beta6.tar.gz |
Description:
|
A Top-CPU Usage Display.
| | Author: | William LeFebvre. | | File Size: | 209405 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | 4627b01bde558f4fcb3d8dbd0ad10a07 |
|
| /// File Name: |
top-3.5beta9.tar.gz |
Description:
|
Top - A Top-CPU Usage Display provides a rolling display of top-CPU using processes on a Unix system. It also displays other information about the overall health of the system, including load averages and memory utilization. Numerous portability patches and optimizations in this release.
| | Author: | William LeFebvre. | | File Size: | 234762 | | Last Modified: | Aug 16 20:02:44 1999 |
| MD5 Checksum: | 70d5f5461bb45a53c207557c354e8108 |
|
| /// File Name: |
traffic-vis-0.30.tar.gz |
Description:
|
traffic-vis v0.30 - traffic-vis is a network monitoring/auditing tool that can plot communications between hosts on a TCP/IP network, and quickly answer questions such as Who is saturating your Internet link. This version is a major rewrite, splitting the program up into several smaller tools. 40k.
| | Author: | Damien Miller. | | File Size: | 41222 | | Last Modified: | Aug 16 20:02:38 1999 |
| MD5 Checksum: | ded93d0ff3b59bf70abac936e748e45e |
|
| /// File Name: |
traffic-vis-0.31.tar.gz |
Description:
|
traffic-vis-0.31.tar.gz
| | File Size: | 44256 | | Last Modified: | Aug 16 20:02:38 1999 |
| MD5 Checksum: | b2f08d0c0bc2a3009e598e5fa190cbd0 |
|
| /// File Name: |
traffic-vis-0.32.tar.gz |
Description:
|
See description above.
| | File Size: | 44663 | | Last Modified: | Aug 16 20:02:38 1999 |
| MD5 Checksum: | aef963ed47a5fb803dcf64a5ddcca87d |
|
| /// File Name: |
traffic-vis-0.34.tar.gz |
Description:
|
See description above.
| | File Size: | 45918 | | Last Modified: | Aug 16 20:02:42 1999 |
| MD5 Checksum: | cc37484bbb537dd80d52d05961bd5624 |
|
| /// File Name: |
trafshow-1.3.tar.gz |
Description:
|
Ncurses based IP traffic monitoring software.
| | File Size: | 18211 | | Last Modified: | Aug 16 20:02:25 1999 |
| MD5 Checksum: | 2c05bd0721c4a8caf4180a8c03fa4d75 |
|
| /// File Name: |
trappa.tar.gz |
Description:
|
Trappa detects a CGI scan and sends an alert message to syslog with the attackers IP+Web Browser. Works by installing decoy CGI scripts in the cgi-bin directory.
| | Author: | Narrow | | Homepage: | http://www.b0f.com | | File Size: | 1620 | | Last Modified: | May 7 18:26:54 2000 |
| MD5 Checksum: | 363448532830a960dc354287a21ad11f |
|
| /// File Name: |
treeps-1.1.0.tar.gz |
Description:
|
treeps 1.1.0 - Treeps is a X/Motif program for Unix/Linux that is designed to make monitoring and interacting with the running programs on your system easy and intuative. A "real time" tree view shows the relationships between the processes and is color coded to provide easy interpretation of various values. The process tree displays any combination of users/groups and can be used to drill down into process details and then extract key fields for continous monitoring.
| | Author: | George MacDonald. | | Changes: | Process Activity "LED's" to show state/load/priority, leader bars to show /group/session leaders, process tips for mouseover glances at key process info, many icon bar changes, color icons, larger and more icons, much more linux info, better user/group selection from group/user tree dialog, std. usage of colors, better auto sizing of window, many layout changes (esp star layout), RPM packages, KDE install script, man/strace/renice processes, renice subtree, single click kill, and many bug fixes. | | File Size: | 276357 | | Last Modified: | Aug 16 20:02:44 1999 |
| MD5 Checksum: | 6a8c7ab7b0a851ee9d34a651d4ab2540 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
