Section: .. / UNIX / IDS /
| /// File Name: |
hlbr-1.0.tar.gz |
Description:
|
HLBR is an IPS (Intrusion Prevention System) that works directly at the layer 2 of the OSI model staying invisible from layer 3.
| | Author: | Joao Eriberto Mota Filho,Andre Bertelli Araujo | | Homepage: | http://hlbr.sourceforge.net | | Changes: | Version 1.0 now can detect malicious traffic using regular expressions. | | File Size: | 193460 | | Last Modified: | Mar 8 00:33:49 2006 |
| MD5 Checksum: | b0739e53c26fa5bb40e34764bd102b46 |
|
| /// File Name: |
aide-0.5.tar.gz |
Description:
|
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
| | Author: | Rami Lehti | | Homepage: | http://www.cs.tut.fi/~rammer/aide.html | | Changes: | MD5 sums are now correct. Users must update their databases; they have false sums. With hash library support, you can have many more hash algorithms, and many bugfixes have been made. Note that the author's PGP keys have changed. | | File Size: | 192346 | | Last Modified: | Jan 2 14:27:58 2000 |
| MD5 Checksum: | 4615593338a1d860459f44a55b484dba |
|
| /// File Name: |
netwatch0.7e.src.tar.gz |
Description:
|
monitor an ETHERNET and examine activity on the network.
| | File Size: | 188760 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | ee57a7ef07be8b956cb7e6bb0383492f |
|
| /// File Name: |
logsurfer-1.41.tar.gz |
Description:
|
logsurfer is a log checking/auditing tool similar to swatch and logcheck but with the capability of handling multi-line messages and dynamically adapting the ruleset. It is written in portable C, well documented, fast, and flexible. It works on any textfile or stdin, can be run at intervals or continuously, and has timeouts and resource limits.
| | Author: | Wolfgang Ley | | Homepage: | http://www.cert.dfn.de/eng/logsurf/ | | File Size: | 184823 | | Last Modified: | Dec 2 15:17:22 1999 |
| MD5 Checksum: | 0871a4f23d91d0e19956b19a4162992b |
|
| /// File Name: |
angel-0.7.tar.gz |
Description:
|
Angel is a simple yet useful tool to monitor the services on your network. Perl.
| | File Size: | 183976 | | Last Modified: | Aug 16 20:02:22 1999 |
| MD5 Checksum: | 9a89fad06109cab2a6d07a6112cf2bbb |
|
| /// File Name: |
kojoney-0.0.2.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | Changes: | Various corrections and additions. | | File Size: | 182704 | | Last Modified: | Aug 5 04:32:40 2005 |
| MD5 Checksum: | c56d92e2dee42557e1a71826edc96405 |
|
| /// File Name: |
aide-0.4.tar.gz |
Description:
|
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
| | Author: | Rami Lehti | | File Size: | 182481 | | Last Modified: | Aug 25 07:53:47 1999 |
| MD5 Checksum: | 0eb1a79e5e0b96f876033310ee047535 |
|
| /// File Name: |
firestorm-0.2.2.tar.gz |
Description:
|
Firestorm is a Network Intrusion Detection sensor which is multi-threaded, fast, and is pluggable at almost every point.
| | Homepage: | http://www.scaramanga.co.uk/firestorm | | Changes: | Many snort compatibility fixes were made. All the snort 1.7 rules work. Most of the snort 1.8 rules work. Lots of bugs were fixed. | | File Size: | 179057 | | Last Modified: | Sep 27 01:22:02 2001 |
| MD5 Checksum: | 3d4249dc04cb8ae49d422e4bbcadb656 |
|
| /// File Name: |
beltane-1.0.13.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Bug fixes. | | File Size: | 178761 | | Last Modified: | Jun 7 02:39:53 2007 |
| MD5 Checksum: | 44bbc7af1ffb0417b6dc2d6d5d07ee9f |
|
| /// File Name: |
beltane-1.0.11.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Multiple improvements have been made. | | File Size: | 177935 | | Last Modified: | May 5 06:42:42 2006 |
| MD5 Checksum: | 262a8576521d4a1a22b2185b39ce287e |
|
| /// File Name: |
beltane-1.0.10.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Fixed an arcane bug in configure.ac. | | File Size: | 177881 | | Last Modified: | Mar 28 01:42:20 2006 |
| MD5 Checksum: | 646445fa2f85414214a2c22c26591fab |
|
| /// File Name: |
beltane-1.0.8.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Various bug fixes. | | File Size: | 177787 | | Last Modified: | Jul 21 02:32:25 2005 |
| MD5 Checksum: | c2abeccb565bb080291029e2489094a0 |
|
| /// File Name: |
beltane-1.0.7.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Fixed processing of suidcheck/kernel updates. | | File Size: | 173301 | | Last Modified: | Nov 1 20:53:36 2004 |
| MD5 Checksum: | e173b4738b07dd9c305b9cd3fd6e6309 |
|
| /// File Name: |
firestorm-0.2.1.tar.gz |
Description:
|
Firestorm is a Network Intrusion Detection sensor which is multi-threaded, fast, and is pluggable at almost every point.
| | Homepage: | http://www.scaramanga.co.uk/firestorm | | Changes: | Sensors can now send data out to a central server over the Internet. Some bugs were fixed, and work on a firestorm daemon was started. | | File Size: | 173227 | | Last Modified: | Sep 5 02:10:26 2001 |
| MD5 Checksum: | f04e16e415bf5112909eaa51ad2ba81c |
|
| /// File Name: |
beltane-1.0.6.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Bug fix. | | File Size: | 173203 | | Last Modified: | Jul 20 20:35:00 2004 |
| MD5 Checksum: | c554bd66b8960516bec6b5e0d40c32ed |
|
| /// File Name: |
beltane-1.0.5.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Two bug fixes. | | File Size: | 173059 | | Last Modified: | Mar 24 00:35:00 2004 |
| MD5 Checksum: | d84122404fa52ba9034595d0f30da600 |
|
| /// File Name: |
beltane-1.0.4.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | Changes: | Various bug fixes. | | File Size: | 171577 | | Last Modified: | Jan 26 10:00:00 2004 |
| MD5 Checksum: | a24f53de16dea0be69e012df1b2cb1b6 |
|
| /// File Name: |
kojoney-0.0.1.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | File Size: | 171425 | | Last Modified: | Aug 5 02:40:51 2005 |
| MD5 Checksum: | 54a3fa3d62a3fc3ee1cd09e096c04828 |
|
| /// File Name: |
Adwids0_8B2.sh |
Description:
|
The Defense Worx Network Intrusion Detection System is a linux based IDS which performs high-speed traffic analysis of a network packet to detect unauthorized traffic in real-time. Includes a Java based console to display alerts.
| | Author: | Defense Worx | | Homepage: | http://www.defenseworx.com | | Changes: | Bug fixes in the sensor, speed improvements, and Java GUI changes. | | File Size: | 170869 | | Last Modified: | Nov 29 23:03:28 2000 |
| MD5 Checksum: | c63df8c9433b044ae383367479921d21 |
|
| /// File Name: |
firestorm-0.2.0.tar.gz |
Description:
|
Firestorm is a Network Intrusion Detection sensor which is multi-threaded, fast, and is pluggable at almost every point.
| | Homepage: | http://www.scaramanga.co.uk/firestorm | | Changes: | Re-Designed packet encode engine which supports encapsulation. A final few issues in the snort parser have been resolved. A log target (logs to tcpdump files) was added. Bugs were fixed, | | File Size: | 169767 | | Last Modified: | Jul 25 05:07:12 2001 |
| MD5 Checksum: | f48dd7f1d7ff24f5fd12b76f3c91b160 |
|
| /// File Name: |
Adwids0.8b1 |
Description:
|
The Defense Worx Network Intrusion Detection System is a linux based IDS which performs high-speed traffic analysis of a network packet to detect unauthorized traffic in real-time. Includes a Java based consile to display alerts. Changes:Now decodes DNS, has open source signatures, detects port scans and sweeps, and contains performance improvements.
| | Author: | Defense Worx | | Homepage: | http://www.defenseworx.com | | File Size: | 169589 | | Last Modified: | Oct 6 23:48:19 2000 |
| MD5 Checksum: | b5637a5fdc8808d57379b5083ffb6e85 |
|
| /// File Name: |
Libnids-W32-1.19.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Ported to Win32 by Goldie. | | File Size: | 166773 | | Last Modified: | Sep 20 23:20:52 2004 |
| MD5 Checksum: | 3163f4f5ac4548afc204f71ec603d61f |
|
| /// File Name: |
beltane-0.3.tar.gz |
Description:
|
Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.
| | Homepage: | http://la-samhna.de/beltane | | File Size: | 161912 | | Last Modified: | Oct 11 03:11:09 2002 |
| MD5 Checksum: | c41eb1621a0780a7e93d36fbd908e633 |
|
| /// File Name: |
integrit-1.06.06.tar.gz |
Description:
|
Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
| | Homepage: | http://integrit.sourceforge.net | | Changes: | The byte-order problem was solved, allowing integrit to run properly on big-endian machines. An RPM spec file was added. The report includes more information and is more readable. More error checking and code enhancements were added. Portability has been improved after abandoning readdir_r. | | File Size: | 156974 | | Last Modified: | Feb 20 18:03:22 2001 |
| MD5 Checksum: | 8d7f2abfb648a69e89778c72466c63ed |
|
| /// File Name: |
integrit-1.05.03.tar.gz |
Description:
|
Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
| | Homepage: | http://integrit.sourceforge.net | | Changes: | First stable release! Includes a new tool, i-ls, that allows users to view integrit-related information (ctime, SHA-1 checksum, etc.) for live files. Also, there are improvements to the installation procedures portability. | | File Size: | 152992 | | Last Modified: | Jan 22 21:41:35 2001 |
| MD5 Checksum: | 7ad01d9e2bac28d47e439ea23d1d7cbf |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
