Section: .. / UNIX / IDS /
| /// File Name: |
killerd-0_2.tar.gz |
Description:
|
A daemon which kills shells with idle time above a certain limit.
| | Author: | Martin Mares | | File Size: | 4958 | | Last Modified: | Sep 30 16:28:13 1999 |
| MD5 Checksum: | 66d631dcc7c53f6bbe6e6f449ed3e351 |
|
| /// File Name: |
kojoney-0.0.1.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | File Size: | 171425 | | Last Modified: | Aug 5 02:40:51 2005 |
| MD5 Checksum: | 54a3fa3d62a3fc3ee1cd09e096c04828 |
|
| /// File Name: |
kojoney-0.0.2.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | Changes: | Various corrections and additions. | | File Size: | 182704 | | Last Modified: | Aug 5 04:32:40 2005 |
| MD5 Checksum: | c56d92e2dee42557e1a71826edc96405 |
|
| /// File Name: |
kojoney-0.0.3.1.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | Changes: | Various corrections. | | File Size: | 1861096 | | Last Modified: | Aug 12 03:21:33 2005 |
| MD5 Checksum: | e97e693600a4a231d675ce495d59ab25 |
|
| /// File Name: |
ktcpd-strobemasker-1.4.gz |
Description:
|
Linux 2.0.x kernel patch that protects you from strobes. Detects all strobes, logs all strobe attempts, refuses connections after a strobe begins, logs ALL packets (tcp, icmp, udp). Basically, makes your Linux box appear to be a Macintosh.
| | File Size: | 3961 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | 7c328e4cd942e40046e3160a36512d0e |
|
| /// File Name: |
l0pht-nfr.tar.gz |
Description:
|
"The L0pht NFR Intrusion Detection System modules have been updated to cover some of the latest popular network attacks. Featured prominently in the update is a Back Orifice detection module which, we believe, is better than anything else on the market. Better than ISS's RealSecure BO detection as well as that of stand alone BO detectors that cost upwards of $5000. Do your network a favor and download our IDS modules (which are FREE) and NFR which is free for internal, non-commercial use."
| | Author: | L0pht Heavy Industries | | File Size: | 15145 | | Last Modified: | Aug 16 20:02:33 1999 |
| MD5 Checksum: | 9f052542d9d63ce7e1c23a07113a436a |
|
| /// Directory: |
/ L6 / |
Description:
|
L6 is a file data integrity checker using both the MD5 and SHA-1 hash algorithms. This tool can detect file tampering based on hashes generated by both algorithms and other inode information. It also provides a useful, lightweight and flexible interface (written in perl) to verify file data integrity, and the output and functionality resembles that of L5.
| | Author: | Programmaton | | Total Files: | 6 | | Last Modified: | Sep 5 21:20:45 2007 |
|
| /// File Name: |
LaBrea.tgz |
Description:
|
LaBrea v2.0 is a program that creates a tarpit or, as some have called it, a "sticky honeypot". LaBrea takes over unused IP addresses on a network and creates "virtual machines" that answer to connection attempts. LaBrea answers those connection attempts in a way that causes the machine at the other end to get "stuck", sometimes for a very long time.
| | Author: | Tom Liston | | Homepage: | http://www.hackbusters.net/LaBrea | | Changes: | New command line option -p to keep tcp connections in the "persist" state, which can hold on to threads for a long time. | | File Size: | 23860 | | Last Modified: | Sep 18 23:23:53 2001 |
| MD5 Checksum: | 7365fb2beff6fa486908a1419e0de0ae |
|
| /// File Name: |
lads-0.8.tar.bz2 |
Description:
|
Login Anomaly Detection System (LADS) detects anomalies in logins and logouts and can perform various actions in response.
| | Author: | Fred | | Homepage: | http://www.lepied.com/lads | | Changes: | Fixes a bug in IP address reporting and a bug that prevented correct logging. | | File Size: | 8151 | | Last Modified: | Dec 14 17:30:36 2003 |
| MD5 Checksum: | 0908e52ffc65a6fa16b7906b60dd2908 |
|
| /// File Name: |
libnids-1.12.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | File Size: | 292984 | | Last Modified: | Oct 25 18:23:18 1999 |
| MD5 Checksum: | 1d5eb8ef14c2729ab1871599ac05734f |
|
| /// File Name: |
libnids-1.13.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | Changes: | GNU autoconf support, code cleanup and new libnids(3) manpage, pcap_filter field in nids_params, bugfix in ip_check_ext(), Solaris support. | | File Size: | 62959 | | Last Modified: | Jan 28 17:59:37 2000 |
| MD5 Checksum: | 801b12ad1bce956af1d2e03b4d70f851 |
|
| /// File Name: |
libnids-1.14.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/libnids | | Changes: | Added support to capture packets on all interfaces, including loopback, added ability to refrain from setting promisc flag, added ability to disable tcp processing, libc5 support, alpha platform support, and bug fixes. | | File Size: | 67678 | | Last Modified: | Jul 11 20:13:18 2000 |
| MD5 Checksum: | fee6fd45b55ab67cd599b066710ce1bc |
|
| /// File Name: |
libnids-1.16.tar.gz |
Description:
|
Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. The libnids library offers IP defragmentation, TCP stream assembly and TCP port scan detection. Libnids is highly configurable, reliable, and portable.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | File Size: | 72292 | | Last Modified: | Nov 3 14:35:46 2000 |
| MD5 Checksum: | f463bb8269b9958679f0f912715f2843 |
|
| /// File Name: |
libnids-1.17rc1.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/libnids | | Changes: | Support for libnet-1.1, libpcap save files, 802.1Q VLAN, wireless frames, and more. | | File Size: | 99935 | | Last Modified: | Sep 10 01:14:07 2002 |
| MD5 Checksum: | 4b34c7cea654402476452d0715c30d36 |
|
| /// File Name: |
libnids-1.18.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Rejection of TCP packets with old timestamp, fixed memory corruption, and more. | | File Size: | 114013 | | Last Modified: | Oct 17 18:10:35 2003 |
| MD5 Checksum: | 9ee6dcdfac97bae6fe611aa27d2594a5 |
|
| /// File Name: |
libnids-1.19.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Multiple bug fixes. | | File Size: | 115758 | | Last Modified: | Aug 9 17:37:18 2004 |
| MD5 Checksum: | 863125dbcc43d1ac8c044622e5b08787 |
|
| /// File Name: |
libnids-1.20.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Added wscale option parsing; surprisingly, it seems to be in some use, added nids_dispatch(), for systems which do not ignore pcap timeout, and the ability to specify hosts/networks for which we do not check checksums. | | File Size: | 119226 | | Last Modified: | Feb 18 00:18:56 2005 |
| MD5 Checksum: | a36cbd45cbada12420ecc8f82a7e0852 |
|
| /// File Name: |
libnids-1.21.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Various code updates. | | File Size: | 140138 | | Last Modified: | May 22 00:18:39 2006 |
| MD5 Checksum: | 8c43dd7d66350eed99a29be50bc5615f |
|
| /// File Name: |
Libnids-W32-1.19.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Ported to Win32 by Goldie. | | File Size: | 166773 | | Last Modified: | Sep 20 23:20:52 2004 |
| MD5 Checksum: | 3163f4f5ac4548afc204f71ec603d61f |
|
| /// File Name: |
logcalls.c |
Description:
|
Kernel module which logs specific system calls to a logfile. Tracks mkdir, rmdir, link, and open.
| | Author: | Pheisar | | Homepage: | http://www.ccl.pt/~pheisar/ | | File Size: | 4417 | | Last Modified: | Dec 7 15:38:36 1999 |
| MD5 Checksum: | 5bc913bf407e10e3b9113467871f1565 |
|
| /// File Name: |
logcheck-1.1.1.tar.gz |
Description:
|
Logcheck helps spot problems and security violations in your logfiles automatically and will send the results to you in e-mail.
| | Author: | Craig Rowland | | Homepage: | http://www.psionic.com/ | | File Size: | 30267 | | Last Modified: | Dec 2 15:22:37 1999 |
| MD5 Checksum: | e97c2f096e219e20310c1b80e9e1bc29 |
|
| /// File Name: |
logcheck-1.1.tar.gz |
Description:
|
Logcheck will automatically monitor your system logs and mail security violations to you on a periodic basis. Freeware clone of the logcheck program shipped with the TIS Gauntlet Firewall system
| | File Size: | 24367 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | c53a0753db4763b533511150c9584fa9 |
|
| /// File Name: |
logcheck_1.2.31.tar.gz |
Description:
|
Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
| | Author: | Todd Troxell | | Homepage: | http://logcheck.org/ | | File Size: | 86528 | | Last Modified: | Nov 10 03:30:12 2004 |
| MD5 Checksum: | f14efaf0494e4a2ce2840cfd8d7cf205 |
|
| /// File Name: |
logcheck_1.2.33.tar.gz |
Description:
|
Logcheck parses system logs and generates email reports based on anomalies. Anomalies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
| | Author: | Todd Troxell | | Homepage: | http://logcheck.org/ | | Changes: | Various updates. See changelog. | | File Size: | 88836 | | Last Modified: | Jan 10 20:33:12 2005 |
| MD5 Checksum: | d345b1f8f31a744cc9c966a6d34f4025 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
