Section: .. / UNIX / loggers /
| /// File Name: |
fmond.tgz |
Description:
|
Fmond is a daemon coded for FreeBSD that will monitored targets which may get modified, written, deleted, or renamed.
| | Author: | Vlad Galu | | File Size: | 3395 | | Last Modified: | Aug 25 22:25:34 2003 |
| MD5 Checksum: | 5ba3e6c33d8194f52fe573c0916afc4a |
|
| /// File Name: |
gklog-0.4.tar.gz |
Description:
|
GK log is a log analyzer and marker that searches a log file for patterns defined by the user, and coloring them of colors also defined by the user.
| | Homepage: | ftp://gklog.sourceforge.net/pub/gklog/ | | File Size: | 22518 | | Last Modified: | Nov 4 19:33:37 2000 |
| MD5 Checksum: | 705ecf3c9b1d31913343fda4adfb327a |
|
| /// File Name: |
hhp-PMS.tar.gz |
Description:
|
pms.pl is watches for certain running processes and alerts you via /dev/speech when they start.
| | Author: | Loophole | | File Size: | 4583 | | Last Modified: | Jun 26 02:59:03 2000 |
| MD5 Checksum: | 40b4b8bc523bcebaa66711f7ff038a38 |
|
| /// File Name: |
hhp-SSH_TROSNIFF.tgz |
Description:
|
hhp-trosniff is a complete package of patches to modify ssh, ssh2, sshd, ssh2d, and opensshd to extract and log the Incoming/Target HostName/UserName/Password. Intended to log brute force attacks and deleted users who try to gain access.
| | Author: | Loophole | | File Size: | 4064 | | Last Modified: | Jun 21 19:31:24 2000 |
| MD5 Checksum: | 8bc929c223f30bbea750ab01ca5fdd70 |
|
| /// File Name: |
honeytrap-0.6.3.1.tar.gz |
Description:
|
Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.
| | Author: | Tillmann Werner | | Homepage: | http://honeytrap.sourceforge.net/ | | File Size: | 348247 | | Last Modified: | Oct 12 01:00:27 2006 |
| MD5 Checksum: | e81c42c4f69046911bd38e255ab66ee7 |
|
| /// File Name: |
honeytrap-0.6.4.tar.gz |
Description:
|
Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.
| | Author: | Tillmann Werner | | Homepage: | http://honeytrap.sourceforge.net/ | | Changes: | PoC plugin for locality sensitive hashing, Clean solution for giving packet control back to the kernel when using the ip_queue connection monitor, Fixed a segfault in the bpf filter string assembling routine, Failed mirror connections did not fall back to normal mode sometimes due to wrong return value handling for a non-blocking connect(). Fixed. The dynamic server code was redesigned. UDP support added. | | File Size: | 371797 | | Last Modified: | Jan 26 22:17:16 2007 |
| MD5 Checksum: | b5aad87bff055fde350a1913baeabdc8 |
|
| /// File Name: |
honeytrap-0.7.0.tar.gz |
Description:
|
Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.
| | Author: | Tillmann Werner | | Homepage: | http://honeytrap.sourceforge.net/ | | Changes: | Plugins can be prioritized. x86 CPU emulation module for generic shellcode analysis. Various other additions and improvements. | | File Size: | 796053 | | Last Modified: | May 21 21:36:39 2007 |
| MD5 Checksum: | d2e765e15a4959d0155ba9b83f2fef7a |
|
| /// File Name: |
honeytrap-1.0.0.tar.gz |
Description:
|
Honeytrap is a network security tool written to observe attacks against TCP services. As a low-interactive honeypot, it collects information regarding known or unknown network-based attacks and thus can provide early-warning information. The daemon monitors the network stream for incoming connections and dynamically starts server processes if it detects a request to an unbound port. Honeytrap can also be set up as a meta honeypot that forwards several attacks to other systems or, in mirror mode, redirects a connection back to the initiator. Several plugins are available for automated attack analysis.
| | Author: | Tillmann Werner | | Homepage: | http://honeytrap.sourceforge.net/ | | Changes: | New plugins added, various improvements and bug fixes. | | File Size: | 852512 | | Last Modified: | Oct 29 11:20:36 2007 |
| MD5 Checksum: | 2d07e1efcae1b64011c60547544f1f80 |
|
| /// File Name: |
Hsyslog.c |
Description:
|
Hacked syslog front-end script.
| | File Size: | 7076 | | Last Modified: | Aug 16 20:05:12 1999 |
| MD5 Checksum: | 40418996dede319f7f77d682eea6e94f |
|
| /// File Name: |
icmp-log-0.4.2.tar.gz |
Description:
|
Icmp-Log v0.4 is a simple ICMP logger.
| | Author: | Zucco | | Homepage: | http://w3.swi.hu/zucco/ | | Changes: | GPL license, coding style changed, uses automake script from netscript 1.6.0 by v9. | | File Size: | 9421 | | Last Modified: | May 23 17:27:23 2001 |
| MD5 Checksum: | 778a3f0f0e02dd3a1e045afa73e49473 |
|
| /// File Name: |
icmp-log-0.4.tar.gz |
Description:
|
Icmp-Log v0.4 is a simple ICMP logger.
| | Author: | Zucco | | Homepage: | http://w3.swi.hu/zucco/ | | Changes: | Better syslog() and log_it() function. | | File Size: | 8037 | | Last Modified: | Apr 19 17:36:59 2001 |
| MD5 Checksum: | 30c89562b018d77a665263498cbeb6f7 |
|
| /// File Name: |
idsa-0.84.tar.gz |
Description:
|
IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon intrusion detection system. IDS/A is not yet complete, but can already be used as system log replacement with extra neat features such as automatic log rotation. It also ships with two example applications which demonstrate how the system can be used to block basic banner grabbing port or CGI scanners.
| | Homepage: | http://jade.cs.uct.ac.za/idsa | | File Size: | 116081 | | Last Modified: | Dec 15 19:59:25 2000 |
| MD5 Checksum: | a09528dacac11083252c2e3326ddb70b |
|
| /// File Name: |
idsa-0.88.tar.gz |
Description:
|
IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon intrusion detection system. IDS/A is not yet complete, but can already be used as system log replacement with extra neat features such as automatic log rotation. It also ships with two example applications which demonstrate how the system can be used to block basic banner grabbing port or CGI scanners.
| | Homepage: | http://jade.cs.uct.ac.za/idsa | | Changes: | This release adds a pam module and a guile interface. It is now possible to write scheme programs to process, correlate and block events. A number of bugs have also been squashed and some internals have been rewritten, probably introducing new bugs. | | File Size: | 126460 | | Last Modified: | Jan 3 15:39:35 2001 |
| MD5 Checksum: | 833d78b6f1f660be7549a150fd3db722 |
|
| /// File Name: |
idsa-0.91.8.tar.gz |
Description:
|
IDS/A is an API which programmers can use to add security awareness to their applications. This is implemented via an integrated reference monitor, logger and IDS which is accessible to applications through a simple API. Applications can use this infrastructure to delegate access control and intruder detection to idsa.
| | Homepage: | http://jade.cs.uct.ac.za/idsa | | Changes: | Bug fixes and improvements. | | File Size: | 154866 | | Last Modified: | Oct 11 00:54:14 2001 |
| MD5 Checksum: | e4bbaba62b8e71ed5f429c2601cb11ff |
|
| /// File Name: |
inflog.tgz |
Description:
|
inflog (Invalid Flag Logging) is a network tool for detecting QueSO scans. Currently it will only compile under Linux.
| | File Size: | 11439 | | Last Modified: | Aug 16 20:05:12 1999 |
| MD5 Checksum: | 1be0001e5bd3d3d74d8e2485718e349e |
|
| /// File Name: |
iotrace-1.3.tgz |
Description:
|
iotrace is a userspace read()/write() logger daemon for Linux, OSF1, OpenBSD, and FreeBSD. It works with su, ssh, ftp, telnet, rsh, scp, rlogin, rexec, passwd, adduser, mysql, gpg and uses strace.
| | Author: | Michele Dallachiesa | | Homepage: | http://www.acidlife.com/~xenion/ | | File Size: | 17718 | | Last Modified: | Jan 2 13:43:42 2005 |
| MD5 Checksum: | f50816667442879e383eeb1bcbd5e208 |
|
| /// File Name: |
ipfc-1.0.2.tar.gz |
Description:
|
IPFC is a framework to manage and monitor multiple types of security modules across a network. Security modules can be as diverse as packet filters (like netfilter, pf, ipfw, IP Filter, checkpoint FW1, etc.), NIDS (Snort, arpwatch, etc.), Web servers, and other general devices (from servers to embedded devices). Features log collection for different security "agents", dynamic log correlation possibilities, and easy extensibility due to the generic database and XML message formats used.
| | Homepage: | http://www.conostix.com/ipfc | | Changes: | IPFC can now use and generate HMAC-SHA1 authenticated XML messages. A "mon" wrapper was added. Some bugs were corrected. | | File Size: | 107746 | | Last Modified: | Jan 17 02:28:17 2002 |
| MD5 Checksum: | 9e498307631592b0a95251707bcef909 |
|
| /// File Name: |
ipfc-1.0.tar.gz |
Description:
|
IPFC is a framework to manage and monitor multiple types of security modules across a network. Security modules can be as diverse as packet filters (like netfilter, pf, ipfw, IP Filter, checkpoint FW1, etc.), NIDS (Snort, arpwatch, etc.), Web servers, and other general devices (from servers to embedded devices). Features log collection for different security "agents", dynamic log correlation possibilities, and easy extensibility due to the generic database and XML message formats used
| | Homepage: | http://www.conostix.com/ipfc | | File Size: | 106070 | | Last Modified: | Dec 18 01:04:43 2001 |
| MD5 Checksum: | 4ec321176440b092e7cddc25cba4c860 |
|
| /// File Name: |
iplog-1.1.tar.gz |
Description:
|
iplog is a collection of tcp, udp, and icmp logging programs, and features "stealth" port scan detection.
| | Author: | behe | | File Size: | 8386 | | Last Modified: | Aug 16 20:05:13 1999 |
| MD5 Checksum: | a0a8c3d42c4af3399e205cc8ffb16fc6 |
|
| /// File Name: |
iplog-1.2.tar.gz |
Description:
|
iplog is a collection of tcp, udp, and icmp logging programs, and features "stealth" port scan detection.
| | Author: | behe | | File Size: | 8618 | | Last Modified: | Aug 16 20:05:13 1999 |
| MD5 Checksum: | 3381a1ae72e6d7bd7628c7e5f0bdfab7 |
|
| /// File Name: |
iplog-1.3.tar.gz |
Description:
|
iplog is a collection of daemons that log tcp, udp, and icmp traffic, and also detects 'stealth' scans used by port scanners such as nmap, protects against SYN floods, and logs remote user information. This release features: option (defaults to on) to NOT fill the logs with a "smurf" icmp attack, fixed lame drop privs code, added logfile support, icmplog is MUCH more informative now, logs redirects, etc correctly, more.
| | Author: | behe | | File Size: | 17688 | | Last Modified: | Aug 16 20:05:13 1999 |
| MD5 Checksum: | ccd6d1b4c6f54172cbec07af7fdd5a51 |
|
| /// File Name: |
iplog-1.3DEV.tar.gz |
Description:
|
iplog is a collection of tcp, udp, and icmp logging programs, and features "stealth" port scan detection.
| | Author: | behe | | File Size: | 8678 | | Last Modified: | Aug 16 20:05:13 1999 |
| MD5 Checksum: | 00ec8b1dd10ad3e56c7090d41e9460e4 |
|
| /// File Name: |
iplog-1.4.tar.gz |
Description:
|
iplog is a collection of daemons that log tcp, udp, and icmp traffic, and also detects 'stealth' scans used by port scanners such as nmap, protects against SYN floods, and logs remote user information. This release features: throttled portscan detector with a 10 port/sec threshold, does not log quake traffic, organized growing number of include files, now uses own htons/ntohs functions to avoid problems with redhat(?).
| | Author: | behe | | File Size: | 19453 | | Last Modified: | Aug 16 20:05:13 1999 |
| MD5 Checksum: | 8b8340870c88a804fbf0da6f07144c33 |
|
| /// File Name: |
iplog-1.5.tar.gz |
Description:
|
iplog is a collection of daemons that log tcp, udp, and icmp traffic, and also detects 'stealth' scans used by port scanners such as nmap, protects against SYN floods, and logs remote user information. This release features lots of bugfixes.
| | Author: | behe | | File Size: | 20259 | | Last Modified: | Aug 16 20:05:13 1999 |
| MD5 Checksum: | 8c15abe8b1dd628272c08ef2d12feef6 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
