Section: .. / UNIX / loggers /
| /// File Name: |
idsa-0.88.tar.gz |
Description:
|
IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon intrusion detection system. IDS/A is not yet complete, but can already be used as system log replacement with extra neat features such as automatic log rotation. It also ships with two example applications which demonstrate how the system can be used to block basic banner grabbing port or CGI scanners.
| | Homepage: | http://jade.cs.uct.ac.za/idsa | | Changes: | This release adds a pam module and a guile interface. It is now possible to write scheme programs to process, correlate and block events. A number of bugs have also been squashed and some internals have been rewritten, probably introducing new bugs. | | File Size: | 126460 | | Last Modified: | Jan 3 15:39:35 2001 |
| MD5 Checksum: | 833d78b6f1f660be7549a150fd3db722 |
|
| /// File Name: |
logtool-1.0.1.tar.gz |
Description:
|
Logtool is a syslog file parser, report generator, and monitoring utility. It takes syslog (and syslog compatible) logfiles as input from stdin, and depending on command line switches and/or config file settings, will parse and filter out unwanted messages from the logfile accordingly, and generate output in ANSI color, formatted ASCII, CSV (for spreadsheets), or HTML format. It is very handy for use in automated nightly reports, and online monitoring of logfile activity. It comes with some simple example scripts and documentation.
| | Homepage: | http://users.digitex.net/~max | | Changes: | A fix for a bug in the include file functionality. | | File Size: | 27772 | | Last Modified: | Dec 31 00:49:52 2000 |
| MD5 Checksum: | 6d6f122ecb77e47326cf57cbe2349f84 |
|
| /// File Name: |
idsa-0.84.tar.gz |
Description:
|
IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon intrusion detection system. IDS/A is not yet complete, but can already be used as system log replacement with extra neat features such as automatic log rotation. It also ships with two example applications which demonstrate how the system can be used to block basic banner grabbing port or CGI scanners.
| | Homepage: | http://jade.cs.uct.ac.za/idsa | | File Size: | 116081 | | Last Modified: | Dec 15 19:59:25 2000 |
| MD5 Checksum: | a09528dacac11083252c2e3326ddb70b |
|
| /// File Name: |
kwatch-1.9.1.tar.gz |
Description:
|
Kwatch is a graphical KDE 2.0 user interface for watching log files.
| | Homepage: | http://www.m-j-s.net/kde | | File Size: | 367225 | | Last Modified: | Dec 11 22:04:33 2000 |
| MD5 Checksum: | 64794646f4267860bfdfd96a924d29e2 |
|
| /// File Name: |
Log02Package.zip |
Description:
|
The Twilight Minds Extensible Logging Package is intended to provide a basis for efficient logging of sequential output. It helps get the groundwork of logging done and out of the way. It also removes the processes associated with recording log entries and managing logs from the main thread of execution. TwilightMinds.Log allows for one-line logging to any end-point within a common framework, and allows for potentially complex but easily managed logging setups.
| | Homepage: | http://www.twilightminds.com/Logfull.html | | File Size: | 66547 | | Last Modified: | Dec 7 13:36:43 2000 |
| MD5 Checksum: | 994abed61634fc9555a996a91937425c |
|
| /// File Name: |
iplog-2.2.2.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger capable of logging TCP port scans, TCP null scans, FIN scans, UDP and ICMP "smurf" attacks, bogus TCP flags, TCP SYN scans, TCP "Xmas" scans, ICMP ping floods, UDP scans, and IP fragment attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris.
| | Author: | Odin | | Homepage: | http://ojnk.sourceforge.net | | Changes: | Iplog now has the ability to detect TCP SYN scans, and has been fixed to allow greater portability. | | File Size: | 133022 | | Last Modified: | Nov 24 17:42:39 2000 |
| MD5 Checksum: | 1b16a73f9495065d72d8126a195c330a |
|
| /// File Name: |
gklog-0.4.tar.gz |
Description:
|
GK log is a log analyzer and marker that searches a log file for patterns defined by the user, and coloring them of colors also defined by the user.
| | Homepage: | ftp://gklog.sourceforge.net/pub/gklog/ | | File Size: | 22518 | | Last Modified: | Nov 4 19:33:37 2000 |
| MD5 Checksum: | 705ecf3c9b1d31913343fda4adfb327a |
|
| /// File Name: |
tcpdstats-0.1.3.tar.gz |
Description:
|
tcpdstats is a perl script which quickly analyzes log files from standard tcpd wrappers. It gives a text report of accepted and refused connections for each destination host sorted by source host/protocol.
| | Homepage: | http://www.kaostech.com/products/html/tcpdstats.html | | Changes: | Small bugfixes in log parsing, includes RedHat RPM packages. | | File Size: | 15871 | | Last Modified: | Nov 4 19:30:51 2000 |
| MD5 Checksum: | db6a27d64bddef9e7e1f4f8ff785f9e0 |
|
| /// File Name: |
log_analysis-0.34.tar.gz |
Description:
|
Log_analysis is a log file analyser which extracts relevant data for any of the recognised log messages and produces a summary that is much easier to read and can be easily configured to recognize entirely new log types. log_analysis natively understands about 100 different kinds of syslog messages, as well as sulog and wtmp messages for Linux, Solaris, and OpenBSD.
| | Author: | Mordechai T. Abzug | | Homepage: | http://linux.umbc.edu/~mabzug1/log_analysis.html | | File Size: | 50333 | | Last Modified: | Nov 1 14:28:35 2000 |
| MD5 Checksum: | f46b723201667ee98e068038ac7f4716 |
|
| /// File Name: |
esm-1.1.tar.gz |
Description:
|
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
| | Author: | Peter Todd | | Homepage: | http://esm.sourceforge.net | | Changes: | A posible security hole has been fixed (tmp race), ESMSysLog can now do regular expression matching of syslog messages, bug fixes. | | File Size: | 92673 | | Last Modified: | Oct 28 17:12:44 2000 |
| MD5 Checksum: | 3c4134d8c3b26b03a2e5268301728995 |
|
| /// File Name: |
snoopy-1.2.tar.gz |
Description:
|
Snoopy is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.
| | Author: | Mike Baker | | Changes: | A fix for a very manacing bug. | | File Size: | 10126 | | Last Modified: | Oct 15 18:54:20 2000 |
| MD5 Checksum: | 4013da8d2d80503ce7c9c4923adacbe9 |
|
| /// File Name: |
lc-1.0.tar.gz |
Description:
|
Logcheck Consolidator is a utility to manage the log files from multiple computers to help you keep track of your network. It takes logcheck e-mail and parses it for each of your systems into one piece of mail. It has a lot of built-in logic, such as if a system does not send you mail, it will notify you.
| | Homepage: | http://sourceforge.net/projects/logcon | | File Size: | 15674 | | Last Modified: | Oct 4 21:24:38 2000 |
| MD5 Checksum: | 5e94aba851b42f27e91d363e61f79058 |
|
| /// File Name: |
snoopy.tar.gz |
Description:
|
Snoopy v1.00 is designed to log all commands executed by providing a transparent wrapper around calls to execve() via LD_PRELOAD. Logging is done via syslogd and written to authpriv, allowing secure offsite logging of activity.
| | Author: | Mike Baker | | Changes: | Cleanups to the codebase, now logs the output of username and PID of the login shell, and a fix for install.sh to be compatible with older (v1.0) bash shells. | | File Size: | 9237 | | Last Modified: | Aug 3 17:31:00 2000 |
| MD5 Checksum: | bd7d181b3237e927c6c59eb361f0a995 |
|
| /// File Name: |
atalaya-1.2.tar.gz |
Description:
|
Atalaya notifies an administrator of incoming connections using /etc/hosts.allow. Includes support for Festival for speech.
| | Author: | Riseman | | Homepage: | http://sod-interactive.turincon.com | | File Size: | 23276 | | Last Modified: | Jul 29 00:57:32 2000 |
| MD5 Checksum: | 05bd6a826ce4549a1cf29c2f7998abfb |
|
| /// File Name: |
iplog-2.2.1.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger capable of logging TCP, UDP and ICMP traffic. Features a DNS cache, the ability to detect port scans, null scans, and FIN scans, "smurf" attacks, bogus TCP flags used in OS detection, Xmas scans, ICMP ping floods, UDP scans, and IP fragment attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris.
| | Author: | Odin | | Homepage: | http://ojnk.sourceforge.net | | Changes: | Fixed ident lookups and Fixed a bug that caused only one thread to change user or group when -u or -g was specified while the rest continued to run as root. | | File Size: | 128488 | | Last Modified: | Jul 7 16:28:03 2000 |
| MD5 Checksum: | 5411e3a556b0635361a2aa94a6e9faae |
|
| /// File Name: |
iplog-2.2.0.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger capable of logging TCP, UDP and ICMP traffic. Features a DNS cache, the ability to detect port scans, null scans, and FIN scans, "smurf" attacks, bogus TCP flags used in OS detection, Xmas scans, ICMP ping floods, UDP scans, and IP fragment attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris.
| | Author: | Odin | | Homepage: | http://ojnk.sourceforge.net | | Changes: | Much more portable, added support for a configuration file, better memory handling, bug fixes and documentation updates. | | File Size: | 128332 | | Last Modified: | Jul 3 23:57:03 2000 |
| MD5 Checksum: | ca906ef470c4313fe622d0a545a16cfe |
|
| /// File Name: |
hhp-PMS.tar.gz |
Description:
|
pms.pl is watches for certain running processes and alerts you via /dev/speech when they start.
| | Author: | Loophole | | File Size: | 4583 | | Last Modified: | Jun 26 02:59:03 2000 |
| MD5 Checksum: | 40b4b8bc523bcebaa66711f7ff038a38 |
|
| /// File Name: |
hhp-SSH_TROSNIFF.tgz |
Description:
|
hhp-trosniff is a complete package of patches to modify ssh, ssh2, sshd, ssh2d, and opensshd to extract and log the Incoming/Target HostName/UserName/Password. Intended to log brute force attacks and deleted users who try to gain access.
| | Author: | Loophole | | File Size: | 4064 | | Last Modified: | Jun 21 19:31:24 2000 |
| MD5 Checksum: | 8bc929c223f30bbea750ab01ca5fdd70 |
|
| /// File Name: |
ippl-1.99.5.tar.gz |
Description:
|
Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas | | Homepage: | http://pltplp.net/ippl/ | | Changes: | Fixed two typos and a bug causing ident on closing connexions to loop forever - this is the beta branch. | | File Size: | 73790 | | Last Modified: | May 29 15:05:00 2000 |
| MD5 Checksum: | 68349a916ed5fa20b43d1712ca70fbbf |
|
| /// File Name: |
ippl-1.4.10.tar.gz |
Description:
|
Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas | | Homepage: | http://pltplp.net/ippl/ | | Changes: | Bug fixes - This is a stable release. | | File Size: | 52901 | | Last Modified: | May 29 15:02:57 2000 |
| MD5 Checksum: | a4bf3a222c60db1be8814ea0754aaf6a |
|
| /// File Name: |
E-LogMonitor-1.0.tar.gz |
Description:
|
E-LogMonitor is an Enlightenment epplet that monitors various log files for the occurence of specified keywords. It supports up to 20 file/keyword combinations and provides various ways of alerting the user if a keyword has been detected.
| | Author: | Bart Cichosz | | Homepage: | http://barrrt.tripod.com/linux/ | | File Size: | 8130 | | Last Modified: | Apr 25 16:04:00 2000 |
| MD5 Checksum: | dab88b35217ca262194540c1ae86dc50 |
|
| /// File Name: |
logdog-0.94.4.tar.gz |
Description:
|
LogDog is a very easy to configure and install system log monitor for watching system log files and emailing administrators when problems are found. Note that LogDog sends email to REAL email addresses, and does not require sendmail to be installed, it uses SendEmail which is also written by me and is included with the LogDog package as of v0.94.4. LogDog has a single configuration file which allows you to easily specify a list of key words to watch for, a list of words to ignore, a list of administrators to email when problems are found.
| | Homepage: | http://caspian.dotconf.net/menu/Software/LogDog/ | | File Size: | 9144 | | Last Modified: | Apr 25 16:04:00 2000 |
| MD5 Checksum: | ef78d409fb2bc7ab18f4cf69ca825d1a |
|
| /// File Name: |
bash-2.04-bofh-0.0.1.tar.gz |
Description:
|
Unavailable.
| | File Size: | 17607 | | Last Modified: | Apr 25 15:32:36 2000 |
| MD5 Checksum: | 8970b42f5920a2144552090a5826c3ef |
|
| /// File Name: |
libol-0.2.16.tar.gz |
Description:
|
libol-0.2.16 is needed for syslog-ng 1.4.3.
| | Homepage: | http://www.balabit.hu | | File Size: | 152206 | | Last Modified: | Apr 18 16:04:00 2000 |
| MD5 Checksum: | 2e8071f42ea7faeb6121d07745636fa1 |
|
| /// File Name: |
netguard-2.0.0.tar.gz |
Description:
|
Netguard 2.0.0 is a lightweight IDS and packet sniffer. It supports Ethernet, PPP, FDDI and local loopback (for debuging). It can log IP, TCP, UDP, ICMP and IGMP packets according to the rules YOU sepcify to syslog, a file or standard input. Uses libpcap.
| | Author: | Monk | | Homepage: | http://iguard.virtualave.net/netguard/ | | Changes: | Full rewrite. Most types of ip/tcp/udp/icmp/igmp header flags can be configured to set off alarms. Released under GPL. | | File Size: | 16531 | | Last Modified: | Mar 24 03:57:24 2000 |
| MD5 Checksum: | e582e3fba29b95e31e8f0dfe9eff245d |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
