FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
fbe918235e97994a50f3b54855f3c876Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
88bb7f628e5bf1edc6409fbb126eaed0Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
108b3c20dcbaf3cdb17ea9203342eaaaSIGOF (Security Information Graphics Oriented Forensic) has been developed as a complement to the ACID or BASE project by implementing useful and detailed graphical presentation of security information/events. This program can exploit any security information stored in an ACID/BASE database schema. SIGOF introduces another way to manage security forensics and analysis by providing graphical representation of statistical and security trends. This approach provides the ability to manage a large amount of security events.
10dcd8e1901d4a034db1b6e840a6a852Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
f9905b9d347acdc05af664a7553f7f76Aanval is a data management, correlation and analysis console designed specifically for Snort and Syslog data. Featuring custom reports, real time displays, browser-based, multi-user, multi-sensor, advanced analysis charting and graphing, host matching, custom displays, complete remote sensor management, automatic signature updating, signature editing and more.
f153d912d45395de4195eb85ec2533ebSnortattack is a bash shell script that is designed to make the installation of snort in inline mode on Fedora or Debian as easy as possible.
6b6a49505070bcc0fa3137a86710ae0bSnort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
9dc9060d1f2e248663eceffadfc45e7eOinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
d2a1b56f51cf40e919c63206ca4ec8f8FlashFXP Account Spy 1.0 - Utility to capture login credentials of FlashFXP.
910ca515c299d05cafaa56d48bd387dcFLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
284cd0579b1afda45db4ac93f2dc41d8The Aanval Intrusion Detection Console is the industries most advanced and feature rich snort and syslog data management and correlation system. Aanval supports multiple sensors, snort devices, syslog devices, linux/unix and Mac OS X compatible, live updating monitors, data archiving, email reporting and much, much more.
15c098738e1c2b755b23f635c0ebfb29FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
d2a2fc3191e078c234d8b23f52a56227Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
b1a34da0a60a88624812efff71cddb7eSnortSMS is a highly configurable sensor management system that provides the ability to remotely administer Snort [and Barnyard] based Intrusion Detection Systems (IDS), push configuration files, add/edit rules, and monitor system health and statistics, all from a simple and clean Web interface console. Whether you have one or multiple Snort sensors, it can help unify and synchronize all sensor configurations.
40c577ee51dd2aa83c75b0a6e4960fb9AIM Sniff is a utility for monitoring and archiving AOL Instant Messenger messages across a network which has the ability to do a live dump (actively sniff the network) or read a PCAP file and parse the file for IM messages. You also have the option of dumping the information to a MySQL database or STDOUT. AIM Sniff will also monitor for an AIM login and then perform an SMB lookup on the originating computer in order to match NT Domain names with AIM login names (handles). A basic Web frontend is included.
17734c6209dbd2632daf7e295a8a830aEthereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
44e7418a9a820d6e6dce6315c70fa6e2Aanval is a web based Snort intrusion detection console. Currently supporting Snort and syslog, Aanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.
d7cd76e828a1da4bc0c84774a110bcacIncident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
a294cb57de5f5dc3e63f3e100a8808aaA simple libpcap based MSN protocol sniffer.
900be0beea498b18f03e2d67656d9d32dietsniff is a tiny tool for analyzing traffic on a network. It is not intended to replace well-known tools like tcpdump or ethereal. It is intended for the case when a small and especially static sniffer is required. Accordingly, it is also by far not that powerful, and is also bound to Linux as a platform.
e9762cebf8b18d29debb636fa861c16bMudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.
e2294b01bc9a225720124842386b61e2Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
08d277951ff6f6a93c752abebd85d5bcSnort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
5c3c8c69f2459bbe0c1f2057966c88a7BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
66acf9b2f565cbebb1d33e49d360ed3c
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed