Section: .. / sniffers / snort /
| /// File Name: |
mudpit-1.5.tar.gz |
Description:
|
Mudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.
| | Author: | farm9opensource | | Changes: | Added per spool configuration variables for SID/Gen map, reference, and class files. Improved logging system, log at appropriate priorities. Improved autoconf mysql detection code and support for custom plugins supplied at configure time. | | File Size: | 396227 | | Last Modified: | Oct 26 11:49:29 2005 |
| MD5 Checksum: | e2294b01bc9a225720124842386b61e2 |
|
| /// File Name: |
mysecrep.gz |
Description:
|
mysecrep version 0.8 generates an audit-report from the syslog messages from snort, pcds and samhain, thus covering a whole range of security-tools, packed in 1 report. The report written is to disk and send via email. Written in Perl.
| | Author: | Bart Somers | | Homepage: | http://doornenburg.homelinux.net/scripts/ | | Changes: | Cleaned up snort reporting, making it more flexable to extend or modify. Modified the file mask settings. | | File Size: | 2267 | | Last Modified: | Dec 29 00:41:57 2003 |
| MD5 Checksum: | eae9d5901b568ea0587f60aed0c647c0 |
|
| /// File Name: |
nebula-0.2.2.tar.gz |
Description:
|
Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.
| | Author: | Tillmann Werner | | Homepage: | http://nebula.mwcollect.org/ | | File Size: | 228547 | | Last Modified: | May 30 14:54:27 2008 |
| MD5 Checksum: | 9d388753e6bf14c9811a92a586ce8cfa |
|
| /// File Name: |
nebula-0.2.3.tar.gz |
Description:
|
Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.
| | Author: | Tillmann Werner | | Homepage: | http://nebula.mwcollect.org/ | | Changes: | Entropy threshold bug corrected. Enabled realtime signal thread control only if available. BSD compatibility changes. | | File Size: | 164537 | | Last Modified: | Dec 10 14:56:48 2008 |
| MD5 Checksum: | 06eabd66634e7969203465fb94900f18 |
|
| /// File Name: |
netsquid.tar.gz |
Description:
|
NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
| | Author: | msconzo | | Homepage: | http://security.tamu.edu/db.html | | Changes: | Bug fixes and code cleanup. | | File Size: | 11700 | | Last Modified: | Jul 14 12:17:00 2004 |
| MD5 Checksum: | 19e7aae0da3a00b4c06694f6f8809919 |
|
| /// File Name: |
oinkmaster-0.8.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://nitzer.dhs.org/oinkmaster/ | | File Size: | 31725 | | Last Modified: | Sep 3 23:28:07 2003 |
| MD5 Checksum: | e888fb4d76c78c16e205984675fea78f |
|
| /// File Name: |
oinkmaster-0.9.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://nitzer.dhs.org/oinkmaster/ | | Changes: | Bug fixes. | | File Size: | 38511 | | Last Modified: | Dec 3 15:51:01 2003 |
| MD5 Checksum: | 8ed30c07f2ef5c977e1201a014bf9c5c |
|
| /// File Name: |
oinkmaster-1.0.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://nitzer.dhs.org/oinkmaster/ | | Changes: | Feature enhancements, bug fixes, and many other improvements. | | File Size: | 59252 | | Last Modified: | May 17 23:12:11 2004 |
| MD5 Checksum: | 1140fb5484944691268579ca7fc83518 |
|
| /// File Name: |
oinkmaster-1.1.tar.gz |
Description:
|
Version 1.1 of Oinkmaster. Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://oinkmaster.sourceforge.net/ | | File Size: | 69947 | | Last Modified: | Oct 24 13:49:17 2004 |
| MD5 Checksum: | 28cfaf6220f5fc3fa3f3838ea33cecf1 |
|
| /// File Name: |
oinkmaster-1.2.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://oinkmaster.sourceforge.net/ | | Changes: | Slightly improved documentation and examples. Many other changes. Check the changelog for more. | | File Size: | 75512 | | Last Modified: | May 21 16:20:50 2005 |
| MD5 Checksum: | 23dc212f3a5a93ab32253edb379cb724 |
|
| /// File Name: |
oinkmaster-2.0.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://oinkmaster.sourceforge.net/ | | Changes: | Major version bump to celebrate that Oinkmaster has now turned 5 years old! Check the changelog for more. | | File Size: | 80111 | | Last Modified: | Mar 8 23:01:13 2006 |
| MD5 Checksum: | d2a1b56f51cf40e919c63206ca4ec8f8 |
|
| /// File Name: |
openaanval-1.46-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | 1.46 includes the new OAD (Offender Analysis Database) which links OpenAanval consoles from around the world together to share offender details and statistics. | | File Size: | 1960658 | | Last Modified: | May 5 15:30:49 2004 |
| MD5 Checksum: | 8cdee7b1ed5cffb688bb977ea453c6ac |
|
| /// File Name: |
openaanval-1.47-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | This release includes a few major bug fixes and several minor new features. | | File Size: | 1964407 | | Last Modified: | May 9 15:07:04 2004 |
| MD5 Checksum: | 83bc704655e4578d092671b549fcf5ea |
|
| /// File Name: |
openaanval-1.48-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | Miscellaneous bug fixes including a client side memory leak. In addition various new features have been added and streamlined. | | File Size: | 1966981 | | Last Modified: | May 20 17:52:51 2004 |
| MD5 Checksum: | 43453b81db08a3373a0e55b859d5e139 |
|
| /// File Name: |
openaanval-1.50-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | New features of 1.50 include all new notes and incident tracking system. Additional syslog support now works with any device including cisco, sonicwall and more. New setup and installation system and much, much more. | | File Size: | 2013155 | | Last Modified: | Aug 17 01:20:58 2004 |
| MD5 Checksum: | 6f1ebf4effc89562f6124da3d3d42429 |
|
| /// File Name: |
openaanval-1.52-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | New 1.52 features include database auto-archiving, ICMP and port scanning module, RALPH (Remote Assessment Logically Programmed Humanoid), Community Module, many bug fixes and more. | | File Size: | 2156729 | | Last Modified: | Oct 13 02:53:18 2004 |
| MD5 Checksum: | 8865637e7c072e36ee76a36c289d2e42 |
|
| /// File Name: |
openaanval-1.53-stable.tar.gz |
Description:
|
Openaanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, openaanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.
| | Homepage: | http://www.aanval.com | | Changes: | New sensor mgmt tools for auto sig updates, RALPH additions, additional performance, and many bug fixes. | | File Size: | 2169133 | | Last Modified: | Dec 7 03:27:30 2004 |
| MD5 Checksum: | 5d2da3ac491cdd598b08feb07db7eb93 |
|
| /// File Name: |
pgsql_php3 |
Description:
|
This is a php script which goes to the database (Postgresql) and generate some statistics from the data. For more info see this snortdb page.
| | Author: | Yen-Ming Chen | | Homepage: | http://xanadu.incident.org | | File Size: | 18924 | | Last Modified: | Nov 14 16:39:30 2000 |
| MD5 Checksum: | 60b87f3b1313543c52c6070d66a776fa |
|
| /// File Name: |
placid-2.0.2.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | File Size: | 23641 | | Last Modified: | Jun 18 00:31:12 2004 |
| MD5 Checksum: | 7772b3d934d1fb3570c05d335ede895d |
|
| /// File Name: |
placid-2.0.3.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | Changes: | Bug fixes. Minor additions and changes. | | File Size: | 23673 | | Last Modified: | Sep 15 01:07:28 2004 |
| MD5 Checksum: | d1d9567937ae2c8b4c21c0d14c504006 |
|
| /// File Name: |
placid-2.0.5.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | Changes: | Bug fixes. Minor additions and changes. | | File Size: | 28022 | | Last Modified: | Dec 11 15:15:55 2004 |
| MD5 Checksum: | a3653eec44cd2c539a0c979f13f2113f |
|
| /// File Name: |
placid-2.0.7.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | Changes: | Bug fixes. Minor additions and changes. | | File Size: | 29839 | | Last Modified: | Jun 1 03:51:33 2005 |
| MD5 Checksum: | 4d6a2269375a13a1ea7bcb6703e7d701 |
|
| /// File Name: |
placid-2.1.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | Changes: | Bug fixes, Fixed start/end time problems when searching, Added http refresh to UI, Added returned row count to search summary screen, and more. | | File Size: | 29412 | | Last Modified: | Jan 15 12:35:06 2006 |
| MD5 Checksum: | b1a34da0a60a88624812efff71cddb7e |
|
| /// File Name: |
razorback-0.1.0.tar.gz |
Description:
|
Razorback is a log analysis program for Gnome which interfaces with the Snort Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Screenshot here.
| | Homepage: | http://www.intersectalliance.com/projects/index.html | | File Size: | 285818 | | Last Modified: | Feb 5 20:06:01 2001 |
| MD5 Checksum: | 2225141d4aaa79df5dc8aadcda01ee11 |
|
| /// File Name: |
razorback-0.1.1.tar.gz |
Description:
|
Razorback is a log analysis program for Gnome which interfaces with the Snort Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Screenshot here.
| | Homepage: | http://www.intersectalliance.com/projects/index.html | | Changes: | Preference bug fixed. | | File Size: | 285781 | | Last Modified: | Apr 10 20:13:06 2001 |
| MD5 Checksum: | 269e78129b2fbb2d2e248940a92cdf49 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
