Section: .. / UNIX / IDS /
| /// File Name: |
samhain-2.5.10.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | This release fixes a race condition that would cause problems with stale file handles under certain conditions. | | File Size: | 1991041 | | Last Modified: | Oct 12 04:42:29 2009 |
| MD5 Checksum: | 987a29fc83fc76b67511487425054cf1 |
|
| /// File Name: |
samhain-2.5.2b.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | File Size: | 1849440 | | Last Modified: | Jan 29 13:55:35 2009 |
| MD5 Checksum: | d8d6abf44e3d5b38cd956079658f1088 |
|
| /// File Name: |
samhain-2.5.4.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | File Size: | 1872356 | | Last Modified: | Mar 5 17:19:36 2009 |
| MD5 Checksum: | bbbaf653bbaef5ee71fadb04c71872e0 |
|
| /// File Name: |
samhain-2.5.5.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | File Size: | 1971622 | | Last Modified: | Apr 30 18:19:13 2009 |
| MD5 Checksum: | 7376fec2397f37fc1dabcbd77aed56ab |
|
| /// File Name: |
samhain-2.5.7.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | A potential deadlock has been fixed along with a configuration reload bug in the \'userfiles\' module. C99-style comments have been removed to improve portability, and the format of the date header of emails has been corrected. | | File Size: | 1839616 | | Last Modified: | Jul 23 12:36:58 2009 |
| MD5 Checksum: | 0601ac54729e94fc5f989ab7d33bd1d4 |
|
| /// File Name: |
samhain-2.5.8.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | This release fixes two bugs in the mailer code: MX resolving would fail sometimes, and a deadlock could occur. | | File Size: | 1052672 | | Last Modified: | Aug 15 14:52:04 2009 |
| MD5 Checksum: | 4870c9a0fb5fc8faff8b0ec5fe4004de |
|
| /// File Name: |
samhain-2.6.0.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Pathname expansion is now performed at each file check, rather than only at startup. The SUID check runs in a separate thread now. Some minor bugs have been fixed. | | File Size: | 1879999 | | Last Modified: | Oct 31 19:21:15 2009 |
| MD5 Checksum: | 853067c79bedc70b870ad03e91993f72 |
|
| /// File Name: |
samhain-2.6.1b.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | On Linux, login/logout tracking now uses inotify. Log file monitoring has been enhanced to support checking for missing heartbeat messages, reporting bursts of repeated messages, and checking for correlated events. UID/GID caching has been improved to reduce the number of lookups, and a compile problem on Cygwin has been fixed. | | File Size: | 1904857 | | Last Modified: | Dec 23 09:41:34 2009 |
| MD5 Checksum: | 226f775243535456bf852b406ffc4fe1 |
|
| /// File Name: |
samhain-2.6.3.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | This release fixes a regression in the email module which caused messages of the highest priority to be queued along with lower priority messages, instead of being mailed immediately. | | File Size: | 1908972 | | Last Modified: | Mar 10 15:06:36 2010 |
| MD5 Checksum: | d0b25c09bad153304f4aadba4b449c0e |
|
| /// File Name: |
samhain-2.6.4.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | The log monitoring module has been enhanced to allow monitoring the output of shell commands. Some bugs in the log monitoring and kernel checking modules have been fixed. | | File Size: | 1914063 | | Last Modified: | Mar 22 16:04:16 2010 |
| MD5 Checksum: | e82003912ec06a435b432f0c60f9d2ea |
|
| /// File Name: |
samhain-2.7.0.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | The login monitoring module has been enhanced to check for anomalies. The kernel integrity check now supports Linux/x86_64, as well as Linux kernels that have /dev/kmem disabled. | | File Size: | 870400 | | Last Modified: | May 4 21:25:13 2010 |
| MD5 Checksum: | 862c1956de8489a14f02c6ccbcece5ba |
|
| /// File Name: |
samhain-2.7.1.tar.gz |
Description:
|
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
| | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | Logging of client reports to prelude can be done by the server now (rather than by the clients themselves). The configuration file parser now accepts C-style quoting for filenames, and the maximum line length has been increased to 16382 characters. Some compile problems have been fixed. | | File Size: | 1936148 | | Last Modified: | Jun 7 17:11:41 2010 |
| MD5 Checksum: | 3e5eca3315332b494b2b68645bb342d4 |
|
| /// File Name: |
scanlogd.c |
Description:
|
Example port scan detection tool. Pseudo code.
| | File Size: | 10069 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | f06b8f9647890ac88eba709179ae4bd9 |
|
| /// File Name: |
scanpromisc.c |
Description:
|
REMOTE promiscuous ethernet detector. For Red Hat 5.x.
| | Author: | Savage of El Apostols | | File Size: | 5009 | | Last Modified: | Aug 16 20:02:39 1999 |
| MD5 Checksum: | 3e1436917e8949442a939c11a1534f96 |
|
| /// File Name: |
scotty-2.1.9.tar.gz |
Description:
|
Powerful network editor/monitor that can understand SNMP, ICMP, DNS, HTTP, SUN RPC, NTP and UDP protocols. Tcl/Tk.
| | File Size: | 1385587 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | e05307f54f3cf0a56eea39cf1fe73b0c |
|
| /// File Name: |
seclog |
Description:
|
Seclog (security logger) is a log auditing tool written in Perl. It will watch /var/log/messages for suspicious information, and notify you via email.
| | Author: | Dilusi0n | | Homepage: | http://www.gotr00t.com/~dilusi0n/ | | File Size: | 3391 | | Last Modified: | Mar 23 16:03:00 2000 |
| MD5 Checksum: | 478b20c9c35d7911278969dcfdac5aae |
|
| /// File Name: |
seclogv03.tar.gz |
Description:
|
Seclog (security logger) is a log auditing tool written in Perl. It will watch /var/log/messages for suspicious information and notify you via email.
| | Author: | Dilusi0n | | Homepage: | http://www.gotr00t.com/~dilusi0n/ | | Changes: | Major rewrite, all system calls have been removed, works much faster now, more secure, saves backups of the reports/mails it creates. | | File Size: | 1975 | | Last Modified: | Apr 3 20:02:57 2000 |
| MD5 Checksum: | 6ef5106814689b8a023946eaa3002edb |
|
| /// File Name: |
securelib.tar.gz |
Description:
|
Protect your RPC daemons against unauthorized access. Shared library for SunOS 4.1 and later.
| | File Size: | 9766 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 2d149f795d1dbcabd85e29225fcac6a3 |
|
| /// File Name: |
secureworx0_7-B1.sh |
Description:
|
Secure Worx (TM) Network Intrusion Detection System - The intrusion detection system is a network based system that performs high-speed traffic analysis of the content and context of a network packet to detect unauthorized traffic in real-time. It has inexpensive hardware and OS requirements. The intrusion detection system runs on a Intel Pentium class compatible processor with a 10/100 Ethernet card running the Linux OS with kernel 2.2 and above with a configured TCP/IP stack. The installation process involves running an installation script that asks a few simple questions. It is then a simple matter of starting the software and your network is then searched for anomalous activity.
| | Author: | Secure Worx | | Homepage: | http://secureworx.homestead.com | | File Size: | 107122 | | Last Modified: | May 2 19:35:35 2000 |
| MD5 Checksum: | a4743d99fc1ca09beb0fcf86ef7f7579 |
|
| /// File Name: |
sensorTrends-0.6.tar.gz |
Description:
|
sensorTrends is a GPL web-based application that displays a high-level view of the ports that are being scanned over the course of time. The display is similar to the look and feel of Internet Storm Center (incidents.org). Supported log formats are Cisco router Access Control Lists (ACLs) syslog output, Cisco PIX firewall syslog output, Snort's portscan.log files and NetScreen syslog output, and more. Demonstration page available here.
| | Author: | John Weidley | | Homepage: | http://www.packetshack.org/index.php?page=sensorTrends | | File Size: | 17499 | | Last Modified: | Oct 30 14:00:05 2003 |
| MD5 Checksum: | e038e47abfe3838a0ae230d2465c1cf1 |
|
| /// Directory: |
/ sentinel / |
Description:
|
The Sentinel project is designed to be a portable, accurate implementation of all publicly known promiscuous detection techniques.
| | Total Files: | 5 | | Last Modified: | Sep 5 21:21:00 2007 |
|
| /// File Name: |
sentinel-1.2.0.tar.gz |
Description:
|
Sentinel is a fast file/drive scanning utility similar to the Tripwire and Viper.pl utilities available. It uses a database similar to Tripwire, but uses a RIPEMD-160bit MAC checksumming algorithm (no patents) which is more secure than the patented MD5 128 bit checksum. It should run on most unixes (tested on redhat linux v6.0 & v5.2, slackware linux v3.x & 4.xb and IRIX (v5.2 and v6.x). Several other utilities which are used for Sentinel development are also posted here. Most utilities are included with the sentinel tarball. gSentinel is a graphical front-end to sentinel. Newbies should download gSentinel as it comes with a very simple rpm based installation and offers a friendly interface. Beware that gSentinel is currently under development and may be fairly crude compared to most GUI packages.
| | Homepage: | http://zurk.netpedia.net/zfile.html | | File Size: | 395168 | | Last Modified: | Jan 24 19:55:33 2000 |
| MD5 Checksum: | 6c7adcd611c90494db94c4e3f9b579cc |
|
| /// File Name: |
sentinel-1.2.1.tar.gz |
Description:
|
Sentinel is a fast file integrity checker similar to Tripwire or ViperDB with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database.
| | Homepage: | http://zurk.sourceforge.net/zfile.html | | Changes: | A -fullcheck option has been added which allows you to check for files added to the drive even if they are not in the database. The efficiency and speed of the algorithms for checking and database creation have also been improved, allowing it to work at or near a hard disk's max throughput limits. | | File Size: | 407678 | | Last Modified: | Mar 21 17:11:09 2001 |
| MD5 Checksum: | 1dd56b8670f857d7f1299bbe7dd3ced7 |
|
| /// File Name: |
sentinel-1.2.1c.tar.gz |
Description:
|
Sentinel is a fast file integrity checker similar to Tripwire or ViperDB with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database.
| | Homepage: | http://zurk.sourceforge.net/zfile.html | | Changes: | Sentinel-user for individual users has been added. The copyright has been changed to the FSF. This release also contains minor makefile updates. | | File Size: | 443155 | | Last Modified: | Apr 24 21:24:03 2001 |
| MD5 Checksum: | 87a55fcb020303d4d8efe60317948c3a |
|
| /// File Name: |
servme.tar |
Description:
|
Servme is a small daemon that listens on a port and logs the contents of all incoming connections to a file. New release allows emulation of ssh, Apache, VS-FTPD, telnetd, and generic open ports.
| | Author: | Chris | | Homepage: | http://www.cr-secure.net | | File Size: | 20480 | | Last Modified: | Aug 7 16:18:37 2004 |
| MD5 Checksum: | c317394522eebf8b04cb1b4ff4cfe6b5 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
