Section: .. / UNIX / IDS /
| /// File Name: |
slocate-1.5.tar.gz |
Description:
|
Secure Locate 1.5 - Secure locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also store file permissions and ownership so that users will not see files they do not have access to. It is a bit slower than the GNU locate, but thats the price for security.
| | Author: | Kevin Lindsay | | Changes: | A couple of bug fixes but mostly new features. You can now search using basic POSIX regular expressions. It should also be noted that Redhat 6.0 has switched from GNU Locate to Secure Locate as the default filesystem indexing/searching mechanism. | | File Size: | 18683 | | Last Modified: | Aug 16 20:02:45 1999 |
| MD5 Checksum: | 15ad0eebaf97032015c8de884c1c238d |
|
| /// File Name: |
slocate-1.6.tar.gz |
Description:
|
Secure Locate 1.6 - Secure locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also store file permissions and ownership so that users will not see files they do not have access to. It is a bit slower than the GNU locate, but thats the price for security.
| | Author: | Kevin Lindsay | | Changes: | Optimized some code to make updating the database much faster, patched to allow smoother installation on FreeBSD, and some other minor bug fixes. | | File Size: | 19413 | | Last Modified: | Aug 16 20:02:47 1999 |
| MD5 Checksum: | 6096f7b0e4c4761bb2257dd83405bdb9 |
|
| /// File Name: |
Snmpd-1.0.1.tar.gz |
Description:
|
SNMP based network management program to alleviate certain problems of heterogeneous systems. Requires Scotty and Tcl/Tk
| | File Size: | 150464 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | 51633bc34a643576509f93d1267a048d |
|
| /// File Name: |
Snmpd-1.0.2.tar.gz |
Description:
|
SNMP based network management program to alleviate certain problems of heterogeneous systems.
| | File Size: | 150419 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | dbbb86291943e248650d9885a06ba4ca |
|
| /// File Name: |
SnmpMonitorEx-1.0.1.tar.gz |
Description:
|
Safely monitor SNMP variables on the net. If there are changes, you can get a message on your cellular, by mail or on screen. Requires Scotty and Tcl/Tk
| | File Size: | 42929 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | ef1457bcc056e25307efe5361fd4e453 |
|
| /// File Name: |
sockstat.c |
Description:
|
SocketStat v1.0 - by Richard Steenbergen and Drago. Inspired by dreams, coded by nightmares. Nifty way to find which processes are using what sockets, Can be used to detect users who clone on irc, connect where they shouldn't (bots on non-bot servers), are running hidden servers, etc.
| | File Size: | 8826 | | Last Modified: | Sep 30 16:30:27 1999 |
| MD5 Checksum: | f00ff838c3e2432ccc6b04826912c153 |
|
| /// File Name: |
sockstat.tar.gz |
Description:
|
Simple C program written to display open ports on a given host. Useful for when things like netstat and sockstat might be backdoored.
| | Author: | duriel | | File Size: | 1583 | | Last Modified: | Jul 9 07:42:07 2006 |
| MD5 Checksum: | 69e90ab3d31c5acc04a8263c800cee6e |
|
| /// File Name: |
spar-1.2.tar.gz |
Description:
|
'spar' is used to select records from a UNIX process accounting file. It is usually faster than most 'lastcomm's and significantly more flexible and powerful.
| | Homepage: | ftp://coast.cs.purdue.edu/pub/tools/unix/TAMU/ | | File Size: | 30489 | | Last Modified: | Jan 10 03:00:00 1994 |
| MD5 Checksum: | cb7c0b827c5642c3086d25e14fb5e1f6 |
|
| /// File Name: |
sploitmon.pl |
Description:
|
sploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi.
| | Author: | Bansh33 | | Homepage: | http://www.r00tabega.com | | File Size: | 1902 | | Last Modified: | Jun 29 11:29:47 2000 |
| MD5 Checksum: | aa2fb5d66590141e34932b7013cb78d9 |
|
| /// File Name: |
spong.tar.gz |
Description:
|
System monitoring package coded in perl. Monitors clients, networks, host groups, and displays info via web interface.
| | File Size: | 54819 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | 5d0505a407855c02859e7313b755e83b |
|
| /// File Name: |
step.htm |
Description:
|
Eight Steps to A Working Intrusion Detection System - The SANS Institute. Preface and instructions for STEP package below.
| | File Size: | 60436 | | Last Modified: | Aug 16 20:02:35 1999 |
| MD5 Checksum: | c880c48f3099b3cb999cf34e2e224ffd |
|
| /// File Name: |
step.tar.gz |
Description:
|
SHADOW: comprehensive network monitoring/analysis/intrusion detection software. 4.2MB. For UNIX.
| | Author: | SANS' Cooperative Intrusion Detection Evaluation and Response (CIDER) Project | | File Size: | 4200183 | | Last Modified: | Aug 16 20:02:25 1999 |
| MD5 Checksum: | f968139cab6f6fbdb767e6a52aeabef0 |
|
| /// File Name: |
stjude-0.4.tgz |
Description:
|
StJude is an attempt to monitor the flow of privilege in my Solaris boxes. It tries to detect privilege violations or improper transitions (ie stack smashing, or other local root exploits) by watching audit trails.
| | Author: | Tim Lawless | | File Size: | 6277 | | Last Modified: | Mar 6 15:47:53 2000 |
| MD5 Checksum: | b416a0164c195804d20a79668d919373 |
|
| /// File Name: |
suidshow.c |
Description:
|
suidshow.c is a linux lkm that will log any non-root user doing a setuid(0) or a setreuid(0,0) system call. CyberPsychotic
| | File Size: | 1594 | | Last Modified: | Oct 26 20:23:28 1999 |
| MD5 Checksum: | 241bfda6ea160e113020cfd540674192 |
|
| /// File Name: |
suricata-0.8.2.tar.gz |
Description:
|
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
| | Homepage: | http://www.openinfosecfoundation.org/index.php/download-suricata | | Changes: | This release adds support for detection_filter and http_client_body keywords, adds support for HTTP parser server personalities, fixes the CUDA code on x86_64, improves IPv6 support, adds support for PID files, reduces memory usage, and fixes many bugs. | | File Size: | 1371420 | | Last Modified: | Apr 30 19:29:20 2010 |
| MD5 Checksum: | 994ff6a5444b2933e892febedc31a7cc |
|
| /// File Name: |
suricata-0.9.0.tar.gz |
Description:
|
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
| | Homepage: | http://www.openinfosecfoundation.org/index.php/download-suricata | | Changes: | Support for the http_headers rule keyword was added. Privilege dropping support was added. Support for pass rules was added. Windows inline mode (IPS) support was added. Many bugs were fixed. | | File Size: | 1409166 | | Last Modified: | May 6 22:05:42 2010 |
| MD5 Checksum: | 67a6fa4f30952ecf8fc554a83d9cd13c |
|
| /// File Name: |
suricata-0.9.1.tar.gz |
Description:
|
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
| | Homepage: | http://www.openinfosecfoundation.org/index.php/download-suricata | | Changes: | Support for the ASN1 keyword was added. Support for the ERF file format was added. Rule profiling support was added. An SSLv2 and SSLv3 parser were added. Many bugs were fixed. | | File Size: | 1453057 | | Last Modified: | May 27 01:30:57 2010 |
| MD5 Checksum: | 4208520142d516e6ee13fcb38b6e5f82 |
|
| /// File Name: |
suricata-0.9.2.tar.gz |
Description:
|
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
| | Homepage: | http://www.openinfosecfoundation.org/index.php/download-suricata | | Changes: | Support was added for DAG cards, reassembled stream scanning, the http_uri keyword, dce keywords, and ratefilter. Support was improved for uricontent, asn1, and threshold. Memory leaks were fixed. Performance was improved. | | File Size: | 1545389 | | Last Modified: | Jun 25 01:23:16 2010 |
| MD5 Checksum: | e53cbf8e39c842ae7cfea9a0ca61085e |
|
| /// File Name: |
suricata-1.0.0.tar.gz |
Description:
|
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
| | Homepage: | http://www.openinfosecfoundation.org/index.php/download-suricata | | Changes: | This release adds support for tag keywords, support for DCERPC over UDP, duplicate signature detection, and improved CUDA support, URI inspection, stability, and performance. | | File Size: | 1597156 | | Last Modified: | Jul 3 14:31:20 2010 |
| MD5 Checksum: | 01b8a6e4908f4a35f7f5d09b1a84cf5e |
|
| /// File Name: |
suricata-1.0.1.tar.gz |
Description:
|
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
| | Homepage: | http://www.openinfosecfoundation.org/index.php/download-suricata | | Changes: | Detection accuracy was greatly improved. The stream engine was improved. Various other bugs were fixed. | | File Size: | 1607941 | | Last Modified: | Aug 3 02:11:28 2010 |
| MD5 Checksum: | ad42b854ef2b44499f0f1d1531b1ca36 |
|
| /// File Name: |
suricata-1.0.2.tar.gz |
Description:
|
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
| | Homepage: | http://www.openinfosecfoundation.org/index.php/download-suricata | | Changes: | An SSH module was added. Several TCP evasions were fixed. Language compatibility was improved. HTTP detection accuracy was improved. Inline mode was improved. | | File Size: | 1630936 | | Last Modified: | Sep 2 23:18:47 2010 |
| MD5 Checksum: | 57c93a22602ecc9bbe5857beeb79cb5d |
|
| /// File Name: |
swatch-2.2.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://www.stanford.edu/~atkins/swatch/ | | Changes: | Fixed a big bug involving key value assignment when throttling. | | File Size: | 44862 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 0d787edd73d358eefcf9e7a601fb7cb7 |
|
| /// File Name: |
swatch-2.2.tar.Z |
Description:
|
Monitor logfiles, scan for specific entries in the log file, and take the action you have determined. Use with tcp_wrappers for excellent monitoring system.
| | File Size: | 63081 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 187aab00dfe0427d2aac13d4672b9a8c |
|
| /// File Name: |
swatch-3.0.2.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://oit.ucsb.edu/~eta/swatch | | Changes: | Defaults to /var/adm/messages now. Lots of bugs were fixed. | | File Size: | 24250 | | Last Modified: | Sep 6 01:46:02 2001 |
| MD5 Checksum: | 609a50a2c089417f76a6d13635407463 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
