Snort

The Auditor security collection is a Live-System based on KNOPPIX. With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working...

OSSIM aims to unify network monitoring, security, correlation, and qualification in one single tool. The project combines Snort, BASE, NTOP, Nagios, nmap, nessus, and rrdtool to provide the user with full control over every aspect of networking or security..

Webminstats is a basic system static logging application that graphs the results. Its first use is system analysis. Currently it uses webmin as a base web server and tools package. The basic design is for a system that can have modules add and removed as easily as webmin itself, well almost....


Platforms: *nix

Mudpit is an intelligent, modular, and reliable spool processor for Snorts unified format. Whats New in This Release: - This release adds per-spool configuration variables for SID/Gen map, reference, and class files. - It improves the logging system, which will log at appropriate priorities....


Platforms: *nix

Cryptcat is the standard netcat enhanced with twofish encryption with ports for WIndows NT, BSD and Linux. Twofish is courtesy of counterpane, and cryptix. TCP/IP swiss army knife extended with twofish encryption - Cryptcat is a simple Unix utility which reads and writes data across network...


Platforms: *nix

Firestorm is an extremely high performance network intrusion detection system (NIDS). At the moment it just a sensor but plans are to include real support for analysis, reporting, remote console and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible. Firestorm...


Platforms: *nix

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system. BASE is a web interface to perform analysis of...


Platforms: *nix

STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. Its a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to...


Platforms: *nix

Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML and XML, or to monitor firewalling logs in real-time. This project is part of the WallFire project, but can be used independently. Usage examples: wflogs -i netfilter -o html...


Platforms: *nix

pdumpq provides a pcap Dump for Linux/Netfilter QUEUE. pdumpq can be used to take queued packets from netfilter/iptables and dump them to a file that decoders like tcpdump, ethereal, and snort can read. You can also just pipe it through to the packet decoder and see what is in those packets...


Platforms: *nix

Linux on the WRT54G is a mini-distribution for the router and access point Linksys wrt54g 802.11b/g It includes basic tools such as sh, syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, find, nfs modules, etc. The installation script runs in about 20...


Platforms: *nix

The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux Netfilter firewalling code to detect port scans and other suspect traffic. Port Scan Attack Detector project features a set of highly configurable danger thresholds (with...


Platforms: *nix

LooperNG is an intelligent event routing daemon. Primarily used for Network Management, this application can be used to accomplish a variety of tasks related to logging and alerting. It is a modularised, rules-based event routing system that is flexible and easy to use. It is primarily deployed...


Platforms: *nix

logsends main goal is to provide an easy way of receiving e-mail notifications about the changes to the systems (log) files, which makes it suitable for watching mainly the server activity. Logsend acts like a daemon; it watches the specified files and mails the changes (additions) to your...


Platforms: *nix

Logrep is a secure multi-platform framework for the collection, extraction, and presentation of information from various log files. It features HTML reports, multi dimensional analysis, overview pages, SSH communication, and graphs, and supports over 30 popular systems including Snort, Squid,...


Platforms: *nix

The Bait and Switch Honeypot is a multifaceted attempt to take honeypots out of the shadows of the network security model and to make them an active participant in system defense. To do this, we are creating a system that reacts to hostile intrusion attempts by redirecting all hostile traffic...


Platforms: *nix

glFlow is a (D)DoS logger written with speed in mind. glFlow detects attacks on high speed links through real-time flow aggregation and analysis. What do I run it on ? It was written on FreeBSD and tested on both FreeBSD and Linux. It should work on any OS to which libpcap and OpenSSL were...


Platforms: *nix

ANET Log Collector ile 5651 Nolu yasa kapsamánda sistemde alánmasá gereken tALm loglarán merkezi bir noktaya toplanmasáná ve kanunda belirtilen Bilgilerin Do°rulu°unu, BALtALnlAL°ALnAL ve oluAlacak olan verinin dosya bALtALnlALk de°eri olan HASH bilgisinin zaman damgasá ile...


Platforms: Windows

WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and...


Platforms: Windows

BASE+ (Basic Analysis and Security Engine) is based on ACID project. This application provides a web front-end to query and analyze the alerts coming from various IDS systems (e.g. Snort).


Platforms: Windows, Mac, Linux