Sniffer Detection
Scanhill project is a Microsoft Messenger Protocol Sniffer. Currently it can only intercept Instant Text Messaging. Optionally, intercepted text messages can be stored onto an RDMBS (Only mySQL is supported for now). Given that mySQL is used, stored instant messages can be read through a...
Platforms: *nix
License: Freeware | Size: 28.67 KB | Download (106): Scanhill Download |
scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with, for a Phrack Magazine article (see below). Thus, unlike some of the other port scan detection tools out there, scanlogd is designed to be totally safe to use. This...
Platforms: *nix
License: Freeware | Size: 10.24 KB | Download (106): scanlogs Download |
The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities.The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in...
Platforms: *nix
License: Freeware | Size: 30.72 KB | Download (105): Firewall Tester Download |
jNetStream is a protocol analyzer and a sniffer. A set of applications and complete Java library are provided with a comprehensive API. Hundreds of protocols have been defined, and the list can be expanded with a simple NPL language. It is appropriate for custom protocol development, grad...
Platforms: *nix
License: Freeware | Size: 471.04 KB | Download (105): jNetStream Download |
Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. Asset management is an important factor in information security. A good security administrator should keep track of all devices attached to the network. Even though active...
Platforms: *nix
License: Freeware | Size: 235.52 KB | Download (105): Pads Download |
EasyIDS software is an easy to install intrusion detection system configured for Snort. Based upon Patrick Harpers Snort installation guide and modeled after the trixbox installation cd, EasyIDS is designed for the network security beginner with minimal Linux experience. Whats New in This...
Platforms: *nix
License: Freeware | Size: 480 MB | Download (104): EasyIDS Download |
Hogwash is an inline packet scrubber that uses Snorts detection engine to drop malicious packets before they reach the target. The original version of what is now hogwash was written in 1996 while I was at Idaho State University. I had a web server that when patched, broke the software it...
Platforms: *nix
License: Freeware | Size: 194.56 KB | Download (103): Hogwash Download |
pynids is a python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine (or kill) network links. pynids is free software, licensed under the GPL. To...
Platforms: *nix
License: Freeware | Size: 133.12 KB | Download (103): pynids Download |
Vipuls Razor is a collaborative, distributed, spam detection and filtering network. Through user contribution, Razor establishes a distributed and constantly updating catalogue of spam in propagation that is consulted by email clients to filter out known spam. Detection is done with statistical...
Platforms: *nix
License: Freeware | Size: 788.48 KB | Download (102): Vipuls Razor Download |
pcapsipdump is libpcap-based SIP sniffer with per-call sorting capabilities. It writes SIP/RTP sessions to disk in a same format, as "tcpdump -w", but one file per SIP session (even if there is thousands of concurrent SIP sessions).
Platforms: *nix
License: Freeware | Size: 20.48 KB | Download (101): pcapsipdump Download |
KOJAK (Kit for Objective Judgement and Knowledge-based Detection of Performance Bottlenecks) is a set of generic and interoperable tool components designed for the performance analysis of parallel applications. Their functionality addresses the entire analysis process including instrumentation,...
Platforms: *nix
License: Freeware | Size: 2.4 MB | Download (101): KOJAK Download |
pkdump is a port scanning detection tool. The program detect any TCP ,UDP port scanning or open connection attempt from foreign host over the internet with IP protocol version 4 or IP protocol version 6 . The program can detect: TCP connect , TCP syn , TCP fin , TCP xmas, TCP ack, TCP null(no...
Platforms: *nix
License: Freeware | Size: 18.43 KB | Download (100): pkdump Download |
Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were...
Platforms: *nix
License: Freeware | Size: 143.36 KB | Download (100): Libnids Download |
ImSafe (Immune Security For your Enterprise) is a host-based intrusion detection tool. After a learning phase, it is able to detect changes in processes behavior, to detect buffer overflows, etc. It is implemented through a device driver (as a kernel patch) for the Linux kernel, but can also be...
Platforms: *nix
License: Freeware | Size: 245.76 KB | Download (99): ImSafe Download |
GstPUID is a GStreamer element that allows for fingerprint-based detection of music files using MusicDNS/MusicIP and Musicbrainz. It allows for detection of the tracks artist and title based on the audio data only. It works with any file format that is supported by GStreamer. GstPUID is...
Platforms: *nix
License: Freeware | Size: 317.44 KB | Download (99): GstPUID Download |
KMtraceViewer is a graphical user interface for the KMtrace leak detection program. KMtrace is part of the kdesdk package. Whats New in This Release: - fixed installation path of icons (for making them part of the package).
Platforms: *nix
License: Freeware | Size: 399.36 KB | Download (97): KMtraceViewer Download |
passlogd is a purpose-built sniffer for capturing syslog messages in transit. This allows for backup logging to be performed on a machine with no open ports. Useful if your log server is compromised or you dont want to sift through a terabyte of sniffer logs. Passlogd is currently under...
Platforms: *nix
License: Freeware | Size: 8.19 KB | Download (96): passlogd Download |
SID-IDS is a host intrusion detection system. Shell/PTY Intrusion Detection: Aims at detecting unwanted PTY action on UNIX systems. SID-IDS is a Host Intrusion Detection System. Consists of a kernel part and a user part. The kernel part plugs into terminal processing subsystem and logs hashed...
Platforms: *nix
License: Freeware | Size: 59.39 KB | Download (96): SID-IDS Download |
Devialog is a behavior/anomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog. Present log-based IDS: Nearly all present log-based intrusion detection systems operate using a pre-defined known signature base, usually painstakingly created by hand. They...
Platforms: *nix
License: Freeware | Size: 22.53 KB | Download (94): check-ps Download |
SIDEN is a distributed network discovery tool used for intrusion detection research. The current SIDEN architecture allows you to simulate coordinated/distributed network probes by a group of attackers. SIDEN has been tested successfully on the OpenBSD and FreeBSD operating systems. If you try...
Platforms: *nix
License: Freeware | Size: 20.48 KB | Download (94): SIDEN Download |