Snort

Webminstats is a basic system static logging application that graphs the results. Its first use is system analysis. Currently it uses webmin as a base web server and tools package. The basic design is for a system that can have modules add and removed as easily as webmin itself, well almost....

Mudpit is an intelligent, modular, and reliable spool processor for Snorts unified format. Whats New in This Release: - This release adds per-spool configuration variables for SID/Gen map, reference, and class files. - It improves the logging system, which will log at appropriate priorities....

Cryptcat is the standard netcat enhanced with twofish encryption with ports for WIndows NT, BSD and Linux. Twofish is courtesy of counterpane, and cryptix. TCP/IP swiss army knife extended with twofish encryption - Cryptcat is a simple Unix utility which reads and writes data across network...


Platforms: *nix

Firestorm is an extremely high performance network intrusion detection system (NIDS). At the moment it just a sensor but plans are to include real support for analysis, reporting, remote console and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible. Firestorm...


Platforms: *nix

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system. BASE is a web interface to perform analysis of...


Platforms: *nix

STD is a Linux-based Security Tool. Actually, it is a collection of hundreds if not thousands of open source security tools. Its a Live Linux Distro, which means it runs from a bootable CD in memory without changing the native operating system of the host computer. Its sole purpose in life is to...


Platforms: *nix

Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML and XML, or to monitor firewalling logs in real-time. This project is part of the WallFire project, but can be used independently. Usage examples: wflogs -i netfilter -o html...


Platforms: *nix

pdumpq provides a pcap Dump for Linux/Netfilter QUEUE. pdumpq can be used to take queued packets from netfilter/iptables and dump them to a file that decoders like tcpdump, ethereal, and snort can read. You can also just pipe it through to the packet decoder and see what is in those packets...


Platforms: *nix

Linux on the WRT54G is a mini-distribution for the router and access point Linksys wrt54g 802.11b/g It includes basic tools such as sh, syslog, telnetd, httpd (with cgi-bin support), vi, snort, mount, insmod, rmmod, top, grep, find, nfs modules, etc. The installation script runs in about 20...


Platforms: *nix

The Port Scan Attack Detector (psad) is a collection of three system daemons that are designed to work with the Linux Netfilter firewalling code to detect port scans and other suspect traffic. Port Scan Attack Detector project features a set of highly configurable danger thresholds (with...


Platforms: *nix

LooperNG is an intelligent event routing daemon. Primarily used for Network Management, this application can be used to accomplish a variety of tasks related to logging and alerting. It is a modularised, rules-based event routing system that is flexible and easy to use. It is primarily deployed...


Platforms: *nix

logsends main goal is to provide an easy way of receiving e-mail notifications about the changes to the systems (log) files, which makes it suitable for watching mainly the server activity. Logsend acts like a daemon; it watches the specified files and mails the changes (additions) to your...


Platforms: *nix

Logrep is a secure multi-platform framework for the collection, extraction, and presentation of information from various log files. It features HTML reports, multi dimensional analysis, overview pages, SSH communication, and graphs, and supports over 30 popular systems including Snort, Squid,...


Platforms: *nix

The Bait and Switch Honeypot is a multifaceted attempt to take honeypots out of the shadows of the network security model and to make them an active participant in system defense. To do this, we are creating a system that reacts to hostile intrusion attempts by redirecting all hostile traffic...


Platforms: *nix

glFlow is a (D)DoS logger written with speed in mind. glFlow detects attacks on high speed links through real-time flow aggregation and analysis. What do I run it on ? It was written on FreeBSD and tested on both FreeBSD and Linux. It should work on any OS to which libpcap and OpenSSL were...


Platforms: *nix

WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and...


Platforms: Windows

BASE+ (Basic Analysis and Security Engine) is based on ACID project. This application provides a web front-end to query and analyze the alerts coming from various IDS systems (e.g. Snort).


Platforms: Windows, Mac, Linux

A Java-based client-server architecture for processing network intrusion detection data. The server receives XML alerts from Snort sensors buffers them for review by clients. The console provides a real-time view of IDS activity.


Platforms: Windows, Mac, Linux

This toolkit will provide seemless backend support for multiple Firewall and IDS systems deployment. The initial release will only support Snort and FreeBSD's ipfw, but future releases will expand the firewall selection. The main code is Python,


Platforms: Mac, BSD, Linux

Welcome to the Php-Logging-System website. Phpsyslog is a log analyzer written in php. It allows an administrator to monitor and search for logs saved in a centralized mysql database. There are several modules that allow you to monitor logs from many different applications, each with their own...


Platforms: PHP