Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 30.450.364 Times

ourmon 0.29

Company: jimbinkley
Date Added: October 06, 2013  |  Visits: 253


Report Broken Link
Printer Friendly Version

Product Homepage
Download (17 downloads)

Ourmon is a statistically oriented open-source network monitoring and anomaly detection system. It may also be viewed as a flow collection system. Ourmon is based on promiscuous mode packet collection on Ethernet interfaces and typically uses port mirroring via an Ethernet switch. A probe collects packets deemed important and sends internally defined tuples back to a graphics display system which may or may not be on the same host. Ourmon employs more extreme aggregation than netflow. Ourmon does not collect all the packets because one principle design goal is to extract signal from noise, not store all the noise in a giant bag under the assumption that you can peruse it "later" (there is no later). Ourmon also has its own notion of tuples and although it does support a traditional flow tuple, it also uses tuples focused on IP host addresses, and even Layer 7 IRC channels. Ourmon is not shy about looking at Layer 7 data payloads.<br /><br />features:<br /><br /> user defined BPFs for mapping BPF expressions to RRDTOOL graphs. <br /><br /> supplied BPF expressions for some graphs <br /><br /> 256 bytes of each packet captured therefore some L7 info is available <br /><br /> L7 info currently includes some hardwired and efficient tags for things like BitTorrent, Gnutella, or UDP SPIM <br /><br /> IRC tuples are cross correlated with TCP anomaly data which can lead to the identification of botnets <br /><br /> IRC channels are listed and sorted by both "strangeness" and message counts <br /><br /> conventional flow stats are included (TCP/UDP/all/ICMP/top pkts) <br /><br /> top port information is included <br /><br /> top scanner information is included <br /><br /> important anomaly detection features include TCP and UDP port reports and the worm count graph. <br /><br /> Ethernet-based and can be trunk (vlan aggregate) based, understands how to ignore 802.1Q tags <br /><br /> PCRE tags used for traffic characterization with all flows. <br /><br /> IP and DNS blacklists are supported. This means that traffic to/from IP addresses or DNS names known to be evil can be monitored more closely. <br /><br /> An experimental threaded facility is available on BSD and Linux only. This means the front-end can be threaded for packet processing speedup. This only makes sense if you have multiple hardware "cores". We have tested it with FBSD 6.X (and ubuntu linux) on a dual dual-core AMD cpu with an Intel gigabit ethernet card. There is considerable performance improvement when packet loads are mixed (small and large packets). Especially on FBSD. <br /><br /> Event log messages especially for security events are improved in the latest release. <br /><br /> The new version of the UDP port report, has useful attributes for detection of p2p-based hosts as well as an improved UDP work weight which tends to show scanners or p2p hosts as the top systems, else defaults to systems just doing a large amount of UDP packet transfer. Ironically this will usually show enterprise DNS servers!

Requirements: No special requirements
Platforms: *nix, Linux
Keyword: Addresses Aggregation Assumption Channels Collect Design Extract Extreme Giant Layer Netflow Noise Peruse Principle Quotlaterquot Signal Store
Users rating: 0/10

License: Freeware Size: 522.24 KB
3D Graphic Tools  -  PCB Creator 1.0
Easily design 2 to 4 layer printed circuit boards with up to 1000 pins. PCB Creator is based on professional PCB Design software and is very easy to use. You will have your circuit designed and ready for manufacturing in no time. Make your...
55.6 MB  
Communication Tools  -  Email Dog 1.0
Extract emails from files on your PC very fast and store them into a plain text file which can be used by any email program or mass mailer. It can filter what you don't like to be included and removes duplicate emails automatically.
333 KB  
E-Mail Tools  -  Extract Emails 1.6
Extract Emails is intended for extracting email addresses from files and folders located on a PC or on the Internet, it lets you find all email addresses you have on your PC, extract only those of them you need, and place them to a plain-text...
407 KB  
E-Mail Tools  -  Easy Email Extractor
Easy Email Extractor is a handy freeware application which allows you to easily extract email addresses from files, folders and urls. You can extract email addresses from entire folders or hard disks by filtering file extensions to search. Other...
512 KB  
3D Graphic Tools  -  The layer extract plug-in
The layer extract plug-in is a Gimp plug-in that creates a new image/film by periodically extracting layers from another image. It takes one interval (number of sequent layers) every period. The number of periods can be limited. "< Image...
14.34 KB  
Remote Computing Tools  -  WoL-ARP-Mon 2.0.1
WoL-ARP-Mon is a small, easy to use application specially designed to scan a local network for active MAC addresses by sending ARP-Requests out. The MAC Addresses the program will collect are stored and so its easy to send WoL Datagrams out for...
Networking Tools  -  SEO Backlinks Elite Software 1.0
SEO Backlinks Elite is free SEO software for analyzing and collecting backlinks. This tool will help you overcome hurdle of collecting links manually and overcome the limit of search engines of 1000 links. It automatically will collect and extract...
36 KB  
E-Mail Tools  -  Npust email list manager 1.2
Npust email list manager is a high performance list management application that will allow you to manage your email lists faster and easier than ever before. Npust email list manager is freeware for personal use. Commercial use is not...
433 KB  
Miscellaneous  -  PHP Web Stat for Scripts 3.5.08
The PHP Web Stat offers you a highly configurable web tracker and detailed real-time web stat script. You will be able to analyze and monitor all visitors of your website.Features:- requirs no database connectivity- ip recount time can be...
10 KB  
Multimedia & Graphics  -  pdf2djvu for Linux 0.7.0
pdf2djvu software creates DjVu files from PDF files. It's able to extract: graphics, text layer, hyperlinks, document outline (bookmarks), and metadata.
204.8 KB  
Linux Software  -  Polling Autodialer Software 3.4
ICTBroadcast Auto Dialer software has a survey campaign for telephone surveys and polls. This auto dialer software automatically dials a list of numbers and asks them a set of questions that they can respond to, by using their telephone keypad....
488 B  
Linux Software  -  Total Video Converter Mac Free 3.5.5
Total Video Converter Mac Free developed by EffectMatrix Ltd is the official legal version of Total Video Converter which was a globally recognized brand since 2006. Total Video Converter Mac Free is a free but powerful all-in-one video...
17.7 MB  
Linux Software  -  Skeith mod_log_sql Analyzer 2.10beta2
Skeith is a php based front end for analyzing logs for Apache using mod_log_sql.
47.5 KB  
Linux Software  -  SLAX 6.0+
Slax is a modern, portable, small and fast Linux operating system with a modular approach and outstanding design. Despite its small size, Slax provides a wide collection of pre-installed software for daily use, including a well organized graphical...
190 KB  
Linux Software  -  GTK+ 2.5
GTK+, which stands for the GIMP Toolkit, is a library for creating graphical user interfaces for the X Window System. It is designed to be small, efficient, and flexible. GTK+ is written in C with a very object-oriented approach. Language bindings...
60 MB  
Utilities  -  LPAR2RRD 4.95-4
LPAR2RRD collects performance data and generates actual, historical and future trends utilization graphs of your virtual environment. It is agentless (it receives everything from the management stations like vCenter or HMC). The product supports...
2.25 MB  
Utilities  -  Nessconnect 1.0.2
Nessconnect is a GUI, CLI and API client for Nessus and Nessus compatible servers. With an improved user interface, it provides local session management, scan templates, report generation through XSLT, charts and graphs, and vulnerability trending.
819.2 KB  
Utilities  -  Dynamic Power Management 2.6.16
The Dynamic Power Management (DPM) project explores technologies to improve power conservation capabilities of platforms based on open source software. Of particular interest are techniques applicable to running systems, adjusting power parameters...
30.72 KB  
Utilities  -  Ethernet bridge tables
Ethernet bridge tables - Linux Ethernet filter for the Linux bridge. The 2.4-ebtables-brnf package contains the ebtables+bridge-nf patch. Be sure to check out the ebtables hp. This site also contains the arptables userspace tool.
40.96 KB  
Utilities  -  SaraB 1.0.0
SaraB works with DAR (Disk ARchive) to schedule and rotate backups on random-access media (i.e. hard drives, CDs, DVDs, Zip, etc. Basically anything except magnetic tapes.) This reduces hassle for the administrator by providing an automatic backup...
20.48 KB