(Page 2 of 5)   < Prev  1 2 3 4 5  Next >

Category: System Security Management » Monitoring

Log 2 Google Earth
Added 2006-07-26
by Bytesman
Visualize any logfile (firewall / apache you name it) in near realtime on Google Earth. See where you traffic is coming and going to.

Astral III
Added 2006-06-11
by Black List Software
This version of Astral is easy to use and equipped to contribute to the process of tap and trace. Capable of correlating the dump by frame id, sequence number, protocol, ethertype, IP address, or simply view the entire capture. Record each step of the trace, in order to preserve the most accurate timeline possible. Set a unique username and password, in order to deny unauthorised access to the trace logs. Take a snapshot of all local traffic using a dialup, ethernet, or wireless network adapter. Developed for the Microsoft Windows NT platform. WinPcap 3.1 or better is required.

Aeer Ports Statistics Viewer (Open Source)
Added 2006-05-25
by Nima Bagheri
Aeer Ports Statistics Viewer “Aeer” is name of a Tree in Persian Country ( Egypt ) Introduction =========== Ports statistics is utility that shows protocol statistics and current TCP/IP - UDP/IP network connections. This tool shows all open ports found on the current machine. Each open port represents a service/application; if one of these services can be 'exploited', the hacker could gain access to that machine. Therefore, it's important to close any port that is not needed. Ports statistics shows these properties fields including: Pid (Global process identifier that you can use to identify a process. The value is valid from the time a process is created until it is terminated. ) Port Number (Local port number connections.) Port Type (TCP/UDP) Processes (Contains Processes Names.) Host Address (Host IP Address.) Remote Port (Remote port number.) Status Port Processes File (Show Path to the executable file of the process. Example: C:\WINDOWS\EXPLORER.EXE. ) File Length (This is the length of Processes file names. This method Block the windows file spoofing (WFS) trick. For more see http://www.rootkit.com/newsread_print.php?newsid=486.) Processes Start Time (obtains timing information about a specified process.) Processes Running Level (Returns the user name and the domain name under the owner of this process.) SID (Returns the security identifier descriptor for this process.) Processes Command Line (Command line used to start a specific process, if applicable. This property is new for Windows XP. For example if attacker exactable telnet process like this: Telnet 127.0.0.1 12345.) Aeer’s Download Link: https://www.rootkit.com/vault/neocrackr/Aeer.rar E-mail: Thecrackers_group <>at<> yahoo <>dot<> ca THE CRACKERS GROUP INC 2006 (C) , Nima Bagheri

SwitchSniffer
Added 2006-05-20
by Gordon Ahn
>>> Overview SwitchSniffer is a program that can scan your switched LAN for up hosts and can reroute and collect all packets without the target users' recognition. It can also detect the ‘arpspoofer’ program running on the network and block user definable sessions like firewall. If you use this program in tandem with any sniffer program, you can capture and see the users’ IDs and passwords on a switched network. That is, SwitchSniffer enables you to monitor all the packets and all the hosts on a switch network. >>> SwitchSniffer has the following features: SwitchSniffer can poll and collect all the packets on the switched LAN. SwitchSniffer can scan and display the active hosts on the LAN quickly, and automatically. While spoofing ARP tables, SwitchSniffer can act as another gateway (or ip-forwarder) without other users' recognition on the LAN.' It can collect and forward packets by selecting inbound, outbound, and both to be sent to the Internet. An ARP table is recovered automatically in about 30 seconds. But, SwitchSniffer can keep spoofing continuously by updating the target computer’s ARP table more frequently. If one or more network interface cards are installed on a computer, you can choose which NIC you would like SwitchSniffer to scan and spoof through. SwitchSniffer can display information about the amount of data transferred to and from the internet. SwitchSniffer can detect if any computer on the LAN is running an ‘arpspoofer’ program. SwitchSniffer can filter: sessions, local hosts, and remote hosts. The installation of the ‘winpcap’ driver is not necessary for SwitchSniffer. SwitchSniffer can manage the local hosts based on MAC Address. SwitchSniffer can act as a plug-and-played router. SwitchSniffer can export the data of view into an excel file. >>> SwitchSniffer has the following benefits: SwitchSniffer can find the hidden hosts on the LAN, which is not found by IP-Scanners. SwitchSniffer can find if abnormal hosts are connected to your wireless network. SwitchSniffer protects your network from abnormal users. SwitchSniffer can check if there are abnormal packets on the LAN. SwitchSniffer allows you to capture user IDs, passwords, chat sessions and web sessions etc., on the switched network through the use of a sniffer application. SwitchSniffer can block the local hosts based on MAC Address. SwitchSniffer can resolve the problem of IP Collision. SwitchSniffer can find out the country name by ip address on remote. SwitchSniffer enables you to monitor all the packets on a switch network.

arpcheck-1.8
Added 2006-05-19
by Stefan Behte
arpcheck checks /proc/net/arp for MAC/IP combinations and compares them to a static or dynamic MAC list. If something does not fit, you'll get an alarm which will also be logged. You can also run custom scripts/commands like adding iptables rules and so on. This is very useful, if you're using the tool on a router with multiple interfaces (e.g. WAN, LAN, DMZ) and want to check if anyone from your clients is evil and does some arpspoofing (mitm) or changes his IP.

OSSEC
Added 2006-05-12
by Daniel B. Cid
OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.

FileMonService
Added 2006-05-10
by Young-il Kim(CISA,CISSP)
Windows File Monitor Service : created, changed, deleted, renamed and created-auto-removed on DotNet(.NET)

darc - Distributed Aide Runtime Controller
Added 2006-04-24
by Jacob Martinson
darc is a multi-threaded Python application designed for managing AIDE installations in large heterogeneous networks. It provides centralized database management, unified reporting, and eliminates the need to maintain Aide databases and binaries on read-only media.

FireMon
Added 2006-03-27
by Secure Passage
FireMon, is an Enterprise Security Management application that provides visibility to and control of network changes, configurations, and performance. Designed as a security tool, FireMon monitors configurations, evaluates configuration effectiveness, and alerts administrators to changes in configurations. FireMon controls devices by implementing intelligent device information processing and combining it with input from technical experts and customer requirements. FireMon meets key needs of security professionals, particularly security managers, auditors, security administrators, and network professionals with security concerns.

Virtual Screen Spy
Added 2006-03-23
by Virtual Software LTD
Virtual Screen Spy is a computer surveillance utility that performs continuous screen capture. Similar to a surveillance camera, Virtual Screen Spy captures images of your computer screen. Virtual Screen Spy takes a screenshot of the monitored windows user as selected in the screen capture control panel. The snapshots will be taken continuously every several seconds (adjustable), while being undetected by the monitored users. Virtual Screen Spy supports both English and French.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus