< Prev 6 7 8 9 10 11 12 13 14 15 16 Next >
Category: Intrusion Detection
IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon and intrusion detection system. It ships with a pam module, apache module, tcp wrapper replacement, system logger replacement and execv preload library. These components can be used to gather and integrate information as well as deny suspicous actions when they are attempted.
NetSaint is a program that will monitor hosts and services on your network. It has the ability to email or page you when a problem arises and when a problem is resolved. Several CGI programs are included in order to allow you to view the current service status, problem history, notification history, and log file via the web.
IDScenter is a panel for controlling, managing and auditing SNORT IDS for WIN32. It supports all the functions of snort.panel by XATO. New Features: IP/Interface detection, Alarm sound (WAV/Beep), Implemented log viewer, EXE-File start on alert...
Paranoia Iptables Firewall
Paranoia Iptables Firewall is a firewall designed specifically for standalone computers in insecure networks such as campus LANs and co-location facilities. It is modular and easy to update at runtime without the need to flush the entire firewall-ruleset. The last last update time for modules is cached, allowing altered rulesets to be reloaded easily. Portscan detection and rate-limiting SYNs are supported. A good mechanism for IP/port-based ACLs is employed. A single file listing the allowed connections for every open port/portrange is required. MAC-addresses for LAN connections can be checked against corresponding IP-addresses. Optional basic NAT support is included.
A TCP/UDP port listener. You provide a list of ports to listen on and the program will notify you when a connection or data arrives at the port(s). Can minimize to the system tray and play an audible alert. This program is intended to act as a guard dog to notify you of attempted probes to your computer via the Internet.
SnortConf is a tool that provides a fairly intuitive menu-based text interface for setting up the GPL IDS tool Snort. It also provides error and sanity checking on user input, and an online help facility.
fwmon is a firewall monitor for Linux. It integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and operate in a non-root environment.
fport reports all open TCP/IP and UDP ports and maps them to the owning application. fport requires the usage of psapi.dll. On Windows NT, psapi.dll must be in the same dir, or path, as fport. For Windows 2000, this is not the case, since the system contains the .dll. The program contains five (5) switches that allow you to sort by application, process ID, application path, port, and display help.
AIDE (Advanced Intrusion Detection Environment)
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.
Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch uses libpcap, a system-independent interface for user-level packet capture. Before building tcpdump, you must first retrieve and build libpcap, also from LBL, in: ftp://ftp.ee.lbl.gov/libpcap-*.tar.Z.
Browse by category