< Prev 1 2 3 4 5 6 7 8 9 10 11 Next >
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop information about specified directories and files in a manner conducive to intrusion analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.
mysqlIPM is a Web-based IP address, router, firewall, and quality of service manager. It includes provisions for MAC hardware addresses, and tftp files for router backup.
radmind is a suite of Unix command-line tools and a server designed to remotely administer the file systems of multiple Unix machines. At its core, radmind operates as a tripwire. It is able to detect changes to any managed filesystem object, e.g. files, directories, links, etc. However, radmind goes further than just integrity checking: once a change is detected, radmind can optionally reverse the change. Each managed machine may have its own loadset composed of multiple, layered overloads. This allows, for example, the operating system to be described separately from applications. Loadsets are stored on a remote server. By updating a loadset on the server, changes can be pushed to managed machines.
Fast Logging Project for Snort
FLoP is designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database (PostgreSQL and MySQL are supported). On the sensor, the output is written via a Unix domain socket to a process called sockserv. This process is threaded; one receives and buffers the alert packets, and the other thread forwards them to a central server. With this approach, the output is decoupled from Snort, which can proceed in sniffing instead of waiting for the output plugins. At the central server, a process called servsock gathers all alerts from the remote sensors and feeds them via a Unix domain socket to the database. All alerts are buffered to avoid blocking due to a hanging database access (or a slow network on the senor side). A short description of alerts with high priority together with the database ID can be sent via email to a list of recipients.
C-Kermit is a combined serial and network communication software package offering a consistent, medium-independent, cross-platform approach to connection establishment, terminal sessions, file transfer, character-set translation, numeric and alphanumeric paging, and automation of communication tasks. Recent versions include FTP and HTTP clients as well as an SSH interface, all of which can be scripted and aware of character-sets. It supports built-in security methods, including Kerberos IV, Kerberos V, SSL/TLS, and SRP, FTP protocol features such as MLSD, and source-code parity with Kermit 95 2.1 for Windows and OS/2.
Network Packet Capture Facility for Java
Network Packet Capture Facility for Java is a set of Java classes that provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. It utilizes libpcap, a widely used system library for packet capture.
mysqlRadiusd is a RADIUS daemon based on the 1.6.6 Cistron distribution and the mySQL patches that has been modified for use with the mysqlISP GPL ISP management software system. It is very stable and can handle large ISPs easily while pumping mass accounting records into mysqlRadacct subsystem at a tremendous rate from even multi-server clusters.
MailScanner is an Email virus scanner and spam tagger. It supports sendmail and Exim MTAs, and the Sophos, McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan 4.x, Kaspersky, RAV, and Panda anti-virus scanners. It supports SpamAssassin for highly successful spam identification. It is specifically designed to handle Denial Of Service attacks. It is very easy to install, and requires no changes at all to your sendmail.cf file. It is designed to be lightweight, and won't grind your mail system to a halt with its load. It can be integrated into any email system, regardless of the software in use.
GKrellM is a GTK-based stacked monitor program that charts SMP CPUs, disks, load, active net interfaces, and internet connections. There are also builtin monitors for memory and swap, file systems with mount/umount feature, mailbox checking including POP3 and IMAP, clock/calendar, laptop battery, sensors (temperatures, voltages, and fans), and uptime. It has LEDs for the net monitors and an on/off button and online timer for PPP. There is a GUI popup for configuration, plugin extensions can be installed, and many themes are available. It also features a client/server monitoring capability.
Animail is a multiserver POP3/APOP/IMAP4Rev1 (with or without SSL) mail retrieval utility. It features an advanced filtering system based on blacklisting, whitelisting, or a combination of both. It is possible to send an autoresponse which prompts people to reply and add themselves to the 'autoaccept' file. It also allows filters based on a regular expression which matches against the email headers. (If a message is filtered, only the header is downloaded, not the entire body.) Animail also features download ordering options. For example, you can configure it to download the smaller messages first. Different delivery options are available, including mailbox, maildir, local SMTP, and pipe to command.
Browse by category