(Page 3 of 26)   < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >

Category: Auditing » Log Analysis

kojoney
Added 2005-07-31
by Jose Antonio Coret
Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries. Reporting tools are distributed with the daemon.

Netfilter2html
Added 2005-05-10
by Rodrigo P. Telles
netfilter2html is a script wrote using GAWK to process netfilter logs and generate a nice HTML output. GAWK is faster to process text files, it can process 100.000 text lines in a few seconds.

fwlogsum
Added 2005-05-10
by Peter Sundstrom
fwlogsum produces a summary report of FW1 logs. It supports all versions of FW1.

Basic Analysis and Security Engine (BASE)
Added 2004-11-12
by Kevin Johnson and the BASE team
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.

Maillog View
Added 2004-11-01
by Angelo 'Archie' Amoruso
Maillog View is a Webmin module that allows you to easily view all your /var/log/maillog.* files. It features autorefresh, message size indication, ascending/descending view order, compressed file support, and a full statistics page. Sendmail, Postfix, Exim, and Qmail (partially) are supported. Courier MTA support is experimental.

BBclone
Added 2004-07-15
by wavman
BBclone is a PHP Web counter on steroids which displays individual logs as well as aggregated data. It is a clone of Big Brother webstats, except that it is written in PHP and it relies only on flat files (no database needed). BBclone enables any Web site administrator to have a very precise view of who visit the website: OS, browser, date, referring page etc. Main features include reload resistance, hostname resolution, proxy workaround, and blacklist.

Ettercap
Added 2004-07-05
by ALoR
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.

LogMonitor
Added 2004-05-26
by Adam Richard/SÚcurIT Informatique Inc.
LogMonitor is a log analysis console. It is 75% based on LogIDS, excepted for the GUI which is a complete makeover. Instead of focusing on network location, LogMonitor presents the data in a set of floating windows grouped by application, which may be a more intuitive interface to some people. The analysis is performed by defining the fields of each log we are monitoring, and then by using these fields to define rules as to what is important data or not.

php-syslog-ng
Added 2004-05-21
by mearls
php-syslog-ng is a frontend for viewing syslog-ng messages logged to MySQL in realtime. It features customized searches based on device, priority, and date.

fwlogwatch
Added 2004-04-26
by Boris Wesslowski
fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX, Windows XP, and Snort IDS log files. It can output its summaries in text and HTML, and it has a lot of options. fwlogwatch also features an interactive incident report generator and realtime anomaly response capability with a Web interface and internationalization.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus