(Page 3 of 5)   < Prev  1 2 3 4 5  Next >

Category: Auditing » Network » IDS

SwitchSniffer
Added 2005-11-30
by Gordon Ahn
1. Overview SwitchSniffer is a program that can scan your switched LAN for up hosts and can reroute and collect all packets without the target users' recognition. It can also detect the ‘arpspoofer’ program running on the network and block user definable sessions like firewall. If you use this program in tandem with any sniffer program, you can capture and see the users’ IDs and passwords on a switched network. 1.1 features: -. It can pull and collect all the packets on the LAN. -. It can scan and show the active hosts on the LAN within a very short time. -. While spoofing ARP tables, it can act as another gateway (or ip-forwarder) without other users' recognition on the LAN. -. It can collect and forward packets by selecting inbound, outbound, and both to be sent to the Internet. -. An ARP table is recovered automatically in a little time (about 30 seconds). But, this program can keep spoofing continuously with a periodic time. -. Although one or more network interface cards are installed on a computer, this program can scan and spoof by selecting one of NICs. -. It can get traffic information about the amount of data transferred to and from the internet including I session information. -. It can detect which computer is running an arpspoofer program on the local network. -. It can scan all hosts automatically on the network. -. It has a feature which filters or blocks sessions, local hosts and remote hosts. -. No more installation of winpcap driver. 1.2 Benefits: -. It can find out the hidden hosts on local area network. -. It can check out if abnormal hosts are connected on the wireless network. -. It protect your network from abnormal users. -. It can check out if there are abnormal packets on the local network. -. It can view users/passwords, chat sessions and web sessions etc., on the switch network by other application. 2. System Requirement 2.1 Local : Windows nt4/2000/xp/2003, 25MB free main memory, Network adapter which supports promiscuous mode. Remote : All computers including network devices must support Ethernet 3. Reference http://www.nextsecurity.net/

Collapse Web Application Scanner
Added 2005-11-23
by Syhunt Security Team
Collapse, a free tool from Syhunt, allows web administrators to perform aggressive and comprehensive scans of an organization's web server to isolate vulnerabilities and identify security holes. The Collapse scanner requires basic inputs such as host names and port numbers to scan a complete web site and test all the web applications for security vulnerabilities. This new version includes several user-requested enhancements as well as some bugfixes.

SwitchSniffer
Added 2005-11-08
by Gordon Ahn
1. Overview SwitchSniffer is a program that can scan computers alive and can pull, collect all packets and can route them without other users' recognition on the LAN. It can also detect arpspoofer program running on the network and block sessions like firewall. If you run this program and any sniffer program, you can even get and see all user ids/passwords on the switch network. 1.1 Features -. It can pull and collect all the packets on the LAN. -. It can scan and show the active hosts on the LAN within a very short time. -. While spoofing ARP tables, it can act as another gateway (or ip-forwarder) without other users' recognition on the LAN. -. It can collect and forward packets by selecting inbound, outbound, and both to be sent to the Internet. -. An ARP table is recovered automatically in a little time (about 30 seconds). But, this program can keep spoofing continuously with a periodic time. -. Although one or more network interface cards are installed on a computer, this program can scan and spoof by selecting one of NICs. -. It can get traffic information about the amount of data transferred to and from the internet including I session information. -. It can detect which computer is running an arpspoofer program on the local network. -. It can scan all hosts automatically on the network. -. It has a feature which filters or blocks sessions, local hosts and remote hosts. -. No more installation of winpcap driver. 1.2 Benefits: -. It can find out the hidden hosts on local area network. -. It can check out if abnormal hosts are connected on the wireless network. -. It protect your network from abnormal users. -. It can check out if there are abnormal packets on the local network. -. It can view users/passwords, chat sessions and web sessions etc., on the switch network by other application. 2. System Requirement Local : Windows nt4/2000/xp/2003, 25MB free main memory, Standard network adapter, LAN Connection (adapters supporting promiscuous mode) Remote : All computers including network devices

DNSDoSTester
Added 2005-09-28
by Ekrem ORAL
dns server DOS test utility dnsdostester, Ultra fast winpcap based DNS Server query utility. You can send random A (host address) queries to a specified DNS Server. Source IP address spoofable, so requests sent to server totally anonymous. Please do not abuse this utility, Use at your own risk.

Prelude Hybrid IDS Framework
Added 2005-09-21
by Yoann Vandoorselaere
Prelude is a Hybrid IDS framework, that is, a product enabling all security applications, be it open-source or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using a unique language.

kojoney
Added 2005-07-31
by Jose Antonio Coret
Kojoney is a low level interaction honeypot that emulates an SSH server. The daemon is written in Python using the Twisted Conch libraries. Reporting tools are distributed with the daemon.

MudPit
Added 2003-07-28
by Gene Savchuk
MudPit is a spool processor for the Snort intrusion detection system. It is similar to the Barnyard project, but is able to process both log and alert streams at the same time. It is simple, modular, and reliable.

Ids 2 Pix
Added 2003-07-08
by Chris Tsobanoglou
ds2Pix works in conjunction with Snort, an open-source lightweight Intrusion Detection System (IDS) which allows automated blocking of the offending Ip(s) to the Cisco(tm) Pix firewall.

Tiny Honeypot
Added 2003-05-26
by George Bakos
Tiny Honeypot (thp) is a simple honey pot program based on iptables redirects and an xinetd listener. It listens on every TCP port not currently in use, logging all activity and providing some feedback to the attacker. The responders are entirely written in Perl, and provide just enough interaction to fool most automated attack tools, as well as quite a few humans, at least for a little while. With appropriate limits (default), thp can reside on production hosts with negligible impact on performance.

Viper IDS
Added 2003-03-27
by Joshua Jackson
The Viper IDS is an IDS sensor that can be used stand-alone or as an add-on to the Wolverine Firewall and VPN server. It can log all alert information to a remote MySQL database that can be analyzed by applications such as ACID, or can be used with Wolverine to provide real-time responses to potential threats by dynamically adjusting perimeter firewall rule sets. It uses Snort for attack signature detection.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus