(Page 4 of 12)   < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >

Category: Intrusion Detection » Network

Tiny Honeypot
Added 2003-05-26
by George Bakos
Tiny Honeypot (thp) is a simple honey pot program based on iptables redirects and an xinetd listener. It listens on every TCP port not currently in use, logging all activity and providing some feedback to the attacker. The responders are entirely written in Perl, and provide just enough interaction to fool most automated attack tools, as well as quite a few humans, at least for a little while. With appropriate limits (default), thp can reside on production hosts with negligible impact on performance.

labrea
Added 2003-02-18
by Tom Liston
labrea is a program that creates a "sticky honeypot" by taking over unused IP addresses on a network and creating virtual machines that answer to connection attempts. labrea answers those connection attempts in a way that causes the machine at the other end to get "stuck", sometimes for a very long time.

Demarc PureSecure
Added 2002-09-16
by DEMARC Security
Instead of having one program perform file integrity checks, another program monitoring the connectivity and health of your network, and yet another monitoring your network for intrusion detection attempts, Demarc PureSecure combines all these services into one powerful client/server program. Not only can you monitor the status of the different machines in your network, but you can also respond to changes in your network all from one centralized location. Security is already a full time job in any network, and the burden of monitoring the reports from multiple programs across dozens of servers can result in information overload. The human mind can only process so much data at any given time before it simply becomes too much to analyze. Demarc PureSecure centralizes the reporting and analysis for the entire network which allows you to more easily weed out the important data from the superfluous background noise, thereby targeting your efforts where they really belong.

single-honeypot
Added 2002-08-09
by Luis Wong
single-honeypot simulates many services like SMTP, HTTP, shell, and FTP. It can show many different faces, including those of Windows FTP systems, Windows SMTP systems, different Linux distributions, and some Posix distributions.

HenWen
Added 2002-07-02
by Nick Zitzmann
HenWen is a network security package for Mac OS X that makes it easy to configure and run Snort, a free Network Intrusion Detection System (NIDS). HenWen's goal is to simplify setting up and maintaining software that will scan network traffic for undesirable traffic a firewall may not block. Everything you need to have is bundled in; there is no compiling or command line use necessary. HenWen is available in English and German.

Poor Man's IDS
Added 2002-05-17
by red0x
Poor Man's IDS is a couple of scripts which check certain files on your host (any you like) for changes in content, ownership, and mode. Instead of only mailing if something is wrong (like other IDSs), this lean IDS will send you a daily (or weekly or hourly, depending on how you set-up your cron job) security audit, containing details of what it found (if anything).

WhiteHat Arsenal
Added 2002-04-23
by WhiteHat Security, Inc.
WHArsenal is designed to be the next generation of professional web security audit software. Architected from the ground up to be a generic web application security productivity tool, WHArsenal gives security professionals and web developer's access to the tools they need to make the job securing web applications faster and easier. WHArsenal possesses a powerful suite of GUI-Browser based web security tools. These endowments make WHArsenal capable of completing painstaking web security pen-test work considerably faster and more effectively than any of the currently available tools.

Snort
Added 2002-04-10
by Martin Roesch, roesch@clark.net
Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a seperate "alert" file, or as a WinPopup message via Samba's smbclient.

NetSPoc (Network Security Policy Compiler)
Added 2002-04-08
by Heinz Knutzen
The Network Security Policy Compiler (NetSPoC) is a tool for security management of large computer networks with different security domains. It generates configuration files for packet filters controlling the borders of security domains. It provides its own language for describing security policy and the topology of a network. The security policy is a set of rules that state which packets are allowed to pass the network and which are not. NetSPoC is topology aware; a rule for traffic from A to B is automatically applied to all managed packet filters on the path from A to B.

Quarantine firewall
Added 2002-03-26
by Phil Cyc
Quarantine is yet another firewall that has masquerade, TOS, and experimental traffic-shaping features. It has a lot of options, but is quite easy to configure. It was formerly known as Netwall.

Search Tools
Keyword:
Platform:
Category:
Browse by category
Auditing
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Sniffers
Recovery
Passwords
Utilities
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
Authentication
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Replacement
Libraries, Applications
Programming
Libraries
Cryptography
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Rootkits
Secure Deletion
Hardening
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


 

Privacy Statement
Copyright 2010, SecurityFocus