|
(Page 7 of 16) < Prev 2 3 4 5 6 7 8 9 10 11 12 Next > Platform: HP-UX Snort Added 2002-04-10 Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a seperate "alert" file, or as a WinPopup message via Samba's smbclient. NetSaint Added 2002-03-18 NetSaint is a program that will monitor hosts and services on your network. It has the ability to email or page you when a problem arises and when a problem is resolved. Several CGI programs are included in order to allow you to view the current service status, problem history, notification history, and log file via the web. The EDDIE Tool Added 2002-03-12 The EDDIE Tool is a system monitoring, security, and performance analysis tool developed entirely in Python. Its key features are portability, powerful configuration, and ease of expansion. Squid Added 2002-03-04 Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid supports SSL, extensive access controls, and full request logging. By using the lightweight Internet Cache Protocol, Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings. Squid consists of a main server program squid, a Domain Name System lookup program dnsserver, some optional programs for rewriting requests and performing authentication, and some management and client tools. When squid starts up, it spawns a configurable number of dns server processes, each of which can perform a single, blocking Domain Name System (DNS) lookup. This reduces the amount of time the cache waits for DNS lookups. libdnet Added 2002-01-28 libdnet provides a simplified, portable interface to several low-level networking routines, including network address manipulation, kernel arp(4) cache and route(4) table lookup and manipulation, network firewalling, network interface lookup and manipulation, and raw IP packet and Ethernet frame transmission. Arpwatch Added 2002-01-25 Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch uses libpcap, a system-independent interface for user-level packet capture. Before building tcpdump, you must first retrieve and build libpcap, also from LBL, in: ftp://ftp.ee.lbl.gov/libpcap-*.tar.Z. Sec - simple event correlator Added 2002-01-08 Sec is a free and platform independent event correlation tool that was designed for network and application management, but it can be applied for solving any other task where similar event correlation operations are relevant. Sec reads lines from a file, named pipe or standard input, and matches the lines with regular expressions to recognize input events. Events are then correlated according to the rules in configuration file, producing output events by executing user-specified shell commands. By using utilities like snmptrap(1) or snmpnotify(1), sec can be configured to generate network management events as output. Since sec uses powerful regular expression concept for matching input and also supports named pipes as input files, it can not merely be used for matching events from a single logfile, but also for more general purposes. You can integrate sec with arbitrary network management (or other) application, provided that output from that application can be directed to a named pipe. Most modern network management platforms provide means for redirecting their event stream, and example program for HP OpenView ITO is included in the sec package. TransConnect Added 2001-12-28 TransConnect is an implementation of function interposing to allow users on *nix platforms to transparenly tunnel all networking applications over an HTTPS proxy. It has been extensively tested with telnet, SSH, fetchmail, IRC, whois, Pine, Netscape, Mozilla, Evolution, etc. over squid proxy. fsh Added 2001-12-27 fsh uses lsh or ssh to establish a secure tunnel to the remote system. This takes as long as a normal connection establishment, but once the tunnel is established, fsh can reuse it to start new sessions on the remote system almost instantaneously. You get the security of ssh and the speed of rsh. NOCOL Added 2001-12-10 NOCOL (Network Operation Center On-Line) is a network monitoring package that runs on Unix platforms. It can monitor various network variables such as ICMP or RPC reachability, nameservers, ethernet load, port reachability, host performance, SNMP traps, modem line usage, appletalk & novell routes and services, BGP peers, etc. The software is extensible and new monitors can be added easily. Browse by category |
|
|
Privacy Statement |
