|
(Page 8 of 25) < Prev 3 4 5 6 7 8 9 10 11 12 13 Next > Category: Intrusion Detection AstroFlowGuard Bandwidth & Security Management Added 2003-11-28 AstroFlowGuard is a Linux-based bandwidth manager, stateful firewall, intrusion detection system, and VPN server. With its user-friendly interface, automatic failover, and smart recovery system, it is the complete tool for anyone wanting to manage bandwidth and network security. It uses a hierarchical class-based system which provides a logical, intuitive view of network classes along with their priorities. It has the ability to manage P2P applications such as Kazaa and the like, manage firewall and bandwidth by time of the day, precedence, strings in any packet, and much more. Diagnose your network by powerful reporting tools that drill down to IP, port, and protocol level with graph and pie charts. It is a self-contained system that offers simple installation by means of a bootable CD and ease of use via a Web based GUI. Local Area Security Linux Added 2003-11-19 Local Area Security has released the 0.4 MAIN of their 'live CD' security toolkit which fits on a 185MB miniCD. With full Fluxbox desktop and over 250 security related tools encompassing pen testing, forensics, administration, monitoring, etc. Many additions and fixes have been made since the beta version. Along with the addition of the 'toram' boot option which allows it to be run entirely from RAM. Bait and Switch Honeypot System Added 2003-10-01 The Bait and Switch Honeypot System combines the snort Intrusion Detection System (IDS) with honeypot technology to create a system that reacts to hostile intrusion attempts by marking and then redirecting all "bad" traffic to a honeypot that partially mirrors your production system. Once switched, the would-be hacker is unknowingly attacking your honeypot instead of the real data, while your clients and/or users are still safely accessing the real system. Life goes on, your data is safe, and you get to learn about the bad guy as an added benefit. ACID-XML Added 2003-09-29 ACID XML is a stand alone application that can read and parse snort xml logs. It was inspired by ACID, but was designed so you can get up and running quickly with your logs rather than spending hours getting ACID requirments together and working.it uses QT and expat and it is fully open source. Saint Jude, Linux Kernel Module Added 2003-09-23 Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits. OpenVPN Added 2003-08-06 OpenVPN is a robust and highly configurable VPN (Virtual Private Network) daemon which can be used to securely link two or more private networks using an encrypted tunnel over the Internet. OpenVPN's principal strengths include wide cross-platform portability, excellent stability, support for dynamic IP addresses and NAT, adaptive link compression, single TCP/UDP port usage, a modular design that offloads most crypto tasks to the OpenSSL library, and relatively easy installation that in most cases doesn't require a special kernel module. wIDSard Added 2003-07-10 wIDSard is a host-based Intrusion Detection System for i386 Linux platform. It intercepts, at user level, system calls specified in a configuration file written by the user. A finite-state automata is used to trace the monitored process. A regular expression based language is used to write the configuration file. If a particular sequence of system calls is intercepted than an appropriate action could be executed (kill the process, log, etc.) IDScenter Added 2003-07-08 Snort IDScenter is a GUI for Snort IDS on Windows platforms. Configuration and management of the IDS can be done using IDScenter. Main features are: - Snort configuration wizard (variables, preprocessor plugins, output plugins, rulesets) - Alert notification via e-mail, sound or only visual notification - Alert file monitoring (up to 10 files) - MySQL alert detection - Log rotation (compressed archiving of log files) - AutoBlock (using NetworkICE BlackICE Defender you can block attackers IP's that Snort logged) - Integrated log viewer (supports text files, XML and HTML/webpages) - Program execution if an attack was detected - Test configuration feature: fast testing of your IDS configuration, and more . LogIDS Added 2003-07-08 LogIDS 1.0 is my latest tool and my personal contribution to the IDS field. I think that LogIDS will change the way people view intrusion detection, and may even redefine terms like ?event correlation?. LogIDS 1.0 is a real-time log-analysis based intrusion detection system, or since it can be fed with logs from other kind of IDS, it can be seen as a mega-IDS. The graphical interface presents you with a representation of your network map, where each node (host or subnet) have its own little console window, where the logs belonging to it can eventually be displayed (depending on your rules). You get to specify the format of the log files you want to monitor, apply rules to these log files using field names you have previously defined, and you configure it to correspond to your environment and that's it! Rules can be displaying the fields you choose in the GUI, emit sounds for warnings or alerts, display icons pertaining to the actions depicted in the logs, or disregard the data if it contains no useful data. You can use LogIDS with LogAgent as a log supplier, and monitor logs from varied sources such as, but not limited to, Event Viewer, ComLog, ADSScan, IntegCheck, LogAgent 4.0 Pro, Snort, personal firewalls, most antivirus products, Apache, and just about any other software that produces ASCII log files (with the notable exception of IIS). LogAgent Added 2003-07-08 LogAgent 4.0 Open Source is the latest version of the popular log monitoring software. Now monitors also Event Viewer logs, and you have the ability to send the output to the printer. You can also specify NULL directories for greater flexibility. You can also append time and date along with IP, hostname and username. Ships with 2 standalone companion programs, ADSScan (an alternate data stream scanner) and the combo HashGen and Integcheck (a MD5-SHA1 file system integrity checker, or HIDS), both free and Open Source. Browse by category |
|
|
Privacy Statement |
