(Page 11 of 25)   < Prev  6 7 8 9 10 11 12 13 14 15 16  Next >

Category: Intrusion Detection

Added 2002-03-21
by Marc Welz
IDS/A is an experimental interface between applications and a daemon which functions as system logger, reference monitor, and soon and intrusion detection system. It ships with a pam module, apache module, tcp wrapper replacement, system logger replacement and execv preload library. These components can be used to gather and integrate information as well as deny suspicous actions when they are attempted.

Added 2002-03-18
by Ethan Galstad, netsaint@linuxbox.com
NetSaint is a program that will monitor hosts and services on your network. It has the ability to email or page you when a problem arises and when a problem is resolved. Several CGI programs are included in order to allow you to view the current service status, problem history, notification history, and log file via the web.

IDScenter 2001
Added 2002-03-07
by Ueli Kistler
IDScenter is a panel for controlling, managing and auditing SNORT IDS for WIN32. It supports all the functions of snort.panel by XATO. New Features: IP/Interface detection, Alarm sound (WAV/Beep), Implemented log viewer, EXE-File start on alert...

Paranoia Iptables Firewall
Added 2002-03-05
by Harald Skoglund
Paranoia Iptables Firewall is a firewall designed specifically for standalone computers in insecure networks such as campus LANs and co-location facilities. It is modular and easy to update at runtime without the need to flush the entire firewall-ruleset. The last last update time for modules is cached, allowing altered rulesets to be reloaded easily. Portscan detection and rate-limiting SYNs are supported. A good mechanism for IP/port-based ACLs is employed. A single file listing the allowed connections for every open port/portrange is required. MAC-addresses for LAN connections can be checked against corresponding IP-addresses. Optional basic NAT support is included.

Added 2002-02-26
A TCP/UDP port listener. You provide a list of ports to listen on and the program will notify you when a connection or data arrives at the port(s). Can minimize to the system tray and play an audible alert. This program is intended to act as a guard dog to notify you of attempted probes to your computer via the Internet.

Snort Config
Added 2002-02-25
by A.L.Lambert
SnortConf is a tool that provides a fairly intuitive menu-based text interface for setting up the GPL IDS tool Snort. It also provides error and sanity checking on user input, and an online help facility.

Firewall Monitor
Added 2002-02-14
by Gianni Tedesco, scaramanga@barrysworld.com
fwmon is a firewall monitor for Linux. It integrates with ipchains to give you realtime notification of firewall events. It has fairly customizable output, allowing you to display a packet summary, hex, and ascii data dumps to stdout, a logfile, or tcpdump-style capture files. It also boasts some simple security features such as the ability to chroot itself, and operate in a non-root environment.

Added 2002-02-13
by Foundstone
fport reports all open TCP/IP and UDP ports and maps them to the owning application. fport requires the usage of psapi.dll. On Windows NT, psapi.dll must be in the same dir, or path, as fport. For Windows 2000, this is not the case, since the system contains the .dll. The program contains five (5) switches that allow you to sort by application, process ID, application path, port, and display help.

AIDE (Advanced Intrusion Detection Environment)
Added 2002-02-11
by Rami Lehti and Pablo Virolainen
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Added 2002-01-25
by LBL Network Research Group
Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch uses libpcap, a system-independent interface for user-level packet capture. Before building tcpdump, you must first retrieve and build libpcap, also from LBL, in: ftp://ftp.ee.lbl.gov/libpcap-*.tar.Z.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus