< Prev 1 2 3 4 5 6 7 8 9 10 Next >
Category: Intrusion Detection » Host
Advanced Net Tools (ANT)
Share Scanner can scan any network for a list of shared drives. ARP Configuration allows you to add/remove ARP entries and view the ARP table all from a Windows GUI. Route Configuration allows you to add/remove Routing entries and view the route table all from a Windows GUI. Adapter Configuration allows you to view all adapters and add remove IP addresses of individual adapters using a Windows GUI. IP Configuration shows you all of the configuration information for all of the adapters on your system. Net Stats shows all of the current connections on your PC and their current state. It also shows what ports applications are listening on. You can set the refresh rate at any speed you wish. TraceRoute tells you how many hops (routers) are between your PC and another destination. It will also show you the slowest connection point. Network Scanner can scan any class A, B or C network for any list of open ports. Network Scanner takes advantage of multi-threading. You can use many threads to scan at the same time for quick results. You can save your port list to a text file. You can also save your list of found connections to a text file. Port Scanner can scan any computer for a list, or range of open ports. Set your speed of finding open ports by setting the timeout variable. Ping Utility allows you to change the size of the packets, the timeout, and the number of packets to ping. Advanced DNS Utility shows you extended information on a given hostname or IP address. You can also lookup the mail exchange servers, or domain name servers for a specific domain. Query types available: A, ANY, NS, MX, SOA. Command Test, a utility for connecting to an open port and testing commands. Works like a telnet client but you can send 1 line at a time. Whois Client where you can configure the whois server for multiple DNS name types. With ANT you don't even need to use the main GUI interface, all menus are accessible from the system tray icon.
Swatch was originally written to actively monitor messages as they were written to a log file via the UNIX syslog utility. It has multiple methods of alarming, both visually and by triggering events. The perfect tools for a master loghost. It is known to work flawlessly on Linux (RH5), BSDI, and Solaris 2.6 (patched).
The tcp_wrapper package by Wietse Venema. Formerly called log_tcp. Allows monitoring and control over who connects to a hosts TFTP, EXEC, FTP, RSH, TELNET, RLOGIN, FINGER, and SYSTAT ports. Also includes a library so that other programs can be controlled and monitored in the same fashion.
TTY-Watcher is a utility to monitor and control users on a single system. It is based on our IP-Watcher utility, which can be used to monitor and control users on an entire network. It is similar to advise or tap, but with many more advanced features and a user friendly (either X-Windows or text) interface. TTY-Watcher allows the user to monitor every tty on the system, as well as interact with them by: to the real owner of the TTY without interfering with the commands he's typing. The message will only be displayed on his screen and will not be sent to the underlying process. Aside from monitoring and controlling TTYs, individual connections can be logged to either a raw logfile for later playback (somewhat like a VCR) or to a text file.
Monitors incoming SYN packets and flags connections that come from a non-local network. Useful for catching intrusion attempts (requires tcpdump).
klaxon is a modification of rexec. It is extremely useful for detecting portscanner attacks like those perpetrated by ISS and SATAN, among others. It also has optional IDENT (RFC931) support for finding out the remote user (where applicable).
Toscin is a basic IDS system that uses packet filtering to warn against possible attacks against specified services.
This program fakes trojan servers and logs every attempt from client. It is possible to log attempts to file, stdout, stderr or to syslog. It can send fake pings and replies back to trojan client.
Jammer monitors your network traffic, registry, process and network connections to bring you the complete solution against Back Orifice and NetBus. Jammer can detect even unknown versions of these two powerful tools. The tool is shareware and requires registration. What's NEW in version 2.0? 1. The AppWall(tm) technology. It's designed for home users but has the power of a corporate firewall. AppWall makes your computer a cyber fortress protecting you from attackers using Ad-ware, Spy-ware and every kind of Trojan horse. With AppWall you can select any application and allow it to access the Internet or deny it access. 2. Version 2.0 has a completely new engine that works on every Windows version including: Windows 95, 98, NT, 2000 and ME. 3. The user no longer needs to manually refresh the connection window - it is now 100% automatic. 4. Improved performance and functionality.
This program will protect you from hackers and malicious users whilst on the net so if anyone attempts to connect to your PC then their IP will be logged and an alarm will sound.
Browse by category