(Page 7 of 31)   < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >

Category: Network Monitoring

Fast Logging Project for Snort
Added 2004-04-22
by DG
FLoP is designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database (PostgreSQL and MySQL are supported). On the sensor, the output is written via a Unix domain socket to a process called sockserv. This process is threaded; one receives and buffers the alert packets, and the other thread forwards them to a central server. With this approach, the output is decoupled from Snort, which can proceed in sniffing instead of waiting for the output plugins. At the central server, a process called servsock gathers all alerts from the remote sensors and feeds them via a Unix domain socket to the database. All alerts are buffered to avoid blocking due to a hanging database access (or a slow network on the senor side). A short description of alerts with high priority together with the database ID can be sent via email to a list of recipients.

Added 2004-04-05
by John Ogness
This project provides a kernel module which provides 3rd-party applications with an interface for file access control. It was originally developed for on-access virus scanning. Other uses include a file-access monitor/logger or external security implementations. It operates by intercepting file-access calls and passing the file information to a 3rd-party application. The 3rd-party application then has the opportunity to tell the kernel module to allow or deny the file-access. The 3rd-party application also receives information about the file, such as type of access, process ID, user ID, etc.

Added 2004-04-05
by hauk
monit is a utility for monitoring and managing daemons or similar programs running on a Unix system. It will start specified programs if they are not running and restart programs not responding. It supports a daemon mode (poll programs at a specified interval, and start, stop, and restart programs), logging (syslog or your own logfile), configuration (with a comprehensive controlfile) runtime and TCP/IP port checking, process status, and timeout and alert notification. It provides an HTTP interface.

Added 2004-04-01
by liudieyu@umbrella.name
WinBlox monitors file operation and commandline execution on WINNT(Windows 2000 and later) system. Pattern matching in WinBlox is done by Regular Expression to ensure flexiblity.

Snort Alert Monitor
Added 2004-03-24
by Sam Freiberg
SAM is a real-time Snort alert monitor. It provides many ways to indicate that you may be experiencing an intrusion attempt on your network, including audio/visual warnings, email warnings, etc.

Dwall Firewall Generator
Added 2004-03-23
by dag
Dwall is an all-purpose firewall tool to generate an iptables firewall out of a simple configuration. It contains about 80 predefined services and comes with a simple 3 zone firewall example. It is designed to be easy to configure and manage without being limited to a specific network setup. It can handle as many interfaces as desired and allows you to create firewall rules that are portable between several firewalls.

Network Packet Capture Facility for Java
Added 2004-03-18
by patrick charles
Network Packet Capture Facility for Java is a set of Java classes that provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. It utilizes libpcap, a widely used system library for packet capture.

Added 2004-03-11
by Brady Alleman
NetMRG is a network monitoring, reporting, and graphing system. Using MySQL, PHP, C++, pthreads, and RRDTOOL, it is capable of monitoring thousands of variables on five-minute intervals. Graph templating allows network admins to begin monitoring devices with minimal overhead. NetMRG is also capable of responding to programmable events, such as variables exceeding accepted tolerances. It can accommodate server hosting and Internet service provider environments with different users allowed to view only their own equipment's graphs.

Syslog Management Tool
Added 2004-03-11
by Jeremy Guthrie
The Syslog Management Tool (SMT) is a Web-based system that collects syslog messages using a modified version of Modular Syslog. It processes them for errors and generate alerts, launches programs, or sends emails based on user-defined actions. Since it uses a Web console, rules, hosts, and much more can be centrally managed. It is designed to be disaster resilient by distributing components throughout a global enterprise to survive Web console loss, database loss, or syslog server loss.

Added 2004-03-11
by Florian Boor
Prismstumbler is software which finds 802.11 (W-LAN) networks. It comes with an easy to use GTK2 frontend and is small enough to fit on a small portable system. It is designed to be a flexible tool to find as much information about wireless LAN installations as possible. Because of its client-server architecture the scanner engine may be used for different frontends.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus