exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 910 RSS Feed

Intrusion Detection Files

AIDE 0.18.4
Posted Jun 14, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Fixed handling of extended attributes on symlinks. Added missing parenthesis to log message. Fixed static linking of the aide binary. Multiple other fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 4f7e2c7f49f3ca25fdafad6170390a4d8c8334af17bbd48ad34dbd6dde4ee757
Falco 0.35.0
Posted Jun 7, 2023
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: Dozens of changes including a breaking change where support for metadata enrichment from Mesos has been removed. 9 bug fixes have also been applied.
tags | tool, intrusion detection
systems | unix
SHA-256 | 358d1a084d4f53bfe86e7c4babfa56b222bf565e9140fa49191c7fe2bd88bd32
Zeek 5.0.9
Posted May 22, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes 4 security bugs and 1 non-security bug.
tags | tool, intrusion detection
systems | unix
SHA-256 | 2d6247c667c1838d0efd8d860744baadde4b2e8721734dea250e37147899cfcd
AIDE 0.18.3
Posted May 17, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Fix to handle readlink() errors.
tags | tool, intrusion detection
systems | unix
SHA-256 | d47da12c4bf085bfdf1828e087a1db5195a4d217ff4c89f40dbd94e2a887a6a2
Samhain File Integrity Checker 4.4.10
Posted May 14, 2023
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Fix for a couple memory leaks in sh_unix.c.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | acaab8ed17b828ae787a0d35ef8879f933e5033cafe4385554cf8b7758acc6f9
Suricata IDPE 6.0.12
Posted May 9, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: An optimization and feature added. 18 bug fixes. 1 security fix and a couple dozen bug fixes along with a feature and a task.
tags | tool, intrusion detection
systems | unix
SHA-256 | 04b23160935b03197b085c2ccc9d80875a33f115583054d1460ab0fb66d834b3
Suricata IDPE 6.0.11
Posted Apr 14, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 1 security fix and a couple dozen bug fixes along with a feature and a task.
tags | tool, intrusion detection
systems | unix
SHA-256 | 4da5e4e91e49992633a6024ce10afe6441255b2775a8f20f1ef188bd1129ac66
Zeek 5.0.8
Posted Apr 12, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes 5 security bugs and 5 non-security bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 82fd72c7078fbdb4c025569a6e31fa7f8b9876ca37aab8ac24db92b0c589d2bf
AIDE 0.18.2
Posted Apr 10, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Added warning if rules contain not compiled-in attributes. Added missing lock for tree operations during file system scan.
tags | tool, intrusion detection
systems | unix
SHA-256 | 758ff586c703930129e0a1e8c292ff5127e116fc10d0ffdbea8bf2c1087ca7e4
AIDE 0.18.1
Posted Mar 6, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Fixed handling of empty growing files. Fixed segfault when using --dry-init. Updated README.
tags | tool, intrusion detection
systems | unix
SHA-256 | 158e72e2fc7f08cb28b66dd5988294c19b035b5a901d7ad5fee010efeca4c0d2
Zeek 5.0.7
Posted Feb 22, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Various issues with signed/unsigned character discrepancies on arm64 builds are fixed. A performance degradation in debug builds involving hashing large keys for Dictionaries was fixed. A DNS related memory leak was addressed. An ftp denial of service was addressed. Two find related BIF methods had a denial of service issue addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | dbb9788260269c5a75eb5d18fd9ad0df1f06f00757cdde9d86994b35428b5776
Falco 0.34.1
Posted Feb 20, 2023
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: Minor fix to userspace/engine where it will now correctly bump FALCO_ENGINE_VERSION after introduction of new fields.
tags | tool, intrusion detection
systems | unix
SHA-256 | 996c138ce94c027c6a27898950c48ee664c380889d564871d14f9b0e48185b77
AIDE 0.18
Posted Feb 7, 2023
Authored by Rami Lehti | Site aide.github.io

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.

Changes: Now supports multithreading for hashsum calculation. Added new growing and compressed attributes. Various other additions, minor bug fixes, code clean up, and more.
tags | tool, intrusion detection
systems | unix
SHA-256 | f1166ad01a50f7f4523a585760c673ae11185a38cfa602ae7c9e9266effd038d
Falco 0.34.0
Posted Feb 7, 2023
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: A dozen major changes, over two dozen minor changes, and six bug fixes. There is one breaking change.
tags | tool, intrusion detection
systems | unix
SHA-256 | 23c36580c981ff7de09ab37dd19eff58ace79337657cc06e0f9ae71b20633246
Zeek 5.0.6
Posted Feb 2, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Three security issues and five additional bugs have been addressed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8e09916c43beba457f76484be46dad2858a5983d95624e55a70e06a1c76ce2d2
Suricata IDPE 6.0.10
Posted Jan 31, 2023
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 1 security issue addressed, 19 bugs addressed, and a couple of optimizations.
tags | tool, intrusion detection
systems | unix
SHA-256 | 59bfd1bf5d9c1596226fa4815bf76643ce59698866c107a26269c481f125c4d7
Logwatch 7.8
Posted Jan 23, 2023
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | fb8a7e79c851696800941b1ef7f03ce42b7e1d046eaa6ac8fa69a87b46d8edb7
Zeek 5.0.5
Posted Jan 10, 2023
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Updated broker to version 2.3.6. This broker release fixes some failures when building against Python 3.11 and above.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3efed010ab2dcf623667d13b485dfec6d28f2b65f97e4c9f0f9192c37ace88d1
Suricata IDPE 6.0.9
Posted Nov 30, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: 4 security issues addressed, 15 bugs addressed, one feature, and a few tasks completed.
tags | tool, intrusion detection
systems | unix
SHA-256 | 3225edcbd0277545b7128df7b71652e6816f3b4978347d2f4fe297d55ed070e8
Falco 0.33.1
Posted Nov 24, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.

Changes: Fixed container-gvisor and kubernetes-gvisor print options. Updated libs to 0.9.2, fixing potential CLBO on gVisor+Kubernetes and crash with eBPF when some CPUs are offline.
tags | tool, intrusion detection
systems | unix
SHA-256 | c17f784c29aa5d80215602a82fa8f43456ed9eb244957e34e17f303fef273642
Zeek 5.0.4
Posted Nov 23, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: This release fixes security issues where a specially-crafted series of HTTP 0.9 packets can cause Zeek to spend large amounts of time processing the packets, a specially-crafted FTP packet can cause Zeek to spend large amounts of time processing the command, and a specially-crafted IPv6 packet can cause Zeek to overflow memory and potentially crash. Fixed a potential stall in Broker’s internal data pipeline.
tags | tool, intrusion detection
systems | unix
SHA-256 | d01aa72864b1128513c0b3667148e765f83cd9f0befe9a751c51f0f19a8ba280
Zeek 5.0.3
Posted Nov 9, 2022
Authored by Robin Sommer, Vern Paxson | Site zeek.org

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed an issue where a specially-crafted FTP packet can cause Zeek to spend large amounts of time attempting to search for valid commands in the data stream. Fixed a possible overflow in the Zeek dictionary code that may lead to a memory leak. Fixed an issue where a specially-crafted packet can cause Zeek to spend large amounts of time reporting analyzer violations. Fixed a possible assert and crash in the HTTP analyzer when receiving a specially-crafted packet. Fixed an issue where a specially-crafted HTTP or SMTP packet can cause Zeek to spend a large amount of time attempting to search for filenames within the packet data. Fixed two separate possible crashes when converting processed IP headers for logging via the raw_packet event handlers. Various other bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 8f16ed6b51f63f7efaca506c4ee0396b0fd03e83cb6358dbd9ea6ffe5fd0b657
Falco 0.33.0
Posted Oct 20, 2022
Authored by Sysdig | Site sysdig.org

Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: A dozen major changes, about 2 dozen minor changes, and a handful of bug fixes.
tags | tool, intrusion detection
systems | unix
SHA-256 | 933b5a17271ac0f9acfa54c48997d1b9526759fa9bd929c844cca6471dec33ea
Suricata IDPE 6.0.8
Posted Sep 28, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Suricata 6.0.8 fixes 2 issues in the 6.0.7 distribution. libhtp 0.5.41 was not actually included and Suricata-Update 1.3.0dev0 was included instead of 1.2.5.
tags | tool, intrusion detection
systems | unix
SHA-256 | 253ce3cc0df967ad9371d6ea8d4eed91ec593df3ed04e08229c7cf85780c91a3
Suricata IDPE 6.0.7
Posted Sep 27, 2022
Site suricata.io

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: One security fix, about a dozen bug fixes, and a couple of features added.
tags | tool, intrusion detection
systems | unix
SHA-256 | d172289358e22d57e85b3f28f4a49f9f7844d99e1b4b4680510fe81fb9b16446
Page 2 of 37
Back12345Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close