Section: .. / UNIX / IDS /
| /// File Name: |
slipwire.1-2.tar.gz |
Description:
|
slipwire.pl is a simple filesystem integrity checker. It compares the SHA-1 hashes of files to an initial state and alerts the user of any changes.
| | Author: | James Quinby | | Homepage: | http://packet.node.to/ | | Changes: | A fix for a bug in the iteration count when comparing files to hashes, a quick reader script for dumping the contents of the DBM file, an example file list, and a tidied-up README. | | File Size: | 3374 | | Last Modified: | Feb 18 15:31:17 2000 |
| MD5 Checksum: | cdfb0e35ca41c8dce84498b0c20842be |
|
| /// File Name: |
slipwire.1-3.tar.gz |
Description:
|
slipwire.pl is a filesystem integrity checker. It compares the SHA-1 hashes of files to an initial state and alerts the user of any changes. slipwire also records extensive file information such as inode number, last-modified date, filesize, uid, gid, etc, and can also report changes in any of these.
| | Author: | James Quinby | | Homepage: | http://packet.node.to/ | | Changes: | Extension of information gathered on indexed files, comparisons made to inode, last-modified, etc in addition to SHA signatures, tightening up of the Perl code, and elimination of calls to the shell. | | File Size: | 4621 | | Last Modified: | Feb 23 03:05:28 2000 |
| MD5 Checksum: | 70d3ac7d70df7d733027a2b36bd2f772 |
|
| /// File Name: |
slocate-1.4.tar.gz |
Description:
|
Indexes files and keeps record of permissions, ownership, location.
| | Author: | Kevin Lindsay | | File Size: | 16751 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | e5a40940985bbae9fb0fa09fb4fc368e |
|
| /// File Name: |
slocate-1.5.tar.gz |
Description:
|
Secure Locate 1.5 - Secure locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also store file permissions and ownership so that users will not see files they do not have access to. It is a bit slower than the GNU locate, but thats the price for security.
| | Author: | Kevin Lindsay | | Changes: | A couple of bug fixes but mostly new features. You can now search using basic POSIX regular expressions. It should also be noted that Redhat 6.0 has switched from GNU Locate to Secure Locate as the default filesystem indexing/searching mechanism. | | File Size: | 18683 | | Last Modified: | Aug 16 20:02:45 1999 |
| MD5 Checksum: | 15ad0eebaf97032015c8de884c1c238d |
|
| /// File Name: |
slocate-1.6.tar.gz |
Description:
|
Secure Locate 1.6 - Secure locate provides a secure way to index and quickly search for files on your system. It uses incremental encoding just like GNU locate to compress its database to make searching faster, but it will also store file permissions and ownership so that users will not see files they do not have access to. It is a bit slower than the GNU locate, but thats the price for security.
| | Author: | Kevin Lindsay | | Changes: | Optimized some code to make updating the database much faster, patched to allow smoother installation on FreeBSD, and some other minor bug fixes. | | File Size: | 19413 | | Last Modified: | Aug 16 20:02:47 1999 |
| MD5 Checksum: | 6096f7b0e4c4761bb2257dd83405bdb9 |
|
| /// File Name: |
Snmpd-1.0.1.tar.gz |
Description:
|
SNMP based network management program to alleviate certain problems of heterogeneous systems. Requires Scotty and Tcl/Tk
| | File Size: | 150464 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | 51633bc34a643576509f93d1267a048d |
|
| /// File Name: |
Snmpd-1.0.2.tar.gz |
Description:
|
See above.
| | File Size: | 150419 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | dbbb86291943e248650d9885a06ba4ca |
|
| /// File Name: |
SnmpMonitorEx-1.0.1.tar.gz |
Description:
|
Safely monitor SNMP variables on the net. If there are changes, you can get a message on your cellular, by mail or on screen. Requires Scotty and Tcl/Tk
| | File Size: | 42929 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | ef1457bcc056e25307efe5361fd4e453 |
|
| /// File Name: |
sockstat.c |
Description:
|
SocketStat v1.0 - by Richard Steenbergen and Drago. Inspired by dreams, coded by nightmares. Nifty way to find which processes are using what sockets, Can be used to detect users who clone on irc, connect where they shouldn't (bots on non-bot servers), are running hidden servers, etc.
| | File Size: | 8826 | | Last Modified: | Sep 30 16:30:27 1999 |
| MD5 Checksum: | f00ff838c3e2432ccc6b04826912c153 |
|
| /// File Name: |
sockstat.tar.gz |
Description:
|
Simple C program written to display open ports on a given host. Useful for when things like netstat and sockstat might be backdoored.
| | Author: | duriel | | File Size: | 1583 | | Last Modified: | Jul 9 07:42:07 2006 |
| MD5 Checksum: | 69e90ab3d31c5acc04a8263c800cee6e |
|
| /// File Name: |
spar-1.2.tar.gz |
Description:
|
'spar' is used to select records from a UNIX process accounting file. It is usually faster than most 'lastcomm's and significantly more flexible and powerful.
| | Homepage: | ftp://coast.cs.purdue.edu/pub/tools/unix/TAMU/ | | File Size: | 30489 | | Last Modified: | Jan 10 03:00:00 1994 |
| MD5 Checksum: | cb7c0b827c5642c3086d25e14fb5e1f6 |
|
| /// File Name: |
sploitmon.pl |
Description:
|
sploitmon.pl is a simple yet sophisticated perl script that runs in the background to monitor Apache's access_log file for indications of an exploit scan. If one is detected, a new exploit_scan_log file is created with the details. Checks for /cgi-bin/phf, /cgi-bin/nph-test-cgi, and /cgi-bin/whois_raw.cgi.
| | Author: | Bansh33 | | Homepage: | http://www.r00tabega.com | | File Size: | 1902 | | Last Modified: | Jun 29 11:29:47 2000 |
| MD5 Checksum: | aa2fb5d66590141e34932b7013cb78d9 |
|
| /// File Name: |
spong.tar.gz |
Description:
|
System monitoring package coded in perl. Monitors clients, networks, host groups, and displays info via web interface.
| | File Size: | 54819 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | 5d0505a407855c02859e7313b755e83b |
|
| /// File Name: |
step.htm |
Description:
|
Eight Steps to A Working Intrusion Detection System - The SANS Institute. Preface and instructions for STEP package below.
| | File Size: | 60436 | | Last Modified: | Aug 16 20:02:35 1999 |
| MD5 Checksum: | c880c48f3099b3cb999cf34e2e224ffd |
|
| /// File Name: |
stjude-0.4.tgz |
Description:
|
StJude is an attempt to monitor the flow of privilege in my Solaris boxes. It tries to detect privilege violations or improper transitions (ie stack smashing, or other local root exploits) by watching audit trails.
| | Author: | Tim Lawless | | File Size: | 6277 | | Last Modified: | Mar 6 15:47:53 2000 |
| MD5 Checksum: | b416a0164c195804d20a79668d919373 |
|
| /// File Name: |
suidshow.c |
Description:
|
suidshow.c is a linux lkm that will log any non-root user doing a setuid(0) or a setreuid(0,0) system call. CyberPsychotic
| | File Size: | 1594 | | Last Modified: | Oct 26 20:23:28 1999 |
| MD5 Checksum: | 241bfda6ea160e113020cfd540674192 |
|
| /// File Name: |
swatch-2.2.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://www.stanford.edu/~atkins/swatch/ | | Changes: | Fixed a big bug involving key value assignment when throttling. | | File Size: | 44862 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 0d787edd73d358eefcf9e7a601fb7cb7 |
|
| /// File Name: |
swatch-2.2.tar.Z |
Description:
|
Monitor logfiles, scan for specific entries in the log file, and take the action you have determined. Use with tcp_wrappers for excellent monitoring system.
| | File Size: | 63081 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 187aab00dfe0427d2aac13d4672b9a8c |
|
| /// File Name: |
swatch-3.0.2.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://oit.ucsb.edu/~eta/swatch | | Changes: | Defaults to /var/adm/messages now. Lots of bugs were fixed. | | File Size: | 24250 | | Last Modified: | Sep 6 01:46:02 2001 |
| MD5 Checksum: | 609a50a2c089417f76a6d13635407463 |
|
| /// File Name: |
swatch-3.0.4.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://www.stanford.edu/~atkins/swatch/ | | Changes: | Fixed a big bug involving key value assignment when throttling. | | File Size: | 24157 | | Last Modified: | Nov 14 03:00:20 2001 |
| MD5 Checksum: | ce290dd2cae6ce834f59e24d97a30d3b |
|
| /// File Name: |
swatch-3.0b1.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://www.stanford.edu/~atkins/swatch/ | | Changes: | Fixed a big bug involving key value assignment when throttling. | | File Size: | 17819 | | Last Modified: | Aug 16 20:02:47 1999 |
| MD5 Checksum: | 5969ec109979acd91b743815dda20a18 |
|
| /// File Name: |
swatch-3.0b4.tar.gz |
Description:
|
Swatch ("Simple WATCHdog") is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | ftp://ftp.stanford.edu/general/security-tools/swatch/ | | Changes: | Fixed the examine switch, added continue and quit actions, Fixed parsing of "throttle" setting, bug fixes. | | File Size: | 20824 | | Last Modified: | Jan 26 16:10:36 2000 |
| MD5 Checksum: | 6c386d64a543841b69122afbc2144345 |
|
| /// File Name: |
sxid-secure.gz |
Description:
|
sXid Secure is an all in one suid/sgid monitoring script written in perl.
| | Author: | Ben Collins | | File Size: | 4123 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | 439e4dd2da716074880ecbf2117749e0 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
