Section: .. / UNIX / IDS /
| /// File Name: |
integrit-4.0.tar.gz |
Description:
|
Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
| | Homepage: | http://integrit.sourceforge.net | | Changes: | Updated output format for "new" file checksums to match "removed". | | File Size: | 266001 | | Last Modified: | Aug 17 02:26:02 2006 |
| MD5 Checksum: | 2f6a7e28e48b0cbc8214648e3224703b |
|
| /// File Name: |
integrit-4.1.tar.gz |
Description:
|
Integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
| | Homepage: | http://integrit.sourceforge.net | | Changes: | Fixed exit status, considering missing files correctly as a change. | | File Size: | 271626 | | Last Modified: | Jun 6 18:30:51 2007 |
| MD5 Checksum: | f51a5b558981a5d90e7d6f4e7e269a46 |
|
| /// File Name: |
ipacl.tar.gz |
Description:
|
SYSV.4 module that implements packet filtering within the kernel.
| | File Size: | 21885 | | Last Modified: | Aug 16 20:02:14 1999 |
| MD5 Checksum: | 5b71efc483ce170b23578410df89231c |
|
| /// File Name: |
iplimit-0.9.tar.gz |
Description:
|
IPLimit is a security tool to prevent some denial of services on common internet daemons. It will dynamically reject connections from hosts thatalready connected too many times on the same service or the same server. And only these strobe makers will be rejected, not trusted people. IPLimit is fully configurable : you can, for instance, allow 40 connections per second for SMTP, and only 1 per minute for Telnet. It needs the TCPREMOTEIP and TCPLOCALPORT environment variables, so that IPLimit has to be used with a super-server like G2S or TCPServer. You can also use any other inetd variant if you have the tcp-env program (from Qmail). IPLimit was tested on Linux but should work on any other Unix implementation with or without minor changes.
| | File Size: | 10387 | | Last Modified: | Oct 7 15:16:33 1999 |
| MD5 Checksum: | 088f855c05f1c5f31edfe28796439eaa |
|
| /// File Name: |
killerd-0_2.tar.gz |
Description:
|
A daemon which kills shells with idle time above a certain limit.
| | Author: | Martin Mares | | File Size: | 4958 | | Last Modified: | Sep 30 16:28:13 1999 |
| MD5 Checksum: | 66d631dcc7c53f6bbe6e6f449ed3e351 |
|
| /// File Name: |
kojoney-0.0.1.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | File Size: | 171425 | | Last Modified: | Aug 5 02:40:51 2005 |
| MD5 Checksum: | 54a3fa3d62a3fc3ee1cd09e096c04828 |
|
| /// File Name: |
kojoney-0.0.2.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | Changes: | Various corrections and additions. | | File Size: | 182704 | | Last Modified: | Aug 5 04:32:40 2005 |
| MD5 Checksum: | c56d92e2dee42557e1a71826edc96405 |
|
| /// File Name: |
kojoney-0.0.3.1.tar.gz |
Description:
|
Kojoney is an easy of use, secure, robust, and powerful Honeypot for the SSH service. It includes other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log files.
| | Author: | Joxean Koret | | Homepage: | http://kojoney.sourceforge.net/ | | Changes: | Various corrections. | | File Size: | 1861096 | | Last Modified: | Aug 12 03:21:33 2005 |
| MD5 Checksum: | e97e693600a4a231d675ce495d59ab25 |
|
| /// File Name: |
ktcpd-strobemasker-1.4.gz |
Description:
|
Linux 2.0.x kernel patch that protects you from strobes. Detects all strobes, logs all strobe attempts, refuses connections after a strobe begins, logs ALL packets (tcp, icmp, udp). Basically, makes your Linux box appear to be a Macintosh.
| | File Size: | 3961 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | 7c328e4cd942e40046e3160a36512d0e |
|
| /// File Name: |
l0pht-nfr.tar.gz |
Description:
|
"The L0pht NFR Intrusion Detection System modules have been updated to cover some of the latest popular network attacks. Featured prominently in the update is a Back Orifice detection module which, we believe, is better than anything else on the market. Better than ISS's RealSecure BO detection as well as that of stand alone BO detectors that cost upwards of $5000. Do your network a favor and download our IDS modules (which are FREE) and NFR which is free for internal, non-commercial use."
| | Author: | L0pht Heavy Industries | | File Size: | 15145 | | Last Modified: | Aug 16 20:02:33 1999 |
| MD5 Checksum: | 9f052542d9d63ce7e1c23a07113a436a |
|
| /// Directory: |
/ L6 / |
Description:
|
L6 is a file data integrity checker using both the MD5 and SHA-1 hash algorithms. This tool can detect file tampering based on hashes generated by both algorithms and other inode information. It also provides a useful, lightweight and flexible interface (written in perl) to verify file data integrity, and the output and functionality resembles that of L5.
| | Author: | Programmaton | | Total Files: | 6 | | Last Modified: | Sep 5 21:20:45 2007 |
|
| /// File Name: |
LaBrea.tgz |
Description:
|
LaBrea v2.0 is a program that creates a tarpit or, as some have called it, a "sticky honeypot". LaBrea takes over unused IP addresses on a network and creates "virtual machines" that answer to connection attempts. LaBrea answers those connection attempts in a way that causes the machine at the other end to get "stuck", sometimes for a very long time.
| | Author: | Tom Liston | | Homepage: | http://www.hackbusters.net/LaBrea | | Changes: | New command line option -p to keep tcp connections in the "persist" state, which can hold on to threads for a long time. | | File Size: | 23860 | | Last Modified: | Sep 18 23:23:53 2001 |
| MD5 Checksum: | 7365fb2beff6fa486908a1419e0de0ae |
|
| /// File Name: |
lads-0.8.tar.bz2 |
Description:
|
Login Anomaly Detection System (LADS) detects anomalies in logins and logouts and can perform various actions in response.
| | Author: | Fred | | Homepage: | http://www.lepied.com/lads | | Changes: | Fixes a bug in IP address reporting and a bug that prevented correct logging. | | File Size: | 8151 | | Last Modified: | Dec 14 17:30:36 2003 |
| MD5 Checksum: | 0908e52ffc65a6fa16b7906b60dd2908 |
|
| /// File Name: |
libnids-1.12.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | File Size: | 292984 | | Last Modified: | Oct 25 18:23:18 1999 |
| MD5 Checksum: | 1d5eb8ef14c2729ab1871599ac05734f |
|
| /// File Name: |
libnids-1.13.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | Changes: | GNU autoconf support, code cleanup and new libnids(3) manpage, pcap_filter field in nids_params, bugfix in ip_check_ext(), Solaris support. | | File Size: | 62959 | | Last Modified: | Jan 28 17:59:37 2000 |
| MD5 Checksum: | 801b12ad1bce956af1d2e03b4d70f851 |
|
| /// File Name: |
libnids-1.14.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convinient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/libnids | | Changes: | Added support to capture packets on all interfaces, including loopback, added ability to refrain from setting promisc flag, added ability to disable tcp processing, libc5 support, alpha platform support, and bug fixes. | | File Size: | 67678 | | Last Modified: | Jul 11 20:13:18 2000 |
| MD5 Checksum: | fee6fd45b55ab67cd599b066710ce1bc |
|
| /// File Name: |
libnids-1.16.tar.gz |
Description:
|
Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. The libnids library offers IP defragmentation, TCP stream assembly and TCP port scan detection. Libnids is highly configurable, reliable, and portable.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/Libnids/ | | File Size: | 72292 | | Last Modified: | Nov 3 14:35:46 2000 |
| MD5 Checksum: | f463bb8269b9958679f0f912715f2843 |
|
| /// File Name: |
libnids-1.17rc1.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://www.packetfactory.net/Projects/libnids | | Changes: | Support for libnet-1.1, libpcap save files, 802.1Q VLAN, wireless frames, and more. | | File Size: | 99935 | | Last Modified: | Sep 10 01:14:07 2002 |
| MD5 Checksum: | 4b34c7cea654402476452d0715c30d36 |
|
| /// File Name: |
libnids-1.18.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Rejection of TCP packets with old timestamp, fixed memory corruption, and more. | | File Size: | 114013 | | Last Modified: | Oct 17 18:10:35 2003 |
| MD5 Checksum: | 9ee6dcdfac97bae6fe611aa27d2594a5 |
|
| /// File Name: |
libnids-1.19.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Multiple bug fixes. | | File Size: | 115758 | | Last Modified: | Aug 9 17:37:18 2004 |
| MD5 Checksum: | 863125dbcc43d1ac8c044622e5b08787 |
|
| /// File Name: |
libnids-1.20.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Added wscale option parsing; surprisingly, it seems to be in some use, added nids_dispatch(), for systems which do not ignore pcap timeout, and the ability to specify hosts/networks for which we do not check checksums. | | File Size: | 119226 | | Last Modified: | Feb 18 00:18:56 2005 |
| MD5 Checksum: | a36cbd45cbada12420ecc8f82a7e0852 |
|
| /// File Name: |
libnids-1.21.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Various code updates. | | File Size: | 140138 | | Last Modified: | May 22 00:18:39 2006 |
| MD5 Checksum: | 8c43dd7d66350eed99a29be50bc5615f |
|
| /// File Name: |
Libnids-W32-1.19.tar.gz |
Description:
|
Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit, and provides convenient information on them to analyzing modules of NIDS. So, if you intend to develop a custom NIDS, you do not have to build low-level network code. If you decide to use libnids, and you have got E-component ready - you can focus on implementing other parts of NIDS.
| | Author: | Nergal | | Homepage: | http://libnids.sourceforge.net | | Changes: | Ported to Win32 by Goldie. | | File Size: | 166773 | | Last Modified: | Sep 20 23:20:52 2004 |
| MD5 Checksum: | 3163f4f5ac4548afc204f71ec603d61f |
|
| /// File Name: |
logcalls.c |
Description:
|
Kernel module which logs specific system calls to a logfile. Tracks mkdir, rmdir, link, and open.
| | Author: | Pheisar | | Homepage: | http://www.ccl.pt/~pheisar/ | | File Size: | 4417 | | Last Modified: | Dec 7 15:38:36 1999 |
| MD5 Checksum: | 5bc913bf407e10e3b9113467871f1565 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
