Section: .. / UNIX / IDS /
| /// File Name: |
swatch-3.0.2.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://oit.ucsb.edu/~eta/swatch | | Changes: | Defaults to /var/adm/messages now. Lots of bugs were fixed. | | File Size: | 24250 | | Last Modified: | Sep 6 01:46:02 2001 |
| MD5 Checksum: | 609a50a2c089417f76a6d13635407463 |
|
| /// File Name: |
swatch-3.0.4.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://www.stanford.edu/~atkins/swatch/ | | Changes: | Fixed a big bug involving key value assignment when throttling. | | File Size: | 24157 | | Last Modified: | Nov 14 03:00:20 2001 |
| MD5 Checksum: | ce290dd2cae6ce834f59e24d97a30d3b |
|
| /// File Name: |
swatch-3.0b1.tar.gz |
Description:
|
Swatch, the Simple Watch Daemon is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | http://www.stanford.edu/~atkins/swatch/ | | Changes: | Fixed a big bug involving key value assignment when throttling. | | File Size: | 17819 | | Last Modified: | Aug 16 20:02:47 1999 |
| MD5 Checksum: | 5969ec109979acd91b743815dda20a18 |
|
| /// File Name: |
swatch-3.0b4.tar.gz |
Description:
|
Swatch ("Simple WATCHdog") is a program for UNIX system logging, originally written to actively monitor messages as they are written to a log file via the UNIX syslog utility. Swatch was designed to keep system administrators from being overwhelmed by large quantities of log data. It monitors log files and acts to filter out unwanted data and take one or more simple user specified actions based upon patterns in the log. Swatch can monitor information as it is being appended to the log file and alert system administrators immediately to serious system problems as they occur.
| | Author: | Todd Atkins | | Homepage: | ftp://ftp.stanford.edu/general/security-tools/swatch/ | | Changes: | Fixed the examine switch, added continue and quit actions, Fixed parsing of "throttle" setting, bug fixes. | | File Size: | 20824 | | Last Modified: | Jan 26 16:10:36 2000 |
| MD5 Checksum: | 6c386d64a543841b69122afbc2144345 |
|
| /// File Name: |
sxid-secure.gz |
Description:
|
sXid Secure is an all in one suid/sgid monitoring script written in perl.
| | Author: | Ben Collins | | File Size: | 4123 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | 439e4dd2da716074880ecbf2117749e0 |
|
| /// File Name: |
sxid_3.2.4.tar.gz |
Description:
|
sXid 3.2.4 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.
| | Author: | Ben Collins | | Changes: | Minor bugfixes and a new IGNORE_DIRS option. | | File Size: | 43354 | | Last Modified: | Aug 16 20:02:42 1999 |
| MD5 Checksum: | 97e3eeed57749e91262b1a49563be456 |
|
| /// File Name: |
sxid_3.2.5.tar.gz |
Description:
|
sXid 3.2.5 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.
| | Author: | Ben Collins | | Changes: | added option to specify other than the default mail program, patch to make use of TMPDIR if set. | | File Size: | 43378 | | Last Modified: | Aug 16 20:02:44 1999 |
| MD5 Checksum: | 8a573d8916efa87a40be6854fc763189 |
|
| /// File Name: |
sxid_4.0.0.tar.gz |
Description:
|
sXid 4.0.0 - sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.
| | Author: | Ben Collins | | Changes: | numerous - see the changelog file. | | File Size: | 43714 | | Last Modified: | Aug 16 20:02:47 1999 |
| MD5 Checksum: | f6a48e33024abc347df8606cc45fdd24 |
|
| /// File Name: |
syn.pl |
Description:
|
tcpdump script which detects network activity - designed specifically to detect new "stealth and undetectable" nmap v2.00-2.01 scans (TCP, SYN, FIN, Frag, Xmas, Null, and UDP, etc...).
| | Author: | Programmaton | | File Size: | 3776 | | Last Modified: | Aug 16 20:02:33 1999 |
| MD5 Checksum: | 1b643bc7c0fd8a37b6e0de3b3d27cadf |
|
| /// File Name: |
sysmon.pl |
Description:
|
This script, run on a regular (daily) basis, keeps tabs on root accounts and set[ug]id root files.
| | File Size: | 7148 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | e63a290974e3c6dc991a866f53e5ad5a |
|
| /// File Name: |
sysmon.tar |
Description:
|
This script, run on a regular (daily) basis, keeps tabs on root accounts and set[ug]id root files.
| | File Size: | 10240 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | 3e11720e7ea1d158a068a1dba02739ba |
|
| /// File Name: |
tailbeep-0.2.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.)
| | Author: | Tommy. | | File Size: | 8670 | | Last Modified: | Oct 19 14:51:19 1999 |
| MD5 Checksum: | b3cbddae198819c742871b1a6324fc1f |
|
| /// File Name: |
tailbeep-0.3.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.)
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | Speech (through speechd) and a debug option. | | File Size: | 9042 | | Last Modified: | Oct 22 17:43:36 1999 |
| MD5 Checksum: | a735879e8c6948b88c63f21c4c57532b |
|
| /// File Name: |
tailbeep-0.41.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall.)
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | The Ability to specify a message to speak instead of the line in the watched file (using -p), the old -p has been moved to -P to speak the line in the file, and the -V (version) and -S (sleep time) options have been added. | | File Size: | 10122 | | Last Modified: | Oct 26 15:01:31 1999 |
| MD5 Checksum: | 09af9ef12d56fe02fa381a2c671aa959 |
|
| /// File Name: |
tailbeep-0.43.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall).
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | Added -F (frequency) and -M (milliseconds) option, added -x "command" option, cleaned up the help screen, and you can use -p and -P at the same time now if you want both the entire line and a predefined message. | | File Size: | 10930 | | Last Modified: | Oct 27 17:13:20 1999 |
| MD5 Checksum: | 15a439c9a8a5db135a96122b367ceb9b |
|
| /// File Name: |
tailbeep-0.44.tar.gz |
Description:
|
Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. I wrote it so I could watch /var/log/messages for the DENY string (so I can tell if someone is trying to break into the firewall).
| | Author: | Tommy. | | Homepage: | http://soomka.com | | Changes: | Added make rh60 so people with red hat 6.x can make binaries for glibc20 systems. | | File Size: | 11098 | | Last Modified: | Nov 15 16:27:00 2000 |
| MD5 Checksum: | 015101471825fd96f8214aea4fc96c42 |
|
| /// File Name: |
tcp_wrappers_7.6.BLURB |
Description:
|
Blurb for tcp_wrappers_7.6.tar.gz
| | File Size: | 1736 | | Last Modified: | Oct 5 18:31:44 1999 |
| MD5 Checksum: | 627fc45308e852c446c3606647fa8c34 |
|
| /// File Name: |
tcp_wrappers_7.6.tar.gz |
Description:
|
Wietse Venema's tcp wrapper. The package provides tiny daemon wrapper programs that can be installed without any changes to existing software or to existing configuration files. The wrappers report the name of the client host and of the requested service; the wrappers do not exchange information with the client or server applications, and impose no overhead on the actual conversation between the client and server applications.
| | File Size: | 99438 | | Last Modified: | Oct 5 18:31:39 1999 |
| MD5 Checksum: | e6fa25f71226d090f34de3f6b122fb5a |
|
| /// File Name: |
tcpreplay-1.0.1.tar.gz |
Description:
|
Tcprelay v1.0.1 - Tcpreplay is aimed at testing the performance of a NIDS by replaying real background network traffic in which to hide attacks. Tcpreplay allows you to control the speed at which the traffic is replayed, and can replay arbitrary tcpdump traces. Unlike programmatically-generated artificial traffic which doesn't exercise the application/protocol inspection that a NIDS performs, and doesn't reproduce the real-world anomalies that appear on production networks (asymmetric routes, traffic bursts/lulls, fragmentation, retransmissions, etc.), tcpreplay allows for exact replication of real traffic seen on real networks.
| | File Size: | 252686 | | Last Modified: | Sep 23 01:36:39 1999 |
| MD5 Checksum: | 4b9335761e9202abfc175c06b169e991 |
|
| /// File Name: |
tcpstatflow_v1.1.tgz |
Description:
|
TCPStatFlow is a tool for network administrators which detects covert network tunnels running on ports which are accepted by most outbound firewalls by sniffing the network and measuring the symmetry of the data sent. HTTP / HTTPS / FTP / SMTP / POP3 protocols send much more data one direction than the other, and if a ssh server is set up on these ports, this tool will detect it by noticing that the amounts of data sent don't look like the protocol which is supposed to run on that port.
| | Author: | fryxar | | Homepage: | http://www.geocities.com/fryxar | | File Size: | 9338 | | Last Modified: | Nov 21 13:32:20 2003 |
| MD5 Checksum: | 40e65e3771f0d7e8d24e43286b1ecc0c |
|
| /// File Name: |
thor1.0.tar.gz |
Description:
|
thor.pl 1.0 - thor.pl keeps tabs on suid and sgid files on your file system. It also keeps track of the checksums of your binaries and the root accounts on the system as well as a few other things. It's a handy script that helps you find possible security risks, or breakins.
| | Author: | Jerry Kilpatrick | | File Size: | 5264 | | Last Modified: | Aug 16 20:02:46 1999 |
| MD5 Checksum: | d25bf542ae37a2fadc15d28b5f92faab |
|
| /// File Name: |
tmp-audit-0.3.tar.gz |
Description:
|
tmp-audit is a simple tool designed to monitor a directory and log changes (i.e /tmp). New file size, variable refresh, and header beep options in this release.
| | Author: | Proof Of Concept | | File Size: | 3401 | | Last Modified: | Aug 16 20:02:42 1999 |
| MD5 Checksum: | b902f220dd12ba87319a661c9f9f361c |
|
| /// File Name: |
tmp-audit-0.4.tar.gz |
Description:
|
tmp-audit is a simple tool designed to monitor a directory and log changes (i.e /tmp).
| | Author: | Proof Of Concept | | Changes: | added -w option (dump file content), fixed some stuff in tmp-audit.h. | | File Size: | 3824 | | Last Modified: | Apr 25 11:21:33 1999 |
| MD5 Checksum: | 87e25b432b71a5685ae7cf21e217233e |
|
| /// File Name: |
tmp-audit.tar.gz |
Description:
|
tmp-audit is a tool designed to log directory changes (i.e /tmp). This release includes a signal-oriented interface instead sleep().
| | Author: | Proof Of Concept | | File Size: | 1823 | | Last Modified: | Aug 16 20:02:38 1999 |
| MD5 Checksum: | 4c8e94167bb2a9c5d2716be718c3dee8 |
|
| /// File Name: |
tocsin116.tar.gz |
Description:
|
toscin is a basic IDS system that uses packet filtering to warn against possible attacks against specified services. It basically watches the local network for SYN connections to certain services, and sends notification. Solaris 2.x possibly others.
| | Homepage: | http://www.eng.auburn.edu/users/doug/second.html | | File Size: | 9245 | | Last Modified: | Dec 12 17:32:34 1999 |
| MD5 Checksum: | 65a7bb6db5dc3be7060bd1e5d7bbb134 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
