Section: .. / sniffers / snort /
| /// File Name: |
idscenter109b23.zip |
Description:
|
IDScenter is a control and management front-end for Windows platform. Main features: Snort 1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
| | Author: | Eclipse | | Homepage: | http://www.packx.net | | Changes: | Working setup package, Delphi libraries compiled in program, Plugin framework update, and small fixes. | | File Size: | 2131231 | | Last Modified: | Dec 17 22:13:37 2002 |
| MD5 Checksum: | ea3f7592d14c57dc4654d876b7b166ca |
|
| /// File Name: |
idscenter109beta2.zip |
Description:
|
Snort IDScenter is a GUI for Snort IDS on Windows platforms. Configuration and management of the IDS can be done using IDScenter. Main features are: Snort configuration wizard (variables, preprocessor plugins, output plugins, rulesets), alert notification via e-mail, sound or only visual notification, alert file monitoring (up to 10 files), MySQL alert detection, Log rotation (compressed archiving of log files), AutoBlock (using NetworkICE BlackICE Defender you can block attackers IP's that Snort logged), integrated log viewer (supports text files, XML and HTML/webpages), program execution if an attack was detected, test configuration feature, etc.
| | Author: | Ueli Kistler | | Homepage: | http://www.packx.net | | File Size: | 1712732 | | Last Modified: | Jun 21 00:35:39 2002 |
| MD5 Checksum: | fcdf7783ecd4871ac3486f373c6cf555 |
|
| /// File Name: |
idscenter11rc1.zip |
Description:
|
IDScenter is a control and management front-end for the Windows platform. Main features: Snort 1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
| | Author: | Ueli Kistler | | Homepage: | http://www.packx.net | | Changes: | Fixed Stream4, Frag2 preprocessors setup, and minor bugs. | | File Size: | 5643663 | | Last Modified: | Feb 10 23:05:46 2003 |
| MD5 Checksum: | fea48e406b50d9471d120b75671ff872 |
|
| /// File Name: |
idscenter11rc3.zip |
Description:
|
IDScenter is a control and management front-end for the Windows platform. Main features: Snort 2.0/1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
| | Author: | Ueli Kistler | | Homepage: | http://www.engagesecurity.com | | Changes: | Snort 2.0 Support and more. | | File Size: | 3994868 | | Last Modified: | Jun 16 20:13:22 2003 |
| MD5 Checksum: | 098008bd009deba5ed6e7236a427cc52 |
|
| /// File Name: |
idscenter11rc4.zip |
Description:
|
IDScenter is a control and management front-end for the Windows platform. Main features: Snort 2.0/1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
| | Author: | Ueli Kistler | | Homepage: | http://www.engagesecurity.com | | Changes: | AlertMail fixed, code audit completed, various other bug fixes. | | File Size: | 4131089 | | Last Modified: | Aug 5 15:38:21 2003 |
| MD5 Checksum: | 04aec740f26711280a93aba64b9e9f13 |
|
| /// File Name: |
idspm.v1.5.1.msi |
Description:
|
IDS Policy Manager was written to manage Snort IDS sensors in a distributed environment. This is done by having the ability to take the text configuration and rule files and allow you to modify them with an easy to use Graphical interface. With the added ability to merge new rule sets, manage pre processors, control output modules and scp rules to sensors, this tool makes managing snort easy for most security professionals.
| | Homepage: | http://www.activeworx.org/ | | File Size: | 2600960 | | Last Modified: | Feb 1 01:16:56 2005 |
| MD5 Checksum: | a8639acbf6e57736d14754f88fe4e747 |
|
| /// File Name: |
idspm.v1.6.0.msi |
Description:
|
IDS Policy Manager was written to manage Snort IDS sensors in a distributed environment. This is done by having the ability to take the text configuration and rule files and allow you to modify them with an easy to use Graphical interface. With the added ability to merge new rule sets, manage pre processors, control output modules and scp rules to sensors, this tool makes managing snort easy for most security professionals.
| | Homepage: | http://www.activeworx.org/ | | Changes: | Support for threshold.conf file, for downloading rules with new format from snort.org, and for new Snort.org reference website format. | | File Size: | 2681856 | | Last Modified: | Mar 24 00:54:56 2005 |
| MD5 Checksum: | 609b65beb28e7a1030926e2b7a9da1a3 |
|
| /// File Name: |
incident-1.0.tar.gz |
Description:
|
incident.pl is a small script that, when given logs generated by snort, can generate an incident report for every event that appears to be an attempted security attack, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar/ | | File Size: | 15958 | | Last Modified: | Mar 4 22:56:02 2001 |
| MD5 Checksum: | e24f92b903343b7b9e81dbd61538787f |
|
| /// File Name: |
incident-1.1.tar.gz |
Description:
|
incident.pl is a small script that, when given logs generated by snort, can generate an incident report for every event that appears to be an attempted security attack, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar/ | | Changes: | The recipients of reports are now logged in a file. Non-standard characters were removed from email addresses. | | File Size: | 16199 | | Last Modified: | Mar 21 15:36:24 2001 |
| MD5 Checksum: | 9e2aaf2b4ba1a9638beda62d0a8fbdba |
|
| /// File Name: |
incident-1.2.tar.gz |
Description:
|
incident.pl is a small script that, when given logs generated by snort, can generate an incident report for every event that appears to be an attempted security attack, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar/ | | Changes: | The recipients of reports are now logged in a file. Non-standard characters were removed from email addresses. | | File Size: | 17315 | | Last Modified: | Apr 6 19:10:48 2001 |
| MD5 Checksum: | 54aecdf77f19f64604ba822a834d1f6a |
|
| /// File Name: |
incident-1.3.tar.gz |
Description:
|
Incident.pl is a small script that, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | Some output formatting has been fixed, and SIGINT (ctrl-c) will do some cleanup before dying. This version has stricter parsing of the subject when doing email followup, and shows whether XWD failed or succeeded. An example email that is sent to the archive has been added. "security[at]" and "noc[at]" have been added to emails that are notified, and configuration can now be specified in a configuration file. | | File Size: | 10885 | | Last Modified: | May 14 14:00:06 2001 |
| MD5 Checksum: | 24ba0152a526c533dd7426d3f6aba379 |
|
| /// File Name: |
incident-1.5.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | More registrars have been added to the ignore list to avoid sending reports to the wrong people. More WHOIS servers have been added for querying. A '-x' option has been added to only do contact information gathering on a host and dump a list of admin emails to output, and some other minor bugs were corrected. | | File Size: | 12931 | | Last Modified: | Aug 12 21:29:12 2001 |
| MD5 Checksum: | dae08c4cb001ee5be5872329a4a09f62 |
|
| /// File Name: |
incident-1.7.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | New AU whois servers added, changed: lines from whois are now ignored unless no other contacts are found A few more whois server error messages are handled properly, and timeouts/retries for whois are now configurable. Some other minor bugfixes were also done. | | File Size: | 58273 | | Last Modified: | Oct 10 23:48:27 2001 |
| MD5 Checksum: | c095dc64bea5d14dff1d209878e5b66e |
|
| /// File Name: |
incident-1.8.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | RWHOIS is now being used for ARIN as well as domain lookups. Bugs have been fixed. | | File Size: | 60662 | | Last Modified: | Oct 18 02:17:44 2001 |
| MD5 Checksum: | 8a25ba34874ef5c871cd46ca14b95d2b |
|
| /// File Name: |
incident-2.0.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | Switched back to WHOIS for IP lookups with a fallback to RWHOIS due to the fact that rwhois.arin.net is so often overloaded. | | File Size: | 63838 | | Last Modified: | Nov 14 02:47:41 2001 |
| MD5 Checksum: | ce37642303fc0713d5093e4ef9ac1588 |
|
| /// File Name: |
incident-2.2.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | Whois.abuse.net is now queried for contacts. An option to not ignore 'Received:' lines in the input has been added. | | File Size: | 65137 | | Last Modified: | Jun 3 00:41:59 2002 |
| MD5 Checksum: | 867a342d88043e99772f83e07e968309 |
|
| /// File Name: |
incident-2.3.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | When showing an excerpt of logs, the number of matching lines is now shown to express the severity of attack. A bug was also fixed that would consider certain FQDNs as IPs. | | File Size: | 65308 | | Last Modified: | Aug 30 01:15:46 2002 |
| MD5 Checksum: | 41d2385db00ec530293f43697d44b317 |
|
| /// File Name: |
incident-2.4.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Homepage: | http://www.cse.fau.edu/~valankar | | Changes: | Incident entries reported from WHOIS servers such as RIPE now take priority over other email addresses listed in the same WHOIS output. | | File Size: | 64962 | | Last Modified: | Dec 29 05:11:53 2002 |
| MD5 Checksum: | 392c44d76299cc35cbe36e1c05ae1ce7 |
|
| /// File Name: |
incident-2.8.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Author: | Viraj Alankar | | Homepage: | http://www.bigfoot.com/~valankar/ | | Changes: | Various bug fixes. | | File Size: | 65292 | | Last Modified: | Sep 4 15:11:00 2003 |
| MD5 Checksum: | 57cdf97dd8791ff46107e11288ba649e |
|
| /// File Name: |
incident-2.9.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Author: | Viraj Alankar | | Homepage: | http://www.bigfoot.com/~valankar/ | | Changes: | RIPE redirect stopped working due to arin result changing. Fixed. | | File Size: | 65331 | | Last Modified: | Nov 20 15:06:55 2005 |
| MD5 Checksum: | a294cb57de5f5dc3e63f3e100a8808aa |
|
| /// File Name: |
liveSnort-1.0-stable.tar.gz |
Description:
|
liveSnort is a simple, yet useful live Snort monitoring web-application that takes advantage of AJAX/Web 2.0 technology to make the task of monitoring and viewing the most recent Snort events easier.
| | Author: | Remote Assessment | | Homepage: | http://www.aanval.com/liveSnort/ | | File Size: | 9158 | | Last Modified: | Dec 12 17:38:32 2007 |
| MD5 Checksum: | 0173424aa299b2701d9e4ed32714c0fd |
|
| /// File Name: |
mbd.tar.gz |
Description:
|
NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
| | Author: | msconzo | | Homepage: | http://security.tamu.edu/db.html | | File Size: | 7911 | | Last Modified: | May 16 22:57:37 2004 |
| MD5 Checksum: | ef5f44b783aab6c76b7c6289cdebcac3 |
|
| /// File Name: |
MIDAS-2.1a.tar.gz |
Description:
|
MIDAS NMS is a configurable web based network monitoring and network intrusion detection server. It uses a distributed client/server model that allows it to scale to very large networks, and features highly optimized Snort support that dramatically reduces the overhead of both the Snort Sensor and the alert data repository. Also supports Netsaint/Nagios plugins and Big Brother clients, allowing for easy migration.
| | Homepage: | http://midas-nms.sourceforge.net | | Changes: | Web interface was completely rewritten and much improved. The requirement of rrdtool was removed. Internal SQL tables and PHP functions are now used to produce graphs. Several major and minor bugs were fixed. | | File Size: | 1503927 | | Last Modified: | Dec 3 15:58:00 2003 |
| MD5 Checksum: | c265b80334ede224859114141ae605c3 |
|
| /// File Name: |
mudpit-1.4.tar.gz |
Description:
|
Mudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.
| | Author: | farm9opensource | | File Size: | 391925 | | Last Modified: | Jun 23 05:07:48 2005 |
| MD5 Checksum: | 24b732eadc333f4704ad7459280d7533 |
|
| /// File Name: |
mudpit-1.5.tar.gz |
Description:
|
Mudpit is an intelligent, modular, and reliable spool processor for Snort's unified format.
| | Author: | farm9opensource | | Changes: | Added per spool configuration variables for SID/Gen map, reference, and class files. Improved logging system, log at appropriate priorities. Improved autoconf mysql detection code and support for custom plugins supplied at configure time. | | File Size: | 396227 | | Last Modified: | Oct 26 11:49:29 2005 |
| MD5 Checksum: | e2294b01bc9a225720124842386b61e2 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
