|
PLA
|
|
Hits: 4 |
|
Date added: 11/18/2006 |
|
PIX Logging Architecture is a free and open-source project allowing for correlation of Cisco PIX Firewall Traffic and IDS Logs. PIX Log message parsing is performed through the use of the PLA parsing module or PLA Msyslogd module. Centralization of the logs is provided using a MySQL database, supported by a Web-based frontend for Log Viewing, Searching, and Event Management. PIX Logging Architecture is completely coded in the Perl programming language, and uses various Perl modules including Perl::DBI and Perl::CGI.
The PIX Logging Architecture parsing module, which is responsible for extracting the necessary fields from the PIX system log messages, gather information including, but not limited to, Translations (Xlate's), Informative Log Messages (i.e. PIX Failover, PIX VPN Establishment, PIX Interface Up/Down, PIX PPPoE VPDN establishment and the like). All the parsing information needed by the PLA Parsing Daemon (pla_parsed) in order to extract data from the logs is stored in the database, allowing for easy updates of the supported log messages without having to replace the parsing scripts.
The PLA Parsing Daemon runs as a daemonized Perl process in the background and reads straight and in quasi real-time from the system log files, so no more need to create crontab jobs like before and having to restart syslogd all the time.
Parse-Time Filtering:
With the PIX Logging Architecture v2.00 version comes the ability to perform parse-time filtering. Parse-time filtering allows you to use the PLA web interface to define traffic which you do not wish you log (i.e. between specific IP pairs and ports, on specific protocols, on specific firewalls). The PLA Parse Daemon (pla_parsed) then checks the incoming firewall logs and will exclude any traffic which matches the parse-time filters. Using these parse filters allows to keep tabs on the database size and prevents you from having to log all data.
Here's a summary of what you need to run PIX Logging Architecture v2.00 Beta 1:
1.Cisco PIX Firewall or FireWall Services Module
2.Logging host with syslog
3.Perl (and several Perl modules)
4.MySQL Database
5.Apache Web Server
6.PIX Logging Architecture (PLA) Parsing Daemon
7.(included in PLA v2.00 Beta 1 package) PIX Logging Architecture (PLA) Database SQL File
8.(included in PLA v2.00 Beta 1 package) PIX Logging Architecture (PLA) Web-based Front End
(included in PLA v2.00 Beta 1 package)
|
|
|
|
|
|
Sara
|
|
Hits: 4 |
|
Date added: 07/04/2006 |
|
Advanced Research's philosophy relies heavily on software re-use. Rather than inventing a new module, SARA is adapted to interface to other community products. For instance, SARA interfaces with the popular NMAP package for superior Operating System fingerprinting . Also, SARA provides a transparent interface to SAMBA for SMB security analysis. |
|
|
|
|
|
PDA Telnet
|
|
Hits: 5 |
|
Date added: 01/24/2005 |
|
TelNet |
|
|
|
|
|
|
PeachFuzz
|
|
Hits: 5 |
|
Date added: 06/29/2005 |
|
A highly customizable clear text protocol fuzzer. Includes templates for FTP, IMAP4, POP3, and SMTP protocols. (Useful for finding application flaws) |
|
|
|
|
|
|
Proxy v4.14
|
|
Hits: 5 |
|
Date added: 01/27/2005 |
|
Do you have several machines on a network, but only one connection to the internet? Wish you could browse the net from the other machines, just like you can from the machine that's connected? Then what you're looking for is called a Proxy Server, and AnalogX has just what you want. AnalogX Proxy is a small and simple server that allows any other machine on your local network to route it's requests through a central machine. So what does that mean in English? Simple, run Proxy on the machine with the internet connection; configure the other machines to use a proxy (it's very easy, there's a detailed description in the readme), and voila! You're surfing the web from any other machine on your network! Supports HTTP (web), HTTPS (secure web), POP3 (recieve mail), SMTP (send mail), NNTP (newsgroups), FTP (file transfer), and Socks4/4a and partial Socks5 (no UDP) protocols! It works great with Internet Explorer, Netscape, AOL, AOL Instant Messenger, Microsoft Messenger, and many more! |
|
|
|
