|
Scanlogd - A port scan detection tool
|
|
Hits: 7 |
|
Date added: 03/03/2006 |
|
scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with.Thus, unlike some of the other port scan detection tools out there, scanlogd is designed to be totally safe to use.
The use of libpcap alone is discouraged. If you're on a system other than Linux and/or want to monitor the traffic of an entire network at once, you should be using libnids in order to handle fragmented IP packets. |
|
|
|
|
|
Sara
|
|
Hits: 4 |
|
Date added: 07/04/2006 |
|
Advanced Research's philosophy relies heavily on software re-use. Rather than inventing a new module, SARA is adapted to interface to other community products. For instance, SARA interfaces with the popular NMAP package for superior Operating System fingerprinting . Also, SARA provides a transparent interface to SAMBA for SMB security analysis. |
|
|
|
|
|
|
Samhain v2.2.0
|
|
Hits: 5 |
|
Date added: 09/24/2006 |
|
File Integrity / Intrusion Detection System
Samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). It has been designed to monitor multiple hosts with potentially different operating systems from a central location, although it can also be used as standalone application on a single host.
Features
Centralized monitoring
The client/server architecture of samhain allows central logging to the server, central storage of baseline databases and client configuration data, and central updates of baseline databases.
Web-based management console
A web-based console - Beltane - is available as separate package. Beltane allows to monitor server and client activity, view client reports, and update the baseline databases on the server side.
Multiple logging facilities
Samhain supports multiple logging facilities, each of which can be configured individually; e.g. tamper-resistant logfile, syslog, email, relational databases (MySQL, PostgreSQL, Oracle, or unixODBC) and the Prelude IDS.
Tamper resistance
Samhain offers PGP-signed database and configuration files, a stealth mode, and several more features to protect against attempts to subvert the integrity of the samhain client / agent. |
|
|
|
|
|
RPAK
|
|
Hits: 12 |
|
Date added: 08/13/2006 |
|
RPAK is a collection of tools that can be useful for taking assessments on routing protocols. It contains tools for RIP, RIP2, IGRP and OSPF.
|
|
|
|
|
|
|
RevHosts 2.0
|
|
Hits: 23 |
|
Date added: 06/20/2007 |
|
Revhosts is a project for Passive information Gathering, it help pentesters to find informations (Host, VirtualHost, DNS entry, Directories, mail address, subnet. |
|
|
|
