|
PLA
|
|
Hits: 4 |
|
Date added: 11/18/2006 |
|
PIX Logging Architecture is a free and open-source project allowing for correlation of Cisco PIX Firewall Traffic and IDS Logs. PIX Log message parsing is performed through the use of the PLA parsing module or PLA Msyslogd module. Centralization of the logs is provided using a MySQL database, supported by a Web-based frontend for Log Viewing, Searching, and Event Management. PIX Logging Architecture is completely coded in the Perl programming language, and uses various Perl modules including Perl::DBI and Perl::CGI.
The PIX Logging Architecture parsing module, which is responsible for extracting the necessary fields from the PIX system log messages, gather information including, but not limited to, Translations (Xlate's), Informative Log Messages (i.e. PIX Failover, PIX VPN Establishment, PIX Interface Up/Down, PIX PPPoE VPDN establishment and the like). All the parsing information needed by the PLA Parsing Daemon (pla_parsed) in order to extract data from the logs is stored in the database, allowing for easy updates of the supported log messages without having to replace the parsing scripts.
The PLA Parsing Daemon runs as a daemonized Perl process in the background and reads straight and in quasi real-time from the system log files, so no more need to create crontab jobs like before and having to restart syslogd all the time.
Parse-Time Filtering:
With the PIX Logging Architecture v2.00 version comes the ability to perform parse-time filtering. Parse-time filtering allows you to use the PLA web interface to define traffic which you do not wish you log (i.e. between specific IP pairs and ports, on specific protocols, on specific firewalls). The PLA Parse Daemon (pla_parsed) then checks the incoming firewall logs and will exclude any traffic which matches the parse-time filters. Using these parse filters allows to keep tabs on the database size and prevents you from having to log all data.
Here's a summary of what you need to run PIX Logging Architecture v2.00 Beta 1:
1.Cisco PIX Firewall or FireWall Services Module
2.Logging host with syslog
3.Perl (and several Perl modules)
4.MySQL Database
5.Apache Web Server
6.PIX Logging Architecture (PLA) Parsing Daemon
7.(included in PLA v2.00 Beta 1 package) PIX Logging Architecture (PLA) Database SQL File
8.(included in PLA v2.00 Beta 1 package) PIX Logging Architecture (PLA) Web-based Front End
(included in PLA v2.00 Beta 1 package)
|
|
|
|
|
|
|
PIX Checksum DoS
|
|
Hits: 8 |
|
Date added: 11/13/2006 |
|
This is a proof of concept program that demonstrates the vulnerability of Cisco PIX devices to a Denial of Service attack using a spoofed bad checksum packet. |
|
|
|
|
|
PeachFuzz
|
|
Hits: 5 |
|
Date added: 06/29/2005 |
|
A highly customizable clear text protocol fuzzer. Includes templates for FTP, IMAP4, POP3, and SMTP protocols. (Useful for finding application flaws) |
|
|
|
|
|
|
PDA Telnet
|
|
Hits: 5 |
|
Date added: 01/24/2005 |
|
TelNet |
|
|
|
|
|
Pcapy v0.10.5
|
|
Hits: 7 |
|
Date added: 09/14/2007 |
|
Pcapy is a Python extension module that interfaces with the libpcap packet capture library. Pcapy enables python scripts to capture packets on the network. Pcapy is highly effective when used in conjunction with a packet-handling package such as Impacket, which is a collection of Python classes for constructing and dissecting network packets. |
|
|
|
