Section: .. / UNIX / loggers /
| /// File Name: |
netguard-2.0.0.tar.gz |
Description:
|
Netguard 2.0.0 is a lightweight IDS and packet sniffer. It supports Ethernet, PPP, FDDI and local loopback (for debuging). It can log IP, TCP, UDP, ICMP and IGMP packets according to the rules YOU sepcify to syslog, a file or standard input. Uses libpcap.
| | Author: | Monk | | Homepage: | http://iguard.virtualave.net/netguard/ | | Changes: | Full rewrite. Most types of ip/tcp/udp/icmp/igmp header flags can be configured to set off alarms. Released under GPL. | | File Size: | 16531 | | Last Modified: | Mar 24 03:57:24 2000 |
| MD5 Checksum: | e582e3fba29b95e31e8f0dfe9eff245d |
|
| /// File Name: |
iplog-2.1.1.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time.
| | Author: | Odin | | Homepage: | http://ojnk.sourceforge.net/ | | Changes: | Detects a new form of Xmas scan, new option to only log scans, new verbose option to log bad checksums and short header lengths, re-opens interfaces that go down. | | File Size: | 113505 | | Last Modified: | Feb 22 19:07:59 2000 |
| MD5 Checksum: | 4ef5db56ed6b7ef0955ef658d44dcf88 |
|
| /// File Name: |
ippl_1.99.3.orig.tar.gz |
Description:
|
ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas | | Homepage: | http://www.via.ecp.fr/~hugo/ippl/ | | Changes: | Completely rewritten to use libpcap. Various changes including IP options, updated man page & ippl.conf, message repetition. Display bug, pidfile.c, and disabled threads on loopback bugs fixed. | | File Size: | 67060 | | Last Modified: | Jan 31 16:43:57 2000 |
| MD5 Checksum: | f9e8947bb119a6e0a3ee0892a33a4393 |
|
| /// File Name: |
perro-1.0.2.tar.gz |
Description:
|
Perro (The Internet Protocols logger) is a set of three daemons that log incoming IP/TCP, IP/UDP and IP/ICMP packets. It also produces detailed log files.
| | Author: | Diego Javier Grigna | | Homepage: | http://www.grigna.com/diego/linux/perro/ | | Changes: | A Y2K fix. | | File Size: | 27345 | | Last Modified: | Jan 24 16:14:46 2000 |
| MD5 Checksum: | d6c7b6570966abd269fd7bc85b494fa2 |
|
| /// File Name: |
iplog-2.1.0.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time.
| | Author: | Odin | | Homepage: | http://ojnk.sourceforge.net/ | | Changes: | The capability to run in promiscuous mode and monitor a whole network was added. Lots of bug fixes were made. | | File Size: | 109283 | | Last Modified: | Jan 18 12:48:32 2000 |
| MD5 Checksum: | 9bcecd2b829016ec2dba11f031f59317 |
|
| /// File Name: |
SRS.tgz |
Description:
|
SRS is the largest syslog implementation for Unix (or any operating system). It has its own original protocol to ensure reliability.
| | Author: | Matt Conover | | Homepage: | http://www.w00w00.org/files/SRS | | File Size: | 212832 | | Last Modified: | Jan 12 18:10:18 2000 |
| MD5 Checksum: | 5f5e36042cc3ce608b36709113cb63d3 |
|
| /// File Name: |
acl-0.7.0.tar.gz |
Description:
|
Inspired by ColorLogs, acl (Advanced Color Logs) has advanced parsing capabilities, including multiple search strings and negative search strings (matches if the string is not found in the line). It's very useful for highlighting important or non-standard messages from daemons, while not highlighting standard status messages from the same daemons.
| | Author: | Patrick Mullen | | Homepage: | http://www.LinuxRC.org/projects/acl/ | | Changes: | Much more configurability, can "wake up" a console that has been blanked, and special processing for syslog-format files to configure a color for the timestamp, specifying different colors depending on what host generated the message (if syslog is logging remote messages as well) and specification of a special color for highlighting messages from different daemons. | | File Size: | 7845 | | Last Modified: | Jan 7 19:41:58 2000 |
| MD5 Checksum: | 978e4da7eec020aea1efff9c2ab953f8 |
|
| /// File Name: |
squidtaild.2.1a2.tgz |
Description:
|
Squidtaild is a Squid log file monitoring program that will crosscheck new access.log entries with user-defined filters and report all hits (using HTML pages, email, or winpopups). It is ideal for schools and businesses that wish to monitor their Internet activity for policy violations (that can be custom generated).
| | Author: | Stefan Folkerts | | Homepage: | http://trailer.linuxatwork.at/ | | Changes: | This complete Perl rewrite of Trailer is faster, more flexible, and offers more options. | | File Size: | 45786 | | Last Modified: | Jan 2 14:20:56 2000 |
| MD5 Checksum: | acb093fb1deb708a979e894d77166a1e |
|
| /// File Name: |
Sportal-2.2b.tar.gz |
Description:
|
Sportal is made for people that need to know what is going on in their systems. It monitors files that you select, for "hot words" that you also select, through a graphical interface. When a hot word is found in the file being watched, it will let you know. There is no restriction on the numbers of files or hot words.
| | Author: | Rodrigo Alvaro Diaz Leven | | Homepage: | http://sportal.sourceforge.net/ | | Changes: | A lot of bug fixes, a new pallete of colors, faster text scroll, and finished transparent background support. | | File Size: | 124275 | | Last Modified: | Dec 31 00:58:25 1999 |
| MD5 Checksum: | ea47ca356e0b84edba051ce0d5471cb5 |
|
| /// File Name: |
nadas |
Description:
|
The Real Log Clean for Linux OS - Cleans logs under linux and tests the attributes in Ext2fs.
| | Author: | Nelson Brito | | File Size: | 1640 | | Last Modified: | Dec 28 03:28:20 1999 |
| MD5 Checksum: | dbd6606e2994ca3e4d84c89d8cee0ab9 |
|
| /// File Name: |
esm-1.0.tar.gz |
Description:
|
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
| | Homepage: | http://members.tripod.com/%7Eretep/esm.html | | File Size: | 82680 | | Last Modified: | Dec 14 01:04:17 1999 |
| MD5 Checksum: | bf4cd29cbfa14c39a5aadde3b9e99967 |
|
| /// File Name: |
logarp.tar.gz |
Description:
|
logarp is a small perl script which uses tcpdump to grab ethernet and source IP addresses. It runs on the system "learning" these addresses, and logging ether/ip address mismatches. It monitors ethernet/IP address mapping and generates a list of mismatches to stdout. Useful for seeing if users on your subnet are "stealing" IP addresses. Alpha code! Requires perl and tcpdump.
| | Homepage: | http://www.jammed.com/%7Ejwa/Security/ | | File Size: | 7997 | | Last Modified: | Dec 13 05:34:47 1999 |
| MD5 Checksum: | e9ed31d5c644062ac9a6fff357bb147e |
|
| /// File Name: |
arpwatch2.1a4.tar.gz |
Description:
|
Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch requires tcpdump and libpcap. Includes FDDI support, updated ethercodes, uses autoconf.
| | Homepage: | ftp://ftp.ee.lbl.gov/ | | File Size: | 82110 | | Last Modified: | Dec 12 19:09:54 1999 |
| MD5 Checksum: | 8ed0f0b05f98978e4c8fcf73bd4a685a |
|
| /// File Name: |
logit-1.6.tar.gz |
Description:
|
logit is a drop-in replacement for syslog - claims 100% klogd/syslogd compatibility. Supports md5 crypto for data sent over the network to the loghost, limits access to community log files to a group, and other functionality.
| | Homepage: | http://www.cs.uni-potsdam.de/homepages/students/linuxer/ok.html | | File Size: | 52988 | | Last Modified: | Dec 10 04:18:36 1999 |
| MD5 Checksum: | e39fcda8a0c5db2fb0aef33d399e933f |
|
| /// File Name: |
sportal-1.9.5.tar.gz |
Description:
|
Sportal is made for people that need to know what is going on in their systems. It monitors files that you select, for "hot words" that you also select, through a graphical interface. When a hot word is found in the file being watched, it will let you know. There is no restriction on the numbers of files or hot words.
| | Author: | Rodrigo Alvaro Diaz Levin | | Homepage: | http://www.undersec.com/members/elbruj0/sportal/ | | Changes: | A fix for a typo in the source, implementation of transparent windows, a lot of new options in the main GUI, and available binary RPMs and static versions. | | File Size: | 123271 | | Last Modified: | Dec 7 02:34:27 1999 |
| MD5 Checksum: | 03be3452ba3313376c97cf1c98c12c74 |
|
| /// File Name: |
exec.c |
Description:
|
exec.c 1.0.4 is a kernel module which logs all the commands executed on the system. Extremely powerful stealth logging made easy!
| | Author: | Pat Szuta | | Changes: | This release fixes a memory allocation problem. Please update to the current version if you use the module. This module should work on 2.2.* kernels. | | File Size: | 3893 | | Last Modified: | Dec 6 21:58:42 1999 |
| MD5 Checksum: | 1cebecd309b7c1a3b25be810e9cccde4 |
|
| /// File Name: |
iplog-2.0.0.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time.
| | Author: | Odin | | Homepage: | http://ojnk.sourceforge.net/ | | Changes: | Bug fixes and documentation updates. | | File Size: | 105725 | | Last Modified: | Dec 1 14:42:14 1999 |
| MD5 Checksum: | 2e7d20fb1e126a4276d1401942ec08d4 |
|
| /// File Name: |
psting-1.0.tar.gz |
Description:
|
Ping Sting 1.0 - pingsting is an application that monitors networks for ICMP Echo Requests and attempts to determine what application generated the ICMP packets. The method and weaknesses of this method are described at the end of this document.
| | Author: | Anthony Osborne | | Homepage: | http://208.176.87.92/psting/ | | File Size: | 5900 | | Last Modified: | Nov 18 14:51:19 1999 |
| MD5 Checksum: | a8b3ea4afcf826a60bebcbca30d84ec3 |
|
| /// File Name: |
iplog-2.0-1107.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris.
| | Author: | Odin. | | File Size: | 103494 | | Last Modified: | Nov 8 20:23:46 1999 |
| MD5 Checksum: | 904bc099e8186f604f9aa79c2bd9a2cd |
|
| /// File Name: |
multisort-1.1.tar.gz |
Description:
|
multisort can merge multiple httpd logs from a single website distributed on multiple hosts (through round-robin DNS, for example) into a single date-ordered log. It's useful for preprocessing logs before feeding them to analyzers. It's written in C and is quite fast.
| | Author: | Zach Beane | | File Size: | 3520 | | Last Modified: | Oct 28 16:11:31 1999 |
| MD5 Checksum: | c47f7622773022119e1ea21d2b211bd3 |
|
| /// File Name: |
libol-0.2.5.tar.gz |
Description:
|
Libraries needed to compile syslog-ng-1.2.0.
| | Author: | Balazs Scheidler | | File Size: | 152649 | | Last Modified: | Oct 27 19:16:52 1999 |
| MD5 Checksum: | 176730e9118fc3326de8612dd4a6a792 |
|
| /// File Name: |
iplog-2.0-1017.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic, though adding support for other protocols should be relatively easy. iplog 2.0 is complete rewrite of iplog 1.x by behe . As such, it contains all the features supported by iplog 1.x, including a built-in DNS cache, the ability to detect port scans, null scans, and FIN scans, "smurf" attacks, and bogus TCP flags (used by scanners to detect the operating system in use). iplog 2.0 adds detection of Xmas scans, ICMP ping floods, UDP scans, and various IP fragment attacks. As mentioned above, iplog 2.0 has a packet filter.
| | Author: | Odin. | | File Size: | 102875 | | Last Modified: | Oct 17 13:44:38 1999 |
| MD5 Checksum: | 6a2cda10b32e7bf7a46bcdfe1d551c9f |
|
| /// File Name: |
logdaemon-5.7.tar.gz |
Description:
|
Daemons to replace rsh and rlogin with those that log the remote host/user names and provides tcp wrapper access control. Replaces daemons on SunOS, Solaris, Ultrix 4.x. Supports S/KEY style passwords for login/ftp and rexec for many other flavours of UNIX.
| | File Size: | 226809 | | Last Modified: | Oct 5 18:34:12 1999 |
| MD5 Checksum: | a1453554ff4210d5663726551e979c9e |
|
| /// File Name: |
libol-0.1.16.tar.gz |
Description:
|
Libraries needed for latest alpha release snapshots of syslog-ng.
| | Author: | Balazs Scheidler | | File Size: | 136620 | | Last Modified: | Aug 16 20:05:18 1999 |
| MD5 Checksum: | dd59c5b5d2848bdf598815944cdd6664 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
