Section: .. / sniffers / snort /
| /// File Name: |
placid-2.0.5.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | Changes: | Bug fixes. Minor additions and changes. | | File Size: | 28022 | | Last Modified: | Dec 11 15:15:55 2004 |
| MD5 Checksum: | a3653eec44cd2c539a0c979f13f2113f |
|
| /// File Name: |
base-1.0.tar.gz |
Description:
|
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
| | Author: | Kevin Johnson | | Homepage: | http://sourceforge.net/projects/secureideas/ | | Changes: | Various bug fixes. | | File Size: | 247642 | | Last Modified: | Dec 11 15:14:25 2004 |
| MD5 Checksum: | ee1cd5f730879d3d15dfd4d6434667be |
|
| /// File Name: |
openaanval-1.53-stable.tar.gz |
Description:
|
Openaanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, openaanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. Several primary features are account hierarchy, data-archiving, real-time data displays, auto signature updating, sensor management tools, easy upgrading, advanced searching, artificial intelligence, timezone control, charts/graphs, query saving and more.
| | Homepage: | http://www.aanval.com | | Changes: | New sensor mgmt tools for auto sig updates, RALPH additions, additional performance, and many bug fixes. | | File Size: | 2169133 | | Last Modified: | Dec 7 03:27:30 2004 |
| MD5 Checksum: | 5d2da3ac491cdd598b08feb07db7eb93 |
|
| /// File Name: |
base-0.9.8.tar.gz |
Description:
|
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
| | Author: | Kevin Johnson | | Homepage: | http://sourceforge.net/projects/secureideas/ | | Changes: | Various bug fixes. | | File Size: | 116487 | | Last Modified: | Oct 26 01:28:37 2004 |
| MD5 Checksum: | dc4c56314b6b7708dc940bae0c9f795d |
|
| /// File Name: |
SnortSnmpMod-2.2.0-01.tgz |
Description:
|
The snortSnmpPlugin enables snort to send SNMP alerts to network management systems (NMS). The alerts can be traps (the alert will not be acknowledged by the receiver) or informs (the alert will be acknowledged by the receiver ). This is version 2.2.0-01.
| | Homepage: | http://www.cysol.co.jp/contrib/snortsnmp/ | | File Size: | 36609 | | Last Modified: | Oct 24 16:34:27 2004 |
| MD5 Checksum: | 816193a428dfa0950be161e1e9729fe7 |
|
| /// File Name: |
oinkmaster-1.1.tar.gz |
Description:
|
Version 1.1 of Oinkmaster. Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://oinkmaster.sourceforge.net/ | | File Size: | 69947 | | Last Modified: | Oct 24 13:49:17 2004 |
| MD5 Checksum: | 28cfaf6220f5fc3fa3f3838ea33cecf1 |
|
| /// File Name: |
FLoP-1.4.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Feature enhancements and bug fixes. | | File Size: | 578420 | | Last Modified: | Oct 13 03:58:10 2004 |
| MD5 Checksum: | 612df03e2ca4ddd05cded6f08561889d |
|
| /// File Name: |
openaanval-1.52-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | New 1.52 features include database auto-archiving, ICMP and port scanning module, RALPH (Remote Assessment Logically Programmed Humanoid), Community Module, many bug fixes and more. | | File Size: | 2156729 | | Last Modified: | Oct 13 02:53:18 2004 |
| MD5 Checksum: | 8865637e7c072e36ee76a36c289d2e42 |
|
| /// File Name: |
placid-2.0.3.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | Changes: | Bug fixes. Minor additions and changes. | | File Size: | 23673 | | Last Modified: | Sep 15 01:07:28 2004 |
| MD5 Checksum: | d1d9567937ae2c8b4c21c0d14c504006 |
|
| /// File Name: |
base-0.9.7.1.tar.gz |
Description:
|
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a Web frontend to query and analyze the alerts coming from a Snort IDS.
| | Author: | Kevin Johnson | | Homepage: | http://sourceforge.net/projects/secureideas/ | | File Size: | 108111 | | Last Modified: | Sep 10 01:56:52 2004 |
| MD5 Checksum: | dec9b098db9e737d49d745b5fb0134b4 |
|
| /// File Name: |
snortalog_v2.3.0b.tgz |
Description:
|
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
| | Author: | Jeremy Chartier | | Homepage: | http://jeremy.chartier.free.fr/snortalog/ | | Changes: | Whois Database information available with -w option, Pix ICMP log detection enhancement, Smartdefense ICMP log detection enhancement, HTML output improvement, PDF output improvement, and more. | | File Size: | 426564 | | Last Modified: | Sep 9 04:27:52 2004 |
| MD5 Checksum: | fb06e8471ded78d8a7b31cdabb8b2169 |
|
| /// File Name: |
openaanval-1.50-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | New features of 1.50 include all new notes and incident tracking system. Additional syslog support now works with any device including cisco, sonicwall and more. New setup and installation system and much, much more. | | File Size: | 2013155 | | Last Modified: | Aug 17 01:20:58 2004 |
| MD5 Checksum: | 6f1ebf4effc89562f6124da3d3d42429 |
|
| /// File Name: |
snort-2.2.0.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Bug fixes. | | File Size: | 2498466 | | Last Modified: | Aug 12 03:16:18 2004 |
| MD5 Checksum: | 6194278217e4e3f733b046256a31f0e6 |
|
| /// File Name: |
netsquid.tar.gz |
Description:
|
NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
| | Author: | msconzo | | Homepage: | http://security.tamu.edu/db.html | | Changes: | Bug fixes and code cleanup. | | File Size: | 11700 | | Last Modified: | Jul 14 12:17:00 2004 |
| MD5 Checksum: | 19e7aae0da3a00b4c06694f6f8809919 |
|
| /// File Name: |
FLoP-1.3.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | Changes: | Feature enhancements and bug fixes. | | File Size: | 555098 | | Last Modified: | Jul 8 11:28:00 2004 |
| MD5 Checksum: | 012d38e1efe8ea51d1c2f08790bccaf5 |
|
| /// File Name: |
placid-2.0.2.tar.gz |
Description:
|
Placid is a Web-based frontend for Snort that uses MySQL. It supports searching, sorting, and graphing of events, and was designed for speed and to have little overhead.
| | Author: | Phillip Deneault | | Homepage: | http://speakeasy.wpi.edu/placid/ | | File Size: | 23641 | | Last Modified: | Jun 18 00:31:12 2004 |
| MD5 Checksum: | 7772b3d934d1fb3570c05d335ede895d |
|
| /// File Name: |
snort-2.1.3.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Bug fixes. | | File Size: | 2379344 | | Last Modified: | Jun 3 13:26:56 2004 |
| MD5 Checksum: | 76a538d27c23d51dbed43b04c06114e1 |
|
| /// File Name: |
FLoP-1.2.3.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 537905 | | Last Modified: | May 29 14:06:49 2004 |
| MD5 Checksum: | cc5a7a0a07131d462b94458ca4521724 |
|
| /// File Name: |
openaanval-1.48-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | Miscellaneous bug fixes including a client side memory leak. In addition various new features have been added and streamlined. | | File Size: | 1966981 | | Last Modified: | May 20 17:52:51 2004 |
| MD5 Checksum: | 43453b81db08a3373a0e55b859d5e139 |
|
| /// File Name: |
oinkmaster-1.0.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Oestling | | Homepage: | http://nitzer.dhs.org/oinkmaster/ | | Changes: | Feature enhancements, bug fixes, and many other improvements. | | File Size: | 59252 | | Last Modified: | May 17 23:12:11 2004 |
| MD5 Checksum: | 1140fb5484944691268579ca7fc83518 |
|
| /// File Name: |
mbd.tar.gz |
Description:
|
NetSQUID is a Perl script that sits inbetween Snort and IPTables. It looks at the alerts generated by Snort, then automatically creates an IPTables firewall entry to block problematic hosts (such as those infected by viruses). Web traffic is redirected to a webserver that can alert the user to the infection. The host is automatically unblocked after a specified time (hopefully reducing calls to your NOC). It can also send out DHCP address requests, so rogue DHCP servers can be detected by Snort.
| | Author: | msconzo | | Homepage: | http://security.tamu.edu/db.html | | File Size: | 7911 | | Last Modified: | May 16 22:57:37 2004 |
| MD5 Checksum: | ef5f44b783aab6c76b7c6289cdebcac3 |
|
| /// File Name: |
openaanval-1.47-stable.tar.gz |
Description:
|
OpenAanval is an open-source web based Snort intrusion detection console. Currently supporting Snort and syslog, OpenAanval provides dynamic monitoring, comprehensive reporting and powerful alerting capabilities. OpenAanval supports multiple sensors of multiple intrusion detection system types. OpenAanval's web-browser interface provides live auto-updating technology which provides real time event viewing from any Internet connected web-browser.
| | Homepage: | http://www.aanval.com | | Changes: | This release includes a few major bug fixes and several minor new features. | | File Size: | 1964407 | | Last Modified: | May 9 15:07:04 2004 |
| MD5 Checksum: | 83bc704655e4578d092671b549fcf5ea |
|
| /// File Name: |
snortalog_v2.2.1.tgz |
Description:
|
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
| | Author: | Jeremy Chartier | | Homepage: | http://jeremy.chartier.free.fr/snortalog/ | | Changes: | New HTML output, TEXT output improvement, GUI improvement, bug fixes. | | File Size: | 423580 | | Last Modified: | May 9 12:45:03 2004 |
| MD5 Checksum: | 123cb4ec30b782cfe541c6edc25b7642 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
