Section: .. / sniffers / snort /
| /// File Name: |
sass.snort.txt |
Description:
|
Snort signatures that identify the new Sass worm that is propagating.
| | Author: | Martin Overton | | Related Exploit: | HOD-ms04011-lsasrv-expl.c | | File Size: | 1000 | | Last Modified: | May 3 22:58:36 2004 |
| MD5 Checksum: | 65392ba74c0fbbd684793905ac32c32d |
|
| /// File Name: |
FLoP-1.2.1.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 521824 | | Last Modified: | Apr 22 00:19:00 2004 |
| MD5 Checksum: | b920e0a575df8a4a141744e694ff852d |
|
| /// File Name: |
cctde-0.2.tar.gz |
Description:
|
CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
| | Author: | Simon Castro | | Homepage: | http://gray-world.net/pr_cctde.shtml | | Changes: | First public release. | | File Size: | 263600 | | Last Modified: | Apr 19 12:36:00 2004 |
| MD5 Checksum: | a0fd7e48315d3e38b1c6a3fd689fb47a |
|
| /// File Name: |
sntm-1.1.2.tgz |
Description:
|
sntm is a Qt based GUI snort monitor. Currently, it is capable of monitoring multiple snort sensors in a centralized monitor screen. Each snort sensor creates a SSL encrypted communication thread to connect to the monitored server and each communication channel has its own certificate and private key.
| | Author: | Min Hsu | | Homepage: | http://sntm.sourceforge.net/ | | File Size: | 349970 | | Last Modified: | Apr 8 10:24:00 2004 |
| MD5 Checksum: | 21f97dda1395bd2c6b9c5a72b70a2343 |
|
| /// File Name: |
FLoP-1.2.0.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 521163 | | Last Modified: | Apr 3 09:01:00 2004 |
| MD5 Checksum: | 76a3e5a3bc4d9c95c53631cde6585956 |
|
| /// File Name: |
snortalog_v2.2.RC2.tgz |
Description:
|
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.
| | Author: | Jeremy Chartier | | Homepage: | http://jeremy.chartier.free.fr/snortalog/ | | File Size: | 392608 | | Last Modified: | Mar 1 14:01:00 2004 |
| MD5 Checksum: | b9c0d6a4d1ecfe27848b857da1c4e3a4 |
|
| /// File Name: |
snort-2.1.1.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Fixed bugs and added signatures. | | File Size: | 2309735 | | Last Modified: | Feb 26 02:02:00 2004 |
| MD5 Checksum: | f53ce230616c1f6aafedf546a7cc0f0f |
|
| /// File Name: |
cctde-0.1.tar.gz |
Description:
|
CCTDE is designed as an analysis backend for the Snort NIDS tool and focuses on providing a way to register and disclose information leading to the detection of unauthorized tunnels and covert channels.
| | Author: | Simon Castro | | Homepage: | http://gray-world.net/pr_cctde.shtml | | File Size: | 251040 | | Last Modified: | Feb 6 13:03:00 2004 |
| MD5 Checksum: | 0ee9ae61c16fdaa0acb6d139485636bc |
|
| /// File Name: |
snort-2.1.0.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Fixed bugs and added signatures. | | File Size: | 2244701 | | Last Modified: | Dec 29 01:41:56 2003 |
| MD5 Checksum: | 1da6d683d18b39a72a3c277e8deffc69 |
|
| /// File Name: |
mysecrep.gz |
Description:
|
mysecrep version 0.8 generates an audit-report from the syslog messages from snort, pcds and samhain, thus covering a whole range of security-tools, packed in 1 report. The report written is to disk and send via email. Written in Perl.
| | Author: | Bart Somers | | Homepage: | http://doornenburg.homelinux.net/scripts/ | | Changes: | Cleaned up snort reporting, making it more flexable to extend or modify. Modified the file mask settings. | | File Size: | 2267 | | Last Modified: | Dec 29 00:41:57 2003 |
| MD5 Checksum: | eae9d5901b568ea0587f60aed0c647c0 |
|
| /// File Name: |
iamdohv1.tgz |
Description:
|
i-am-doh is a utility that filters approximately 75% of all false-positives given by an IDS. It uses existing reliable tools like Nmap, Nessus, and Amap to validate IDS alerts based on the following criteria and techniques: OS identification, service identification, port scanning, vulnerability scanning, online CVE and bug interpretation, and server importance weighting.
| | Author: | loud-fat-bloke | | File Size: | 16209 | | Last Modified: | Dec 23 04:33:36 2003 |
| MD5 Checksum: | e678dc630586ec0cbf1e183c4318ac35 |
|
| /// File Name: |
FLoP-1.0.6.tar.gz |
Description:
|
FLoP is utility designed to gather alerts with a payload from distributed Snort sensors at a central server, and to store them in a database. Both PostgreSQL and MySQL are currently supported. High priority alerts may be sent out via e-mail.
| | Author: | DG | | Homepage: | http://www.geschke-online.de/FLoP | | File Size: | 473910 | | Last Modified: | Dec 18 00:28:24 2003 |
| MD5 Checksum: | 02bb58658b58d506b32a5aa7024cf635 |
|
| /// File Name: |
MIDAS-2.1a.tar.gz |
Description:
|
MIDAS NMS is a configurable web based network monitoring and network intrusion detection server. It uses a distributed client/server model that allows it to scale to very large networks, and features highly optimized Snort support that dramatically reduces the overhead of both the Snort Sensor and the alert data repository. Also supports Netsaint/Nagios plugins and Big Brother clients, allowing for easy migration.
| | Homepage: | http://midas-nms.sourceforge.net | | Changes: | Web interface was completely rewritten and much improved. The requirement of rrdtool was removed. Internal SQL tables and PHP functions are now used to produce graphs. Several major and minor bugs were fixed. | | File Size: | 1503927 | | Last Modified: | Dec 3 15:58:00 2003 |
| MD5 Checksum: | c265b80334ede224859114141ae605c3 |
|
| /// File Name: |
oinkmaster-0.9.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Östling | | Homepage: | http://nitzer.dhs.org/oinkmaster/ | | Changes: | Bug fixes. | | File Size: | 38511 | | Last Modified: | Dec 3 15:51:01 2003 |
| MD5 Checksum: | 8ed30c07f2ef5c977e1201a014bf9c5c |
|
| /// File Name: |
snort-2.0.5.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Stream4 fixes from Andrew Rucker Jones. Allow memcap to be configured for threshold features. | | File Size: | 1951308 | | Last Modified: | Nov 21 18:57:55 2003 |
| MD5 Checksum: | f129ee00a3d6e7b7c1ff4a1e1fba3a08 |
|
| /// File Name: |
snort-2.0.4.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Fixed a core dump introduced with 2.0.3 when dealing with negated patterns. Users are encouraged to upgrade. | | File Size: | 1951380 | | Last Modified: | Nov 7 14:15:55 2003 |
| MD5 Checksum: | 8cff1ab5b6ab0ff507fb7264a05be05b |
|
| /// File Name: |
snort-2.0.3.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | RPMs can now be made by running rpmbuild against the tarball. Various bug fixes. | | File Size: | 1950714 | | Last Modified: | Nov 5 00:06:48 2003 |
| MD5 Checksum: | ef4ec429ee368dcf9e15cefe99629053 |
|
| /// File Name: |
snort-2.0.2.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Added Thresholding and Suppression features, Fixed TCP RST processing bug, Cleanup of spp_arpspoof, Cleanup of win32 version including proper Event Log support, and munged data fixes for stream4. | | File Size: | 1885220 | | Last Modified: | Sep 18 14:22:32 2003 |
| MD5 Checksum: | 21b14d90e2a323831d85f3d845d64b23 |
|
| /// File Name: |
incident-2.8.tar.gz |
Description:
|
Incident.pl is a small script which, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.
| | Author: | Viraj Alankar | | Homepage: | http://www.bigfoot.com/~valankar/ | | Changes: | Various bug fixes. | | File Size: | 65292 | | Last Modified: | Sep 4 15:11:00 2003 |
| MD5 Checksum: | 57cdf97dd8791ff46107e11288ba649e |
|
| /// File Name: |
oinkmaster-0.8.tar.gz |
Description:
|
Oinkmaster is simple Perl script released under the BSD license to help update and manage Snort 2.0+ rules and to comment out the unwanted ones after each update. It will report what has changed since the last update, offering good change control.
| | Author: | Andreas Östling | | Homepage: | http://nitzer.dhs.org/oinkmaster/ | | File Size: | 31725 | | Last Modified: | Sep 3 23:28:07 2003 |
| MD5 Checksum: | e888fb4d76c78c16e205984675fea78f |
|
| /// File Name: |
idscenter11rc4.zip |
Description:
|
IDScenter is a control and management front-end for the Windows platform. Main features: Snort 2.0/1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
| | Author: | Ueli Kistler | | Homepage: | http://www.engagesecurity.com | | Changes: | AlertMail fixed, code audit completed, various other bug fixes. | | File Size: | 4131089 | | Last Modified: | Aug 5 15:38:21 2003 |
| MD5 Checksum: | 04aec740f26711280a93aba64b9e9f13 |
|
| /// File Name: |
snort-2.0.1.tar.gz |
Description:
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient.
| | Author: | Martin Roesch | | Homepage: | http://www.snort.org | | Changes: | Fixed host endianness problem in UDP decoder, VLAN decoding fixes from Michael Pomraning, add edtcp state checking to httpflow, added window detection plugin documentation to manual, lots of new rules and tons of new rule documentation, and more documented in the changelog. | | File Size: | 1817646 | | Last Modified: | Jul 24 16:29:05 2003 |
| MD5 Checksum: | ab5bdd0cab96fe521d11d2c6d804518f |
|
| /// File Name: |
idscenter11rc3.zip |
Description:
|
IDScenter is a control and management front-end for the Windows platform. Main features: Snort 2.0/1.9/1.8/1.7 support, Snort service support, Snort configuration wizard, Rule editor, AutoBlock plugins (Network ICE BlackICE Defender plugin included (Delphi, open-source), Plugin framework for Delphi included), MySQL alert detection & file monitoring, e-mail alerts / alarm sound alerts / visual notification, etc.
| | Author: | Ueli Kistler | | Homepage: | http://www.engagesecurity.com | | Changes: | Snort 2.0 Support and more. | | File Size: | 3994868 | | Last Modified: | Jun 16 20:13:22 2003 |
| MD5 Checksum: | 098008bd009deba5ed6e7236a427cc52 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
