Section: .. / UNIX / IDS /
| /// File Name: |
trappa.tar.gz |
Description:
|
Trappa detects a CGI scan and sends an alert message to syslog with the attackers IP+Web Browser. Works by installing decoy CGI scripts in the cgi-bin directory.
| | Author: | Narrow | | Homepage: | http://www.b0f.com | | File Size: | 1620 | | Last Modified: | May 7 18:26:54 2000 |
| MD5 Checksum: | 363448532830a960dc354287a21ad11f |
|
| /// File Name: |
treeps-1.1.0.tar.gz |
Description:
|
treeps 1.1.0 - Treeps is a X/Motif program for Unix/Linux that is designed to make monitoring and interacting with the running programs on your system easy and intuative. A "real time" tree view shows the relationships between the processes and is color coded to provide easy interpretation of various values. The process tree displays any combination of users/groups and can be used to drill down into process details and then extract key fields for continous monitoring.
| | Author: | George MacDonald. | | Changes: | Process Activity "LED's" to show state/load/priority, leader bars to show /group/session leaders, process tips for mouseover glances at key process info, many icon bar changes, color icons, larger and more icons, much more linux info, better user/group selection from group/user tree dialog, std. usage of colors, better auto sizing of window, many layout changes (esp star layout), RPM packages, KDE install script, man/strace/renice processes, renice subtree, single click kill, and many bug fixes. | | File Size: | 276357 | | Last Modified: | Aug 16 20:02:44 1999 |
| MD5 Checksum: | 6a8c7ab7b0a851ee9d34a651d4ab2540 |
|
| /// File Name: |
triplight.tar.gz |
Description:
|
Triplight 0.01 - Triplight is an intrusion detection, and integrity monitor system. It is a simpler version of tripwire, developed in perl. This release is rather unpolished (you need to hack up a crontab file, and to set a file path in the perl source), but fully functional. To accomplish it's design goals, it reads in a list of files stored in flat ASCII, and uses md5sum to check their integrity against that recorded earlier in a database. If the database is placed on a read-only medium such as a write-protected floppy, then it should provide an infallible record against remotely installed trojan horses. Thus by monitoring the integrity of the system, triplight will serve as an aid in intrusion detection.
| | Author: | Snupe | | Homepage: | http://linux.rice.edu/magic/triplight | | File Size: | 2993 | | Last Modified: | Jan 21 19:52:19 2000 |
| MD5 Checksum: | 65c3eabda7b87a4648e9fc73dd4c62df |
|
| /// File Name: |
tripwire-1.2.tar.gz |
Description:
|
Tripwire creates a signature of binary files, and then checks to see if these files have been modified. Track binary file mods.
| | File Size: | 301527 | | Last Modified: | Aug 16 20:02:15 1999 |
| MD5 Checksum: | 0fe52587e243efc94e395043e25635c0 |
|
| /// File Name: |
tripwire-1.30-1.linux.tar.gz |
Description:
|
Tripwire v1.30-1 for Linux - Tripwire detects any variance in file integrity. This version has been "optimized" for Linux.
| | Author: | Tripwire Security Systems. | | File Size: | 303968 | | Last Modified: | Aug 16 20:02:35 1999 |
| MD5 Checksum: | fd3374db2ba26fe11428e5fac3a98cfa |
|
| /// File Name: |
tripwire-1.30-1.tar.gz |
Description:
|
Tripwire v1.30-1 - Intrusion Detection Security Tool for UNIX platforms.
| | File Size: | 303968 | | Last Modified: | Aug 16 20:02:17 1999 |
| MD5 Checksum: | fd3374db2ba26fe11428e5fac3a98cfa |
|
| /// File Name: |
tripwire-2.3-47.bin.tar.gz |
Description:
|
Tripwire is a very popular file integrity checker which saves checksums of selected files in a database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email / pager reporting. Databases and reports are cryptographically signed.
| | Homepage: | http://www.tripwire.org | | File Size: | 3224386 | | Last Modified: | Oct 30 18:30:41 2000 |
| MD5 Checksum: | d3d1d35ee10b59a0176ca6f754825ca1 |
|
| /// File Name: |
tripwire-2.3.0-50.tar.gz |
Description:
|
Tripwire is a very popular system integrity checker, a utility that compares properties of designated files and directories against information stored in a previously generated database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email and pager reporting. Support files (databases, reports, etc.) are cryptographically signed.
| | Homepage: | http://www.tripwire.org | | Changes: | Security fixes with respect to temp file handling, as well a new global email option. | | File Size: | 1766895 | | Last Modified: | Feb 4 18:44:45 2001 |
| MD5 Checksum: | f244f48a3bf052acdc9c2341210285eb |
|
| /// File Name: |
tripwire-2.3.1-2.tar.gz |
Description:
|
Tripwire is a very popular system integrity checker, a utility that compares properties of designated files and directories against information stored in a previously generated database. Any changes to these files are flagged and logged, including those that were added or deleted, with optional email and pager reporting. Support files (databases, reports, etc.) are cryptographically signed.
| | Homepage: | http://sourceforge.net/projects/tripwire | | Changes: | Support for FreeBSD 4.2 and bug fixes. | | File Size: | 1514955 | | Last Modified: | Mar 4 22:59:38 2001 |
| MD5 Checksum: | 6a15fe110565cef9ed33c1c7e070355e |
|
| /// File Name: |
trojan.pl |
Description:
|
Perl script that searches for trojan horses installed on system.
| | File Size: | 30278 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | 339cac93ec494932fb1440e199eaec77 |
|
| /// File Name: |
trojan.tar |
Description:
|
trojan.tar
| | File Size: | 40960 | | Last Modified: | Aug 16 20:02:16 1999 |
| MD5 Checksum: | a4b1af99be48ba2399825512f78a2185 |
|
| /// File Name: |
ttysnoop-0.12c.tar.gz |
Description:
|
The package allows you to snoop on login tty's through another tty-device or pseudo-tty. The snoop-tty becomes a 'clone' of the original tty, redirecting both input and output from/to it.
| | File Size: | 8362 | | Last Modified: | Aug 16 20:02:21 1999 |
| MD5 Checksum: | 85ba8fcac7b1a3a103fe632eef26a92d |
|
| /// File Name: |
ttysnoop-0.12d.tar.gz |
Description:
|
TTYSnoop allows you to snoop on login tty's through another tty-device or pseudo-tty. The snoop-tty becomes a 'clone' of the original tty, redirecting both input and output from/to it.
| | Author: | Carl Declerck | | Changes: | Cleanups/updates for compilation on newer Linux systems, such as RH5. | | File Size: | 8514 | | Last Modified: | Dec 14 15:59:54 1999 |
| MD5 Checksum: | 8363519ecbf51eb643f502067be0e0fc |
|
| /// File Name: |
twpatch-0.2.tgz |
Description:
|
Patches to run Tripwire 1.2 on Linux. Tripwire 1.2.
| | Author: | CERIAS/COAST. | | File Size: | 14833 | | Last Modified: | Aug 16 20:02:28 1999 |
| MD5 Checksum: | 28f0fa2f8a0ce91fc830e4ac66d058f8 |
|
| /// File Name: |
unix.zip |
Description:
|
unix.zip
| | File Size: | 45314377 | | Last Modified: | Aug 16 20:03:14 1999 |
| MD5 Checksum: | 602820f7be369655bb30e58b50337e63 |
|
| /// File Name: |
ViperDB-0.7.tar.gz |
Description:
|
ViperDB 0.7 - ViperDB was created as a smaller and faster option to Tripwire. ViperDB does not use a fancy all-in-one database to keep records. Instead it uses a plaintext db which is stored in each "watched" directory. By using this there is no real one attack point for an attacker to focus his attention on. This coupled with the running of ViperDB every 5 minutes (via cron root job) decreases the likelihood that an attacker will be able to modify your "watched" filesystem while ViperDB is monitoring your system.
| | Author: | J-Dog. | | Changes: | Now logs to a standard logging facility instead of an individual file. Added '-checkstrict' functionality which changes permissions/owner/group back to what they were before the change was made to the file. Added exception(s) to '-checkstrict' which removes all permissions from the changed file if the file originally was SUID/GUID. Changed way filesystem changes are seen by admin, now a change only sends an alert to the logs once instead of repeatedly. | | File Size: | 4234 | | Last Modified: | Aug 16 20:02:46 1999 |
| MD5 Checksum: | 1809efd2508e5987e6a8d98139bf7e07 |
|
| /// File Name: |
viperdb-0.9.3.tar.gz |
Description:
|
ViperDB is a file checker. It is meant to be run from cron on a regular basis in order to monitor strange activity on a system. It supports checking of size, mtime, privileges, UID/GID, added/deleted files, and (as of 0.9.3) MD5 checksums. Data isn't stored in a single archive as in tripwire, but is split among all the monitored directories. This ViperDB is in fact a fork of the original, as the original authors seem unreachable.
| | Author: | Peter Surda | | Homepage: | http://panorama.sth.ac.at/viperdb | | File Size: | 5997 | | Last Modified: | Feb 23 17:37:31 2001 |
| MD5 Checksum: | 2170734913963ac2e62e00288ba14cb9 |
|
| /// File Name: |
viperdb-0.9.6.tar.gz |
Description:
|
ViperDB is a file checker. It is meant to be run from cron on a regular basis in order to monitor strange activity on a system. It supports checking of size, mtime, privileges, UID/GID, added/deleted files, and (as of 0.9.3) MD5 checksums. Data isn't stored in a single archive as in tripwire, but is split among all the monitored directories. This ViperDB is in fact a fork of the original, as the original authors seem unreachable.
| | Author: | Peter Surda | | Homepage: | http://panorama.sth.ac.at/viperdb | | Changes: | Fixes for bugs introduced by the 0.9.5 rewrite, new/strengthened internal security checks, and minor updates. | | File Size: | 8488 | | Last Modified: | Mar 5 19:11:27 2001 |
| MD5 Checksum: | 49900d5fbfa3364c1025430316cac4d6 |
|
| /// File Name: |
viperdb-0.9.7.tar.gz |
Description:
|
ViperDB is a file checker. It is meant to be run from cron on a regular basis in order to monitor strange activity on a system. It supports checking of size, mtime, privileges, UID/GID, added/deleted files, and (as of 0.9.3) MD5 checksums. Data isn't stored in a single archive as in tripwire, but is split among all the monitored directories. This ViperDB is in fact a fork of the original, as the original authors seem unreachable.
| | Author: | Peter Surda | | Homepage: | http://panorama.sth.ac.at/viperdb | | Changes: | This release adds bugfixes in symlink handling, improved detecting of corrupted databases, and a directory-specific option to ignore mtime changes. Upgrading and re-initing of databases is recommended. | | File Size: | 8976 | | Last Modified: | Mar 9 21:18:05 2001 |
| MD5 Checksum: | e521d9db7b17c8e4294fb38937128d88 |
|
| /// File Name: |
viperdb-0.9.8.tar.gz |
Description:
|
ViperDB is a file checker. It is meant to be run from cron on a regular basis in order to monitor strange activity on a system. It supports checking of size, mtime, privileges, UID/GID, added/deleted files, and (as of 0.9.3) MD5 checksums. Data isn't stored in a single archive as in tripwire, but is split among all the monitored directories. This ViperDB is in fact a fork of the original, as the original authors seem unreachable.
| | Author: | Peter Surda | | Homepage: | http://panorama.sth.ac.at/viperdb | | Changes: | Bug fixes. | | File Size: | 8912 | | Last Modified: | Mar 16 20:36:17 2001 |
| MD5 Checksum: | 06e45f947a32c646357c66ef6e6cec25 |
|
| /// File Name: |
viperdb_v0.9.1.pl.txt |
Description:
|
ViperDB was created as a smaller and faster option to Tripwire. ViperDB does not use a fancy all-in-one database to keep records. Instead it uses a plaintext db which is stored in each "watched" directory. By using this there is no real one attack point for an attacker to focus his attention on. This coupled with the running of ViperDB every 5 minutes (via cron root job) decreases that likelihood that an attacker will be able to modify your "watched" filesystem while ViperDB is monitoring your system.
| | Author: | J-Dog | | Homepage: | http://www.resentment.org/projects/viperdb/ | | Changes: | Ignore file functionality which allows user to specify files to ignore added. Updated code works better on solaris, updated ls options to lAcr for solaris instead of standard laAs. Splitting permissions code cleaned out into owner, group, all perms. | | File Size: | 12573 | | Last Modified: | Feb 22 18:40:58 2000 |
| MD5 Checksum: | 3018ff63bf0aa467d1e34769ab332416 |
|
| /// File Name: |
watchdog-4.0.tar.gz |
Description:
|
A software watchdog (i.e. Automatic reboot daemon).
| | File Size: | 62595 | | Last Modified: | Aug 16 20:02:27 1999 |
| MD5 Checksum: | bf41a6b4791c07d51018b9b8584629e8 |
|
| /// File Name: |
watchdog-4.1.tar.gz |
Description:
|
A software watchdog (i.e. Automatic reboot daemon).
| | File Size: | 63939 | | Last Modified: | Aug 16 20:02:28 1999 |
| MD5 Checksum: | 8a54a794af31721190c62f13214adca8 |
|
| /// File Name: |
watchdog-4.2.tar.gz |
Description:
|
watchdog is a daemon that monitors systems processes and loads, and will automatically reboot a server if the load rises above a defined level. Very useful tool. 98k.
| | Author: | Michael Meskes. | | File Size: | 100539 | | Last Modified: | Aug 16 20:02:35 1999 |
| MD5 Checksum: | 2b8061871a0f1dbd24967c975b66b8ff |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
