Section: .. / UNIX / loggers /
| /// File Name: |
acl-0.7.0.tar.gz |
Description:
|
Inspired by ColorLogs, acl (Advanced Color Logs) has advanced parsing capabilities, including multiple search strings and negative search strings (matches if the string is not found in the line). It's very useful for highlighting important or non-standard messages from daemons, while not highlighting standard status messages from the same daemons.
| | Author: | Patrick Mullen | | Homepage: | http://www.LinuxRC.org/projects/acl/ | | Changes: | Much more configurability, can "wake up" a console that has been blanked, and special processing for syslog-format files to configure a color for the timestamp, specifying different colors depending on what host generated the message (if syslog is logging remote messages as well) and specification of a special color for highlighting messages from different daemons. | | File Size: | 7845 | | Last Modified: | Jan 7 19:41:58 2000 |
| MD5 Checksum: | 978e4da7eec020aea1efff9c2ab953f8 |
|
| /// File Name: |
arpwatch2.1a4.tar.gz |
Description:
|
Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch requires tcpdump and libpcap. Includes FDDI support, updated ethercodes, uses autoconf.
| | Homepage: | ftp://ftp.ee.lbl.gov/ | | File Size: | 82110 | | Last Modified: | Dec 12 19:09:54 1999 |
| MD5 Checksum: | 8ed0f0b05f98978e4c8fcf73bd4a685a |
|
| /// File Name: |
atalaya-1.2.tar.gz |
Description:
|
Atalaya notifies an administrator of incoming connections using /etc/hosts.allow. Includes support for Festival for speech.
| | Author: | Riseman | | Homepage: | http://sod-interactive.turincon.com | | File Size: | 23276 | | Last Modified: | Jul 29 00:57:32 2000 |
| MD5 Checksum: | 05bd6a826ce4549a1cf29c2f7998abfb |
|
| /// File Name: |
awstats-5.0.tgz |
Description:
|
AWStats is a short for Advanced Web Statistics. It's a free tool that generates advanced web (but also ftp, syslog or mail) server access statistics graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. It uses a partial information file to be able to process large log files often and quickly. It can analyze log files from IIS (W3C log format), Apache log files (NCSA combined/XLF/ELF log format or common/CLF log format), WebStar and most of all web, proxy, wap servers (and even syslog, ftp servers or mail logs). Take a look at this comparison table for an idea on differences between most famous statistics tools. Screenshots available here.
| | Author: | Eldy | | Homepage: | http://awstats.sourceforge.net | | File Size: | 11156 | | Last Modified: | Oct 4 10:31:07 2002 |
| MD5 Checksum: | a44b7df143e2f1d16b8bca6f75ee8fb3 |
|
| /// File Name: |
awstats-5.9.tgz |
Description:
|
AWStats is a short for Advanced Web Statistics. It's a free tool that generates advanced web (but also ftp, syslog or mail) server access statistics graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. It uses a partial information file to be able to process large log files often and quickly. It can analyze log files from IIS (W3C log format), Apache log files (NCSA combined/XLF/ELF log format or common/CLF log format), WebStar and most of all web, proxy, wap servers (and even syslog, ftp servers or mail logs). Take a look at this comparison table for an idea on differences between most famous statistics tools. Screenshots available here.
| | Author: | Eldy | | Homepage: | http://awstats.sourceforge.net | | Changes: | New features, bugs fixed. | | File Size: | 688087 | | Last Modified: | Nov 11 00:52:37 2003 |
| MD5 Checksum: | be251e7506df16642b367789f5078ad9 |
|
| /// File Name: |
badattachK-0.3r2.c |
Description:
|
badattach is a man in the middle utility that analyzes syslog messages for a particular string match and if the match is made, it stops the information from getting to syslogd.
| | Author: | Matias Sedalo | | Homepage: | http://www.shellcode.com.ar/ | | File Size: | 10964 | | Last Modified: | Jul 6 08:17:00 2004 |
| MD5 Checksum: | 883bcb5e941e50bd6853a28eef6ef091 |
|
| /// File Name: |
bash-2.04-bofh-0.0.1.tar.gz |
Description:
|
Unavailable.
| | File Size: | 17607 | | Last Modified: | Apr 25 15:32:36 2000 |
| MD5 Checksum: | 8970b42f5920a2144552090a5826c3ef |
|
| /// File Name: |
bash-bofh-2.05-0.0.1.tar.gz |
Description:
|
Bash-bofh is a patch to provide true BOFH log functions to bash 2.05. Features the ability to log all commands to syslog.
| | Author: | EF | | Homepage: | http://www.ccitt5.net | | Changes: | Loglevel and logfacility configurable through --with-bofh-loglevel and --with-bofh-logfacility. split-userlog utility included to split the generated logfile into $USERNAME.log files for each user. | | File Size: | 18361 | | Last Modified: | May 30 14:48:31 2001 |
| MD5 Checksum: | c12e922de63d450b15d2e26d2987beb2 |
|
| /// File Name: |
bigeye-0.3.tar.gz |
Description:
|
Bigeye is a network utility dump that can be run in multiple modes - sniffer, logging connections, and even emulating protocols such as HTTP or FTP. The main focus of this program is to create an emulative service that would fool hackers/worms into thinking that they're exploiting a real service, but in fact, they're trying to exploit a fake service. The services currently available are ftp or http. Useful for honeypots.
| | Author: | Victor Lima | | Homepage: | http://violating.us/projects/bigeye | | File Size: | 32391 | | Last Modified: | Jul 8 02:09:36 2002 |
| MD5 Checksum: | e1de9ffa418fe48b94803884d2a5ba5d |
|
| /// File Name: |
clog-1.6.tar.gz |
Description:
|
Network traffic analysis tool.
| | File Size: | 18377 | | Last Modified: | Aug 16 20:05:12 1999 |
| MD5 Checksum: | f8732ed25def0e4c56d8d5b8007b6074 |
|
| /// File Name: |
clog.tar.gz |
Description:
|
Network traffic analysis tool.
| | File Size: | 18377 | | Last Modified: | Aug 16 20:05:12 1999 |
| MD5 Checksum: | f8732ed25def0e4c56d8d5b8007b6074 |
|
| /// File Name: |
Colorlogs-1_1.tar.gz |
Description:
|
Colorlogs color codes your logfiles for simpler reading. Sit at a distance and watch for specified colors in the logfile output to alert you of unusual activity.
| | Author: | J-Dog. | | Changes: | Many more display options, improved config file and handling of special characters. | | File Size: | 2145 | | Last Modified: | Aug 16 20:05:12 1999 |
| MD5 Checksum: | 6ec091ee0762f909e1ba957d463527c0 |
|
| /// File Name: |
Colorlogs.tar.gz |
Description:
|
Colorlogs v1.0 - Colorlogs color codes your logfiles for simpler reading. Sit at a distance and watch for specified colors in the logfile output to alert you of unusual activity.
| | Author: | J-Dog. | | File Size: | 1888 | | Last Modified: | Aug 16 20:05:12 1999 |
| MD5 Checksum: | 8dcf8174111c0ee740ace3e8a0ba192e |
|
| /// File Name: |
connlogd-0.9.7.tar.gz |
Description:
|
Connlogd is a detailed TCP/UDP connection logger with the ability to filter what information is logged. It can log to syslog or stderr so that it can be used with other logging packages such as D.J. Bernstein's multilog program. In addition to address and port information, it logs all TCP header flags (SYN, FIN, etc... as well as bogus flags) and the TCP window size. It uses the pcap library for packet capture and runs on most systems that support the pcap library. NOTE: Included in the source distribution is a script to help convert the logs into the format used when reporting attacks to dshield.org.
| | Author: | Alec Kosky | | File Size: | 53063 | | Last Modified: | Jul 6 17:05:40 2003 |
| MD5 Checksum: | c8190e3e8a908526b5bc67b7e9103903 |
|
| /// File Name: |
devialog-0.8.3.tgz |
Description:
|
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
| | Author: | Jeff Yestrumskas | | Homepage: | http://devialog.sourceforge.net/ | | File Size: | 20165 | | Last Modified: | Mar 1 23:01:00 2005 |
| MD5 Checksum: | 970e953fbfb3c17d85ec27950e5a6553 |
|
| /// File Name: |
devialog-0.8.4.tgz |
Description:
|
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
| | Author: | Jeff Yestrumskas | | Homepage: | http://devialog.sourceforge.net/ | | Changes: | Enabled mail queueing, added suggested signature logfile. | | File Size: | 21658 | | Last Modified: | Apr 18 03:06:44 2005 |
| MD5 Checksum: | 3e631fddf0ff65b835412cf317d3accc |
|
| /// File Name: |
devialog-0.8.5.tgz |
Description:
|
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
| | Author: | Jeff Yestrumskas | | Homepage: | http://devialog.sourceforge.net/ | | Changes: | See changelog. | | File Size: | 22517 | | Last Modified: | Jun 18 14:24:28 2005 |
| MD5 Checksum: | 695fe211a3cc46e3cfddc0db6d6fc029 |
|
| /// File Name: |
devialog-0.9.0.tgz |
Description:
|
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/BSD environment at the core of a central syslog server. devialog can generate its own signatures and can act upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.
| | Author: | Jeff Yestrumskas | | Homepage: | http://devialog.sourceforge.net/ | | Changes: | See changelog. | | File Size: | 18261 | | Last Modified: | Jul 7 00:37:31 2007 |
| MD5 Checksum: | 23a4ddf4b5e27adb4d2a2f2244ad1f73 |
|
| /// File Name: |
disco-1.0.tar.gz |
Description:
|
Disco is a passive IP discovery utility designed to sit on segments distributed throughout a network and discover unique IPs. In addition to IP discovery Disco has the ability to passively fingerprint TCP SYN packets to determine the host operating system.
| | Author: | Preston Wood | | Homepage: | http://www.altmode.com/disco | | File Size: | 109856 | | Last Modified: | May 7 17:23:20 2003 |
| MD5 Checksum: | 86a849be6319e2e4d5bb8a804e623597 |
|
| /// File Name: |
disco-1.2.tar.gz |
Description:
|
Disco is a passive IP discovery utility designed to sit on segments distributed throughout a network and discover unique IPs. In addition to IP discovery Disco has the ability to passively fingerprint TCP SYN packets to determine the host operating system.
| | Author: | Preston Wood | | Homepage: | http://www.altmode.com/disco | | Changes: | Added options to fingerprint SYNACK packets, verbose fingerprint information gets logged to an output file. | | File Size: | 123488 | | Last Modified: | Jul 6 01:10:27 2003 |
| MD5 Checksum: | 56bd487197e1989ebcbb242ac853f975 |
|
| /// File Name: |
E-LogMonitor-1.0.tar.gz |
Description:
|
E-LogMonitor is an Enlightenment epplet that monitors various log files for the occurence of specified keywords. It supports up to 20 file/keyword combinations and provides various ways of alerting the user if a keyword has been detected.
| | Author: | Bart Cichosz | | Homepage: | http://barrrt.tripod.com/linux/ | | File Size: | 8130 | | Last Modified: | Apr 25 16:04:00 2000 |
| MD5 Checksum: | dab88b35217ca262194540c1ae86dc50 |
|
| /// File Name: |
esm-1.0.tar.gz |
Description:
|
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
| | Homepage: | http://members.tripod.com/%7Eretep/esm.html | | File Size: | 82680 | | Last Modified: | Dec 14 01:04:17 1999 |
| MD5 Checksum: | bf4cd29cbfa14c39a5aadde3b9e99967 |
|
| /// File Name: |
esm-1.1.tar.gz |
Description:
|
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
| | Author: | Peter Todd | | Homepage: | http://esm.sourceforge.net | | Changes: | A posible security hole has been fixed (tmp race), ESMSysLog can now do regular expression matching of syslog messages, bug fixes. | | File Size: | 92673 | | Last Modified: | Oct 28 17:12:44 2000 |
| MD5 Checksum: | 3c4134d8c3b26b03a2e5268301728995 |
|
| /// File Name: |
exec.c |
Description:
|
exec.c 1.0.4 is a kernel module which logs all the commands executed on the system. Extremely powerful stealth logging made easy!
| | Author: | Pat Szuta | | Changes: | This release fixes a memory allocation problem. Please update to the current version if you use the module. This module should work on 2.2.* kernels. | | File Size: | 3893 | | Last Modified: | Dec 6 21:58:42 1999 |
| MD5 Checksum: | 1cebecd309b7c1a3b25be810e9cccde4 |
|
| /// File Name: |
fakeroute.c |
Description:
|
A program for faking the standard unix udp-based traceroute.
| | File Size: | 11833 | | Last Modified: | Aug 16 20:05:12 1999 |
| MD5 Checksum: | 2cbadf00513686ab909a06953dc4042c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
