Section: .. / UNIX / loggers /
| /// File Name: |
iplog-2.0-1017.tar.gz |
Description:
|
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic, though adding support for other protocols should be relatively easy. iplog 2.0 is complete rewrite of iplog 1.x by behe . As such, it contains all the features supported by iplog 1.x, including a built-in DNS cache, the ability to detect port scans, null scans, and FIN scans, "smurf" attacks, and bogus TCP flags (used by scanners to detect the operating system in use). iplog 2.0 adds detection of Xmas scans, ICMP ping floods, UDP scans, and various IP fragment attacks. As mentioned above, iplog 2.0 has a packet filter.
| | Author: | Odin. | | File Size: | 102875 | | Last Modified: | Oct 17 13:44:38 1999 |
| MD5 Checksum: | 6a2cda10b32e7bf7a46bcdfe1d551c9f |
|
| /// File Name: |
sysklogd-1.3-31.tar.gz |
Description:
|
sysklogd v1.3-31 - The sysklogd package implements two system log daemons. The syslogd daemon is the general system logging daemon which is responsible for handling requests for syslog services. This version of syslogd is similar to the standard Berkeley product but with a number of compatible extensions. The klogd daemon runs either standalone or as a client of syslogd. Klogd 'listens' to kernel log messages, prioritizes them and routes them to either output files or to syslogd. This version of klogd will optionally translate kernel addresses to their symbolic equivalents if provided with a system map.
| | Author: | Dr. G.W. Wettstein | | File Size: | 95845 | | Last Modified: | Aug 16 20:05:15 1999 |
| MD5 Checksum: | b82928eeebe8426d0d8a42ebed115b08 |
|
| /// File Name: |
sysklogd-1.3-28.tar.gz |
Description:
|
See below.
| | File Size: | 94938 | | Last Modified: | Aug 16 20:05:15 1999 |
| MD5 Checksum: | 235ea8fed739c9dabd4b86e5480c0dd9 |
|
| /// File Name: |
tlp-0.8.tar.gz |
Description:
|
The Logging Project (formerly salt) are tools which provide centralized, secure and fault-tolerant logging. It is flexible, robust, and easy to integrate, making it a good alternative to replacing syslog.
| | Homepage: | http://condor.gmu.edu/~jason/logging/ | | Changes: | Bug fixes. | | File Size: | 92762 | | Last Modified: | Jul 24 00:13:02 2002 |
| MD5 Checksum: | b6f9111141589e13dce7605f66bfee00 |
|
| /// File Name: |
esm-1.1.tar.gz |
Description:
|
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
| | Author: | Peter Todd | | Homepage: | http://esm.sourceforge.net | | Changes: | A posible security hole has been fixed (tmp race), ESMSysLog can now do regular expression matching of syslog messages, bug fixes. | | File Size: | 92673 | | Last Modified: | Oct 28 17:12:44 2000 |
| MD5 Checksum: | 3c4134d8c3b26b03a2e5268301728995 |
|
| /// File Name: |
tcpdpriv-1.1.10.tar.Z |
Description:
|
A program for eliminating confidential information from tcpdump trace files to address privacy and security concerns.
| | Author: | Lawrence Berkeley National Laboratory | | File Size: | 88387 | | Last Modified: | Aug 16 20:05:17 1999 |
| MD5 Checksum: | 98ed147aed7f1c236b16ae0f779f1e55 |
|
| /// File Name: |
ssyslog.1.21.tar.gz |
Description:
|
Cryptographically secure system logging tool that replaces UNIX syslog.
| | Author: | core sdi s.a. | | File Size: | 83268 | | Last Modified: | Aug 16 20:05:15 1999 |
| MD5 Checksum: | 92ef2ad06bb180714a5a2747f0725d06 |
|
| /// File Name: |
ssyslog.tar.gz |
Description:
|
Secure Syslog. Replacement for UNIX syslog.
| | File Size: | 82928 | | Last Modified: | Aug 16 20:05:15 1999 |
| MD5 Checksum: | 64b7e8fad229bcb31e42070f71d60f59 |
|
| /// File Name: |
esm-1.0.tar.gz |
Description:
|
ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog.
| | Homepage: | http://members.tripod.com/%7Eretep/esm.html | | File Size: | 82680 | | Last Modified: | Dec 14 01:04:17 1999 |
| MD5 Checksum: | bf4cd29cbfa14c39a5aadde3b9e99967 |
|
| /// File Name: |
arpwatch2.1a4.tar.gz |
Description:
|
Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch requires tcpdump and libpcap. Includes FDDI support, updated ethercodes, uses autoconf.
| | Homepage: | ftp://ftp.ee.lbl.gov/ | | File Size: | 82110 | | Last Modified: | Dec 12 19:09:54 1999 |
| MD5 Checksum: | 8ed0f0b05f98978e4c8fcf73bd4a685a |
|
| /// File Name: |
sh2log-1.0.tgz |
Description:
|
sh2log is a PTY sniffing program that captures all keystrokes and console output of physical and virtual consoles. sh2log works as a userland keylogger and does not require installation of a kernel module. Consequently, it can be run on a wide range of different UNIX platforms: Linux, SunOS, BSD, AIX, etc. The essential method of use here is that it man in the middles standard shells.
| | Author: | Christophe Devine | | File Size: | 80240 | | Last Modified: | Nov 8 21:43:57 2006 |
| MD5 Checksum: | 3742a060f5fdc97ee21bd8387a4bb80b |
|
| /// File Name: |
ippl-1.99.5.tar.gz |
Description:
|
Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas | | Homepage: | http://pltplp.net/ippl/ | | Changes: | Fixed two typos and a bug causing ident on closing connexions to loop forever - this is the beta branch. | | File Size: | 73790 | | Last Modified: | May 29 15:05:00 2000 |
| MD5 Checksum: | 68349a916ed5fa20b43d1712ca70fbbf |
|
| /// File Name: |
LogrepSource-1.4.1.tar.gz |
Description:
|
Logrep is a secure multi-platform tool for the collection, extraction, and presentation of information from various log files. It includes HTML reports, multi-dimensional analysis, overview pages, SSH communication, and graphs. Supports 18 popular systems including Snort, Squid, Postfix, Apache, Sendmail, syslog, iptables/ipchains, xferlog, NT event logs, Firewall-1, wtmp, Oracle listener, and Cisco Pix.
| | Author: | Tevfik Karagulle | | Homepage: | http://logrep.sourceforge.net | | Changes: | Supports log files from sendmail and xferlog files from an FTP server. Binary packages for Linux were made Perl 5.8 aware. | | File Size: | 71610 | | Last Modified: | Nov 11 00:50:13 2003 |
| MD5 Checksum: | d25661af9b8afe7fed0ce23b7b3d0a6e |
|
| /// File Name: |
log_analysis-0.38.tar.gz |
Description:
|
Log_analysis is a log file analyzer which extracts relevant data for any of the recognized log messages and produces a summary that is much easier to read and can be easily configured to recognize entirely new log types. log_analysis natively understands about 100 different kinds of syslog messages, as well as sulog and wtmp messages for Linux, Solaris, and OpenBSD.
| | Author: | Mordechai T. Abzug | | Homepage: | http://linux.umbc.edu/~mabzug1/log_analysis.html | | Changes: | More sorting options, per-category sorting and output filters, derived category support, and a new 'UNIQUE' pattern destination. | | File Size: | 69705 | | Last Modified: | Jul 17 17:06:24 2001 |
| MD5 Checksum: | 437c0f8c6192019c4173722e6e026a7b |
|
| /// File Name: |
newsyslog.tar.gz |
Description:
|
NewSyslog is an updated version of a package put together by Theodore Tso of MIT Project Athena (which is included in NetBSD, FreeBSD, OpenBSD, etc.). This version has a mix of features from all of the other versions, and it has been made more portable than any of the others with the help of GNU Autoconf.
| | File Size: | 67465 | | Last Modified: | Feb 23 18:41:37 2001 |
| MD5 Checksum: | 0ec5b318de23a3a106959c05ece8b438 |
|
| /// File Name: |
ippl_1.99.3.orig.tar.gz |
Description:
|
ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas | | Homepage: | http://www.via.ecp.fr/~hugo/ippl/ | | Changes: | Completely rewritten to use libpcap. Various changes including IP options, updated man page & ippl.conf, message repetition. Display bug, pidfile.c, and disabled threads on loopback bugs fixed. | | File Size: | 67060 | | Last Modified: | Jan 31 16:43:57 2000 |
| MD5 Checksum: | f9e8947bb119a6e0a3ee0892a33a4393 |
|
| /// File Name: |
Log02Package.zip |
Description:
|
The Twilight Minds Extensible Logging Package is intended to provide a basis for efficient logging of sequential output. It helps get the groundwork of logging done and out of the way. It also removes the processes associated with recording log entries and managing logs from the main thread of execution. TwilightMinds.Log allows for one-line logging to any end-point within a common framework, and allows for potentially complex but easily managed logging setups.
| | Homepage: | http://www.twilightminds.com/Logfull.html | | File Size: | 66547 | | Last Modified: | Dec 7 13:36:43 2000 |
| MD5 Checksum: | 994abed61634fc9555a996a91937425c |
|
| /// File Name: |
libol-0.1.6.tar.gz |
Description:
|
Libraries needed for latest alpha release snapshots of syslog-ng.
| | Author: | Balazs Scheidler | | File Size: | 61427 | | Last Modified: | Aug 16 20:05:14 1999 |
| MD5 Checksum: | e6300076ecd39f476021f7e9c75e7ac3 |
|
| /// File Name: |
libol-0.1.2.tar.gz |
Description:
|
Libraries needed for latest alpha release snapshots of syslog-ng.
| | Author: | Balazs Scheidler | | File Size: | 59521 | | Last Modified: | Aug 16 20:05:14 1999 |
| MD5 Checksum: | aab577efff0da118e546073a73fab906 |
|
| /// File Name: |
libol-0.1.tar.gz |
Description:
|
Libraries needed for latest alpha release snapshots of syslog-ng.
| | Author: | Balazs Scheidler | | File Size: | 59084 | | Last Modified: | Aug 16 20:05:14 1999 |
| MD5 Checksum: | 24c7664105ffaa77c1c63878656d9398 |
|
| /// File Name: |
ippl-1.5.3.tar.gz |
Description:
|
ippl v1.5.3 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas,Etienne Bernard | | Changes: | fixed a buffer overflow problem in ident.c, draft implementation of attacks detection (can now detect ping flood), added checks after mallocs (if there is a memory allocation problem, the program stops), reverse DNS resolutions now use cache. | | File Size: | 55701 | | Last Modified: | Aug 16 20:05:14 1999 |
| MD5 Checksum: | 421e131c981b4102b9bf4b6e898fa8c3 |
|
| /// File Name: |
ippl-1.5.1.tar.gz |
Description:
|
ippl v1.5.1 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas,Etienne Bernard | | Changes: | Added DNS resolution checking, Used #defined constants for ICMP values in ippl.l, Modified the unknown ICMP type case to display the type and code of the message, code cleanup. | | File Size: | 54062 | | Last Modified: | Aug 16 20:05:14 1999 |
| MD5 Checksum: | 31aa7b9aca316d3777564904fdb3da6e |
|
| /// File Name: |
ippl-1.4.12.tar.gz |
Description:
|
Ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas | | Homepage: | http://pltplp.net/ippl | | Changes: | New stable release! Lots of bug fixes from the development branch have been included. | | File Size: | 53739 | | Last Modified: | Feb 2 19:22:27 2001 |
| MD5 Checksum: | 6a132bde11bcdabefe0c1d72d9744ddf |
|
| /// File Name: |
connlogd-0.9.7.tar.gz |
Description:
|
Connlogd is a detailed TCP/UDP connection logger with the ability to filter what information is logged. It can log to syslog or stderr so that it can be used with other logging packages such as D.J. Bernstein's multilog program. In addition to address and port information, it logs all TCP header flags (SYN, FIN, etc... as well as bogus flags) and the TCP window size. It uses the pcap library for packet capture and runs on most systems that support the pcap library. NOTE: Included in the source distribution is a script to help convert the logs into the format used when reporting attacks to dshield.org.
| | Author: | Alec Kosky | | File Size: | 53063 | | Last Modified: | Jul 6 17:05:40 2003 |
| MD5 Checksum: | c8190e3e8a908526b5bc67b7e9103903 |
|
| /// File Name: |
ippl-1.5.0.tar.gz |
Description:
|
ippl v1.5.0 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger.
| | Author: | Hugo Haas,Etienne Bernard | | Changes: | Implemented the possibility to define the logging mechanism (either file or syslog level) on a per-rule basis. | | File Size: | 53060 | | Last Modified: | Aug 16 20:05:14 1999 |
| MD5 Checksum: | e865368199fa1e7a34afbe21636cb523 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
