|
(Page 1 of 11) 1 2 3 4 5 6 Next > Category: Utilities » Log Management OSSEC HIDS Added 2008-11-18 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. Splunk Log Management | IT Search Added 2008-10-16 Splunk is a FREE software program that indexes and makes searchable data from any app, server or network device in real time including logs, config files, messages, alerts, scripts and metrics. OSSEC HIDS Added 2008-08-29 OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows. DAVIX Added 2008-08-17 DAVIX - the Data Analysis & Visualization Linux® - brings the most important tools for data processing and visualization to your desk. This solution allows you to get started with security visualization without cumbersome compiling and installing tools. The DAVIX CD is based on SLAX 6.0 and follows a modularized approach. Thus, the SLAX ISO image can easily be customized for various purposes. It can even be installed on USB sticks and provide you with mobile analysis capabilities. The CD is shipped with a comprehensive manual that gives you a quick start for all tools and provides information on how-to tailor DAVIX to your needs. All tools are accessible through the KDE start menu and are accompanied with links to external manuals and tutorials. syslog-ng Premium Edition Added 2007-08-10 The syslog-ng Premium Edition application is a system logging client and server application that offers native TCP and TLS support, disk buffering, and logging directly into SQL databases. It runs on a variety of UNIX-like systems, and can also collect logs from Microsoft Windows platforms. SnortNotify Added 2007-03-24 Running from cron at a specified interval SnortNotify will search a snort database for new alerts. If new alerts match a pre configured priority level, an email will be sent to the contact. The email will include Sensor name, the signaturename, and the timestamp. ASDIC Added 2006-10-13 ASDIC is a system for advanced traffic and log analysis. It helps you to determine what traffic there is in your network. You can look at ASDIC as a reverse firewall. Input unstructured traffic information and output a rule set. ASDIC can analyze logs from any firewall or router, or sniff the network by itself. sshtools Added 2006-10-10 sshtools allows you to parse your ssh logs into data that makes sense. Allows you to view the number of failed logins, block the top 10 failed IP addresses, and build reports based on your logs. Currently, there are eight different options for parsing your ssh logs, and all parsing is done without your login IP Address(s), so that you can see the most important data, which is other people logging in. Plans for sshtools include real-time monitoring and real-time IP blocking, and much more. OSSEC Added 2006-05-12 OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows. Network Equipment Performance Monitor Added 2006-03-16 NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems. Many networks behind separate firewalls can be reported on at one central site, and hard-to-reach isolated nets can be accessed. NEPM itself is system independent and can be hosted on either a UNIX or WinNT system or a combination of these with equal ease. NEPM monitors and reports uptime, critical events such as intrusion attempts, access rates, bytes-transferred rates, and error rates of network nodes. Unique precursor event links drill down instantly to the causes of downtime, intrusion events, etc. Performance graphs highlight element throughput and error rate. Hardware and software sub-systems within nodes are tracked and reported separately but in a common format that makes possible direct comparison. True hardware uptime is reported so that hardware and software performance can be separated from that of the communications links and from each other. Summary reports and alerts aggregate a view of an entire network's status onto a single page. Reports are provided via web pages posted to a web server for instant access to results. E-mailed text alerts provide prompt notification of dangerous conditions. NEPM is managed via a browser interface, providing full local or remote control from anywhere on the network. Use NEPM to increase your network uptime, increase network security, monitor QOS and SLA's, and evaluate new equipment. Equipment monitored can be Windows or Linux/UNIX/FreeBSD servers, or any processor-based system that logs events to non-volatile storage and has a telnet/rlogin/ssh/IP stream-mode interface Browse by category |
|
 Privacy Statement |
