sktrap

5.0 Stars (4)
3 Downloads (This Week)
Last Update:
Download grindr-1.4.tar
Browse All Files
BSD Linux

Screenshots

Description

sktrap (script kiddies trap) is a tiny intrusion detection system. Installed on the monitor server, it runs tests via ssh on its clients. Cracks very visible (files,open ports). Built in reply to and very succesful in finding real-world break-ins.

sktrap Web Site

KEEP ME UPDATED

User Ratings

★★★★★
★★★★
★★★
★★
4
0
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
Write a Review

User Reviews

  • oid-3421677
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    BIG KUDOS for this program! This little program listed an infection in the "/dev/shm/ /" directory. (so attacker made a SPACES subdir to make it invisible!) Grindr/sktrap listed 35 files in that server that changed, 30 files of them were the infection's files. I looked at the source code and the ideas behind this program are smart, and stuff is pretty well polished. Feature request: maybe you can make the whitelisting PER SERVER? Baselining and looking for changes in ports based on the baseline. Illyana :)

    Posted 06/08/2011
  • oid-3348232
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Nice . very simple to setup and very effective at what it does: monitor your system integrity.

    Posted 04/18/2011
  • oid-3346937
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    I like this program: instead of being bombarded with the same warnings every day (with the risk of ignoring important real changes), with this program, you get a single file with a few lines max per client listed. I guess this is based on the programs main idea of just finding the modification time changes, so you just get the changed stuff listed. I've made a cronjob myself to run grindr every night, which starts a wrapper I built to mail grindrs' output to my inbox. Maybe "agentb" can built-in the mail-feature? Cheers, Tom

    Posted 04/18/2011
  • oid-3346925
    1 of 5 2 of 5 3 of 5 4 of 5 5 of 5

    Great little piece of software, i use this script on my main monitor server to watch about 12 other server and i get notified about all changes. For example last week someone added a new root user without letting me know and i got notified via grindr so i could check if this was legit, turned out it was. I can recommend this to anyone managing multiple servers and who find tripwire too much hassle to install.

    Posted 04/18/2011
Read more reviews

Additional Project Details

Languages

English

Intended Audience

System Administrators

User Interface

Console/Terminal

Programming Language

Unix Shell

Registered

2011-04-02
Screenshots can attract more users to your project.
Features can attract more users to your project.

Icons must be PNG, GIF, or JPEG and less than 1 MiB in size. They will be displayed as 48x48 images.