[X] The "/OldFiles" file could not be found or is not available. Please select another file.

Share

More
pasmal (packet auth. sniffer - mal) Icon

pasmal (packet auth. sniffer - mal)

by chibibian, jamesmeehan, keystrike


Packet Auth. Sniffer (or Sequence) Allows you to set on your server this little daemon (pasmal) monitoring tcp/ip & icmp, and on the exact good sequence (the one you only know) run processes (a firewall) - such as access list update, iptables,ipchains.


http://pasmal.sourceforge.net





Separate each tag with a space.

Release Date:

2005-06-02

Topic:

Operating System:

License:

Translations:

Intended Audience:

Programming Language:

C

Registered:

2003-10-02

Ratings and Reviews

Be the first to post a text review of pasmal (packet auth. sniffer - mal). Rate and review a project by clicking thumbs up or thumbs down in the right column.

Project Feed

  • Tracker artifact added

    Anonymous created the error: No such device artifact

    posted by nobody 1493 days ago

  • pasmal2.0 - informations on this rel.

    pasmal 1.9 <= were having a little bug into the non encrypted port knocking engine that could have been a security issue, this bug is corrected in 2.0. Also pasmal 2.0 is now having in its intrusion detection engine predefined macros to drop/log with iptables attackers, to store important files during an attack (system.map, passwd, modules lists), also to log network connections, processes information/tree/memory details, and many others!) Now pasmal got its google group to discuss port knocking : http://groups.google.fr/group/port-knocking---pasmal?hl=fr

    posted by jamesmeehan 1681 days ago

  • pasmal pasmal 2.0 file released: pasmal2.0.tgz

    # Corrected a security related bug to the non encrypted port knocking engine (psnif.c). # Added macros in intrusion detection engine to : firewall with iptables (drop/log) attackers ip, log process connections/informations/list/tree, log who is online, backup modules list, passwd and system.map files during an intrusion.

    posted 1681 days ago

  • File released: /pasmal/pasmal 2.0/pasmal2.0.tgz

    posted 1681 days ago

  • pasmal 1.9 file released: pasmal1.9.tgz

    Fixed a few local security holes into pasmal.c port knocking main engine, Added packet intrusion detection logs (module_alert.c), Added general log viewing into the pasmal web-admin, Corrected a minor syslogd related bug into the packet intrusion engine (module_alert.c)

    posted 1702 days ago

  • File released: /pasmal/1.9/pasmal1.9.tgz

    posted 1702 days ago

  • pasmal 1.8 file released: pasmal1.8.tgz

    Corrected major bug into psnif.c - conflict between encrypted and normal port knocking sequences Corrected minor bug in log.c to have logging engine working completely Major and global code optimization, comments added ENGINE file added to explain how pasmal works Code optimization of intrusion detection system and alerts to have it working faster and logging packets.

    posted 1747 days ago

  • File released: /pasmal/1.8/pasmal1.8.tgz

    posted 1747 days ago

  • pasmal 1.7 - port knocking and intrusion detection engine

    pasmal 1.7 is a TCP/IP packet authentication system. The trend is port knocking, pasmal 1.7 is a port knocking daemon : When it receives a sequence of ICMP or TCP packets to any port (open/closed), it will issue a command on the server. It uses a "smokescreen frame" that features encrypted authentication packets for avoiding sniffers, as well as a TCP/UDP key for remotely activating the system. pasmal can be configured in text based mode or from your intranet : pasmal 1.7 comes with an optional Web-based administrator that can handle all its filter/firewall/port knocking/encoding keys facilities. Intrusion detection engine : pasmal 1.7 also acts as an intrusion detection system protecting itself with an alert level mode of intrusion, due to its sniffer capabilities. New features in pasmal 1.7 : - Intrusion detection engine with level alerts and customizable protection. If an intrusion (UDP/TCP) is sniffed and detected, depending of the delay of intrusion (in seconds or packets), actions will be done to cut it down. For instance, after 1 second of intrusion you can set an iptables filter for the attacking IP, after 15 seconds of attacking, you could just iptables all sources IP's to your servers destination on the forbidden port. - pasmal port knocking engine has been optimized to stop being a cpu waster, and has been tested on some heavy traffic servers . a MAXLOAD option has been added, so when the server cpu usage is too high, pasmal will stop by itself sniffing. an optional daemon (and listening packet) can be added to relaunch pasmal sniffing mode whenever. This for avoiding DoS attacks. - pasmal Web(ad)Min is rewritten in 'ok' english, and has all the necessary configuration tools for pasmal - pasmal default configuration file is re-written, to be easier to use.

    posted by jamesmeehan 1839 days ago

  • pasmal 1.7 file released: pasmal1.7.tgz

    # Added portalert.acl - IP authorized to connect without alert (module_alert.c) # Added portalert.acl into configuration file (pasmal.c) # Added MAXLOAD features in pasmal webmin (pasmal_config.php and pasmal_configok.php) # Added STATICKEY features in pasmal webmin (pasmal_config.php and pasmal_configok.php) # pasmal webmin english corrected. # Added pasmal auto-updates sign-in into pasmal wembin (index.php) module_alert code optimization for cpu resting (module_alert.c) # Added portalert actions feature - Doing an action, if your server got a security problem .. securing yourself by lively sniffing and interpreting packets coming to your server. (pasmal.c, pasmal.h, psnif.c, psnif.h, module_alert.c, module_alert.h)

    posted 1839 days ago

Rate and Review

Be the first person to add a text review.

Would you recommend this project?






<

Related Projects

pasmal (packet auth. sniffer - mal) Actions

Thanks for your rating!

Would you also like to write a review?





Skip Review

Thanks for your review!

Get credit for your review by logging in via OpenID. Click your account provider:

No Thanks