Search Results for "log analysis tools"

SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.

Flexible web-based firewall log analyzer, supporting netfilter and ipfilter, ipfw, ipchains, cisco routers and Windows XP system logs, and mysql or postgresql database logs using the iptables ULOG or NFLOG target of netfilter others mapped to the ulogd format with a view. Fully supports IPv6 for database logs, and netfilter and ipfilter system file logs. Also supports Maxmind's GeoIP version 2 location databases. For Linux, FreeBSD, OpenBSD, Solaris, OSX,etc.

Two tools able to edit your ipfilter.dat . These tools are able to edit your ipfilter.dat in order to check for big ranges and to check adjacent ranges . From the creators of ipfilterX , Nexus23 Labs . - Updates in Progress -

360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, firewall policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA or ScreenOS commands, and its one file! Read Policy and Logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), Cisco ASA (show run / syslog format), 360-FAAR compares firewall policies and uses CIDR and text filters to split rulebases / policies into target sections and identify connectivity for further analysis. 360-FAAR supports, policy to log association, object translation, rulebase reordering and simplification, rule moves and duplicate matching automatically. ...

redWall is a bootable CD-ROM Firewall with Snort, snortsam, dansguardian and support for fwbuilder, spamassassin, reporting (using ACID/sarg/ntop/webfwlog), VPN (FreeSWan/PoPToP/Openvpn) and mail alerting (by mail). Configs are stored on a Floppy or USB

These three tools build Checkpoint, Cisco ASA or Netscreen policys from logfiles. They write dbedit, access-list or set address, set service and set policy commands for the traffic seen in the logs, that can be cut and pasted into the firewalls. WOOT

This is the effort to make a simple small business server that provides basic infrastructure with spam and virus protection, service usage accounting and reporting, easy provisioning and password management, message board, addressbook and other.

Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.

Ptcap is a Unix daemon that captures traffic packet size, source, destination, and times and saves this data into a postgres (and now ODBC including mysql) database in near real time, from which traffic reports may be made.

fwgraph is an attempt to characterize and present network traffic including network devices, QoS, and iptables under Linux.

Schedule emailing of your Smoothwall logs. Schedule on a daily/weekly/monthly basis via cron jobs. Formatting options are text and html. csv formatting planned.

What are the packets rejected by your Netfilter based firewall today ? How often this suspicious host try to connect to your box ? What are the most rejected domains ? Who is this strange host which scan your ports ? The responses are in the iptables log

Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attacker's IP into IPFW table effectively blocking them. Addresses are removed from the table after expiration period

readlog is a pair of scripts for reviewing iptables firewall logs via a handy web interface using a MySQL backend.

LogCop is a set of turn-key bash/firewall/awk scripts for enhancing an IDS. It monitors system logs and blocks IP addresses based on such criteria as illegal user names from repeated attacks. In production under Linux, FreeBSD, OS X, Solaris.

IP Traffic Volume: Logs (counts) in- & outgoing bytes through network device(s) using kernel iptables. Highly configurable as to which bytes are logged, e.g. to/from specific ports or ip-addresses. Data displayed in html via cgi or plain ascii to console

FwPlatinum provides real time data analysis of CheckPoint FireWall-1 connection logs. Data is stored for up to 2 years, and is accessed by CGI generated graphs which can drill down to the specific time that you are interested in.

The Titan Firewall is an interface Web to manage firewall based on Linux with iptables. It supports filtrate of packages, NAT, logs, VPN's... Implemented in Java and jsp.

Green Screen: A Linux based Advanced Syslog Server for Juniper NetScreen Firewalls - Can be expanded later to support other products. It can capture syslog messages, parse them, store them in a MySQL database. A Web GUI interface is also included.

Loganalyzer for Windows XP Firewall and Linux Iptables firewall. Generates a nice html document with statistics from all the pakets captured by the firewall. The program is written in Python and has an (optional) graphical interface.

Traffic Control is a Linux toolbox to control squid, NAT, and other services traffic limits. TF uses Linux iptables to count traffic. This utility consists of two parts. The first is server side (written in Perl) and the second part is the interface.

Netscreen Firewall Log Analyser which can analyse log files in Netscreen Log File format and copy data into Access Database. Developed by Specialists for Computer Systems (SCS)

PACIE (Perl Analysis Console for Intrusion Events) Attempts to be a complete replacement for ACID. Place this cgi script on your internal webserver and receive powerfull reporting on your current snort database.

fwlogwatch is an open source firewall/IDS log analyzer and interactive realtime attack detection and response tool

A Log Extraction Utility for owners of the Belkin 4-Port Cable/DSL Gateway Router (Model F5230).