Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.
The goal of PyTables is to enable the end user to efficiently and easily manipulate large datasets (both homogenous, i.e. arrays, and heterogenous, i.e. tables) on a persistent, hierarchical way.
ISC dhcpd leases usage analysis
This is dhcpd-pools ISC dhcp shared network and pool range usage analysis. Purpose of command is to count usage ratio of each IP range and shared network pool which ISC dhcpd is in control of. Users of the command are most likely ISPs and other organizations that have large IP space. Program is written C. Design goal is to get analysis done quickly where there is lots of data. On cheap laptop the speed of analysis is roughly 100k leases per second. Number of ranges, or shared networks, does not make any significant difference in getting analysis done.
IPCAD runs captures traffic on the specified interfaces (BPF, PCAP, divert, tee, ULOG, IPQ), and records the traffic for later retrieval and analysis. Traffic exported via RSH or NetFlow.
SqStat is a script which allows to look through active squid users connections. It use cachemgr protocol to get information from squid proxy server.
ttyrpld is a multi-OS kernel-level TTY keylogger and screenlogger with (a)synchronous replay support. It runs on Linux, Solaris, FreeBSD, NetBSD and OpenBSD.
Ida, is a Apache log security analyzer written in PHP. It will scan Apache logs and report about security incidents like SQL injections, XSS attacks, path traveling and so on.
The ProM Import Framework allows to extract process enactment event logs from a set of information systems. These can be exported in the MXML format, which is the standard event log data format for Process Mining analysis techniques.
This project aims to develop a meta-data and associated tools for anomaly detection algorithms. It will be useful to benchmark AD algorithms, annotate existing datasets with AD systems, and communicate their results via public data-set repositories.
Postfix Log Parser in Python is a log analysis tool written in python language to get statistic reports and detect anomalous behaviours on a mail server based on Postfix and Cyrus
AutoBahn is a reactive unix log monitor, capable of analyzing logs for suspicious activity and implementing firewall rules to block offenders, all in real-time.
A Log Extraction Utility for owners of the Belkin 4-Port Cable/DSL Gateway Router (Model F5230).
A code toolkit for collecting usability data on the web. Tools range from an entirely client side solution for measuring scrolling and render time to a hybrid solution logging user activity every 200 milliseonds. Currently IE only.
Command line tool that can view multiple log files remotely and blend them into a single output based on the appropriate dates within the log files themselves. Has cat and tail modes available. Support for multiple local/remote protocols
Textual data processing solution for system administrators and Web programmers. The C library allows to manipulate string lists, CGI forms, MIME data, configuration files, logs parsing, regular expressions, date/time parsing, templates rewriting etc.
Dataone Quick usage Finder is a freeware open source utility, that's used to quickly get a summary of BSNL's broadband service dataone. Scheduled dialup connection and disconnection provided for BSNL's night unlimited plans.
With the Log Parser one can scan logs, whitelist out legitimate, non-corrupt entries (usually file paths), and apply a standard format to a log generated by any antivirus or malware-removal program. This makes for easier reading of the meat in any log.
Logalizer is a log analyzer for web server log files. It's very customizable, has a lot of useful features, and provides a level of detail that is so far only known from commerical solutions.
Provides a common way to measure the time intervals in a kind of log files.
FreeBSD Forensics Bootable ISO
Another Postfix's log analysis tool. It read maillog from stdin and output in format of every mail's traceroute. This can greatly help administrator to find problems of mail system.
Windows monitoring agent
Windows monitoring agent
Ad-Hoc Reporting Tool for Data (ART-data). Multithreaded Collector based Data Collection and analysis frame work. Many Collectors recieve data from Many sources to feed one engine, which analyzes and digests data into human readable GUI Charts & tables.
FAST library for storing and displaying various types of statistics. Rock stable and robust and well-designed image output.
William Gibson in his Science Fiction described AI controlled intrusion combat equipment or ICE. This project is to help and develop AI based ICE