Search Results for "sourcecode for network monitoring system"

SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.

this tool tries to repair your broken pcap and pcapng files by fixing the global header respectively packet blocks and recovering the packets by searching und guessing the packet headers or blocks

ATTENTION: Snare Lite is unsupported legacy software. While it will remain a part of the SourceForge community, it is no longer secure and compliant. For up to date Snare software check out Snare Enterprise. https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM...

IPAC-NG is the iptables/ipchains based IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Ipchains and (preferably) iptables are supported. Logs are stored in files, a gdbm or a PostgreSQL database.

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich...

vSysLog is simple syslog viewer developed for showing syslog messages in more human-readable form. This software uses user-defined patterns for formatting received messages. It works on Linux/GTK+ platform.

GoAccess is a real-time Apache web log analyzer and interactive viewer that runs in a terminal and provides fast and valuable HTTP statistics for system administrators that require a visual report on the fly.

Logdigest mails interesting lines from log files to the system administrator. Non-relevant lines are filtered out by customizable regular expressions. Logdigest comes with a set of such regexps to provide a good starting point.

Logpp is a tool for preprocessing event logs and feeding relevant data to other programs for storing or in-depth analysis. Logpp reads lines appended to input files, matches the lines with patterns, and writes the results to given destinations.

Nuhe is a log monitoring system, which is capable of alarm generation and action when rules are matched against log(s) activity.

The first stage of development is do write a tool to anonymize packet capture files captured with libpcap. After that we will be integrating this with tcpdump to anonymize in real-time and analyze and look for its effect on different IDS's.

Cnc's IP Data Volume Report: Logs IP to IP contact, number of packets, bytes, time of contact, Ethernet too! View via local web interface. Very simple for those who want to view who your computer is contacting the most!

IPCAD runs captures traffic on the specified interfaces (BPF, PCAP, divert, tee, ULOG, IPQ), and records the traffic for later retrieval and analysis. Traffic exported via RSH or NetFlow.

Система учета трафика.

Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attacker's IP into IPFW table effectively blocking them. Addresses are removed from the table after expiration period

Universal IP-traffic collector. Can gather data from Cisco IP Accounting / ipcad, Mikrotik, NSG, Revolution routers.

Collector of the traffic on the basis of pcap-library. Data are aggregated and saved under the scheme "DetailHostMatrix Aggregation Schemes" Cisco NetFlow FlowCollector. Data are kept in the form of gzip-files or deduced in stdout.

LogCop is a set of turn-key bash/firewall/awk scripts for enhancing an IDS. It monitors system logs and blocks IP addresses based on such criteria as illegal user names from repeated attacks. In production under Linux, FreeBSD, OS X, Solaris.

Netmon is a simple program for monitoring bandwidth and data usage on linux machines. It is useful for those with a broadband connections that pay for their data or have download limits.

imsniff is a pcap-based instant messaging sniffer. It captures the IM traffic in the network and is able to log conversations, contact lists, profile information, incoming email notifications, other MSN events, etc. Tested in Linux and Windows.

Snort2c attempts to be a improved version of snort2pf wrote by Stephan Schmieder with some advantages: kqueue, pf table support, pf ioctl's calls and others. It works monitoring snort's alertfile and blocking attackers ip using pf calls.

Searches arbitrary text input (logs, etc) for regular expression(s) matching, and then executes arbitrary SQL statement(s) with matched substrings used as parameters. Offers daemon, incremental and transactional features.

M-ICE is a modular hostbased intrusion detection framework. It is used as middleware to close the gap between IDS research and IDS development. M-ICE consists of various parts that can be connected together by using network-or interprocess-communication

Green Screen: A Linux based Advanced Syslog Server for Juniper NetScreen Firewalls - Can be expanded later to support other products. It can capture syslog messages, parse them, store them in a MySQL database. A Web GUI interface is also included.

Small utility written in C allowing easy access to Apache mod_log_sql generated logs for the purpose of log analyzers such as webalizer. Takes any or none of parameters virtual host, month, and year to generate Common Log Format dump to STDOUT.