Search Results for "network security simulator"

Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.

Logs Analyzer, Alerter & Reporter with a Web Interface

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich...

NetProfiler builds a custom filter (BPF) for your network based off of common communications. FilterAnalyze-NetProfiler analyzes the custom filter built by NetProfiler (it may work with other filters as well).

This is yet another simple piece of software that extracts all the basic stats from honeyd’s text-based log files and inserts them in a MySQL database. Then you can run some queries and of course visualize the data if you want to. Many things are hardcoded or dead simple, but it does the job. The file is a modified version of “honeyd_importer” perl script originally writen by Joshua Gimer and shared through “honeypots” mailing list.

DAD is a Windows event log and syslog management tool that allows you to aggregate logs from hundreds to thousands of systems in real time. DAD requires no agents on the servers or workstations. Correlation and analysis is driven through a web front end.

Kojoney is an easy of use, secure, robust and powerfull Honeypot for the SSH Service written in Python. With the kojoney daemon are distributeds other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log fi

What are the packets rejected by your Netfilter based firewall today ? How often this suspicious host try to connect to your box ? What are the most rejected domains ? Who is this strange host which scan your ports ? The responses are in the iptables log

System to track and report network break-in attempts via ssh and other protocols.

A statistical view of the recorded activity on a Honeynet. A mechanism for a honeynet to present some information about its findings over the web. This is done by a statistical analysis on the inbound firewall logs recorded by the honeynet's firewall.

readlog is a pair of scripts for reviewing iptables firewall logs via a handy web interface using a MySQL backend.

SrvReport is a simple and featurefull server monitoring and reporting system. It will send every day a mail with the latest state of the server including traffic (via /proc/net/dev and/or iptables), cpu, mail, http, ftp reports and other logs.

Green Screen: A Linux based Advanced Syslog Server for Juniper NetScreen Firewalls - Can be expanded later to support other products. It can capture syslog messages, parse them, store them in a MySQL database. A Web GUI interface is also included.

SLOP is a PERL and PHP based engine for the collection of and reporting on logs from various network based devices such as firewalls, switches, and web servers. So far, SLOP supports Checkpoint firewalls and Cisco 2900 and 3500 switches.

PACIE (Perl Analysis Console for Intrusion Events) Attempts to be a complete replacement for ACID. Place this cgi script on your internal webserver and receive powerfull reporting on your current snort database.

Shoki is a free, open source network intrusion detection system. The fundamental design goals are simplicity and modularity, and the focus is on traffic analysis rather than content inspection.

Distributed Syslog collector and viewer system with reliable Syslog msgs over tcp, and query with reg ex. using PERL. Supports IETF syslog and syslog relay, JAVA/JINI based, uses postgreSQL, JBOSS. Chain of custody raw to db data link. UTF8, D, F , UK

my-swatch pretends to be an implementation of msyslog and swatch together. What it pretends to accomplish is put all together, to log events to a remote database (like msyslog) and to awake triggers (like swatch).

The port scan plug in for snort, or just portscan for short is intended to be used in conjunction with snort and logcheck. The tool will allow you to monitor your snort log file and then do port scans based upon certain keywords.