sktrap (script kiddies trap) is a tiny intrusion detection system. Installed on the monitor server, it runs tests via ssh on its clients. Cracks very visible (files,open ports). Built in reply to and very succesful in finding real-world break-ins.

Project Samples

interpreting the output of multiple clients crack files processes and its connections clearly visible

Project Activity

See All Activity >

Categories

Anti-Malware

License

GNU General Public License version 2.0 (GPLv2)

Follow sktrap

sktrap Web Site

You Might Also Like
Top-Rated Free CRM Software Icon
Top-Rated Free CRM Software

216,000+ customers in over 135 countries grow their businesses with HubSpot

HubSpot is an AI-powered customer platform with all the software, integrations, and resources you need to connect your marketing, sales, and customer service. HubSpot's connected platform enables you to grow your business faster by focusing on what matters most: your customers.
Get started free
Rate This Project
Login To Rate This Project

User Ratings

5.0 out of 5 stars
★★★★★
★★★★
★★★
★★
4
0
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:
All
  • oid-3421677 Posted 2011-06-08
    BIG KUDOS for this program! This little program listed an infection in the "/dev/shm/ /" directory. (so attacker made a SPACES subdir to make it invisible!) Grindr/sktrap listed 35 files in that server that changed, 30 files of them were the infection's files. I looked at the source code and the ideas behind this program are smart, and stuff is pretty well polished. Feature request: maybe you can make the whitelisting PER SERVER? Baselining and looking for changes in ports based on the baseline. Illyana :)
  • oid-3348232 Posted 2011-04-18
    Nice . very simple to setup and very effective at what it does: monitor your system integrity.
  • oid-3346937 Posted 2011-04-18
    I like this program: instead of being bombarded with the same warnings every day (with the risk of ignoring important real changes), with this program, you get a single file with a few lines max per client listed. I guess this is based on the programs main idea of just finding the modification time changes, so you just get the changed stuff listed. I've made a cronjob myself to run grindr every night, which starts a wrapper I built to mail grindrs' output to my inbox. Maybe "agentb" can built-in the mail-feature? Cheers, Tom
  • oid-3346925 Posted 2011-04-18
    Great little piece of software, i use this script on my main monitor server to watch about 12 other server and i get notified about all changes. For example last week someone added a new root user without letting me know and i got notified via grindr so i could check if this was legit, turned out it was. I can recommend this to anyone managing multiple servers and who find tripwire too much hassle to install.
Read more reviews >

Additional Project Details

Operating Systems

Linux, FreeBSD

Languages

English

Intended Audience

System Administrators

User Interface

Console/Terminal

Programming Language

Unix Shell

Related Categories

Unix Shell Anti-Malware Software

Registered

2011-04-03
Report inappropriate content