Menu

Passive Asset Detection System / News: Recent posts

PADS 1.2 Released

Passive Asset Detection System (PADS) was designed to supplement active scanners by combining a network sniffer with a rule-based detection engine similar to a network IDS. It will listen to a network and attempt to provide an up-to-date look at the hosts and services running on the network. The application operates invisibly and will never release a packet into the network.

Along with the new 1.2 version, an additional utility application has been released called pads-archiver. The pads-archiver tool is used to archive PADS data to permanent storage. It does this by reading from a FIFO file created by PADS. PADS will pass data through this FIFO and pads-archiver will read it and then write it to one or more data destinations.... read more

Posted by Matt Shelton 2005-06-18

Pads 1.1.3 Released

Pads is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts. This version of Pads is a feature and bug fix release. It has a new feature that allows MAC addresses to be resolved into hardware vendor names along with minor bug fixes.

You can download this latest release, here:
https://sourceforge.net/project/showfiles.php?group_id=116419&package_id=127087

Posted by Matt Shelton 2004-10-01

Assets to Mysql 090204 Released

Assets to MySQL (ATM) takes a given assets file and inserts all records within into a MySQL database named 'pads'.

ATM is the first entry in the PADS contribution section. Tony Lukasavage is the contributor of this program. Please be sure to take a look at it! Thanks Tony!

Posted by Matt Shelton 2004-09-17

Pads 1.1.2 Released

Pads is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.

This release contains minor bugfixes, a few code optimizations, and some additional signatures. These changes are in preparation for the upcoming version 1.2 release. This version will be released within 3-4 weeks and will contain additional features.

Posted by Matt Shelton 2004-08-31

Pads 1.1.1 Released

Pads is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.

This is a minor upgrade containing only bug fixes. All users are encouraged to upgrade to this release immediately. A security hole was found in the previous release. This version corrects it.

Posted by Matt Shelton 2004-08-18

New Mailing List

A new mailing list has been created to track CVS commits. An email will be sent to this list every time a developer commits a change to the project CVS repository. This is an excellant way to keep track of bleeding edge new features!

To subscribe to the list, visit:
http://lists.sourceforge.net/lists/listinfo/passive-cvs-commits

Posted by Matt Shelton 2004-08-18

Pads 1.1 Released

Pads is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.

Pads 1.1 is the first version released on Sourceforge. Hopefully it will be the first of many more Sourceforge releases.

Changes:
- Network Restriction - Networks can now be specified on the command line using the '-n' switch.
This will cause PADS to only record assets that fall within the specified networks.
- ARP Support - ARP Reply packets are used to retrieve an asset's MAC address.
- ICMP Support - The application now looks for ICMP Echo Reply packets.
- SLL Frame Relay Support
- Daemonize - PADS will go into the background whenever '-D' is specified on the command line.
- Converted all data structures to linked lists.

Posted by Matt Shelton 2004-08-15

New Website!

I just posted the new website to Sourceforge. It can be viewed at http://passive.sourceforge.net.

The source code to the web site is in the project CVS repository under "www". Please feel free to view, modify, add, or volunteer to completely redesign the site for me!

Posted by Matt Shelton 2004-08-14

Pads 1.1 Feature Freeze

The last set of new features for 1.1 has just been committed. Once this code has been tested I will officially release pads-1.1. This will be the first Sourceforge release!

If you would like to preview 1.1 or help test it, please feel free to retrieve it from the project CVS repository. I have tagged it as PADS_1.0.2-PRE4.

As always, feel free to contact me if you have any questions.

Posted by Matt Shelton 2004-08-12