|
(Page 1 of 11) 1 2 3 4 5 6 Next > Category: Intrusion Detection » Network Network Equipment Performance Monitor Added 2006-03-16 NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems. Many networks behind separate firewalls can be reported on at one central site, and hard-to-reach isolated nets can be accessed. NEPM itself is system independent and can be hosted on either a UNIX or WinNT system or a combination of these with equal ease. NEPM monitors and reports uptime, critical events such as intrusion attempts, access rates, bytes-transferred rates, and error rates of network nodes. Unique precursor event links drill down instantly to the causes of downtime, intrusion events, etc. Performance graphs highlight element throughput and error rate. Hardware and software sub-systems within nodes are tracked and reported separately but in a common format that makes possible direct comparison. True hardware uptime is reported so that hardware and software performance can be separated from that of the communications links and from each other. Summary reports and alerts aggregate a view of an entire network's status onto a single page. Reports are provided via web pages posted to a web server for instant access to results. E-mailed text alerts provide prompt notification of dangerous conditions. NEPM is managed via a browser interface, providing full local or remote control from anywhere on the network. Use NEPM to increase your network uptime, increase network security, monitor QOS and SLA's, and evaluate new equipment. Equipment monitored can be Windows or Linux/UNIX/FreeBSD servers, or any processor-based system that logs events to non-volatile storage and has a telnet/rlogin/ssh/IP stream-mode interface Security Center Lite Added 2006-02-24 Security Center is network security software for real-time intrusion detection and prevention that helps to protect networks from potential intruders, unauthorized network connections and malicious network activities. Security Center key features are: Online network discovery, Automatic threat and vulnerability monitoring, Manual or automatic protection against potential intruders, Proactive blocking on unauthorized network connections, Email and SNMP alerts forwarding, Daily and weekly email reports, Threats and vulnerabilities statistics, Database exporting capabilities and wireless networks support. The Lite version supports up to 100 nodes. Firewall Test Agent Added 2006-01-18 This simple tool can be used to test and log the rules on a firewall. The Firewall Test Agent is able to open up any number of TCP and UDP ports on a windows machine and log any connection attempts. A port scanner or other such tool can then be used to scan through the firewall to find which ports have been allowed through in the firewall rule base. This tool is useful when you don't have access to the firewall rules. This tool could also be used as a port scan monitor if you are interested in the number of scans your networks are receiving. WARNING: Some machines will NOT be able to open thousands of ports. With older, slower and heavily utilized machines you should only open a few thousand ports at a time. I do not recommend any more than 10,000 ports at any one time although 65,535 if theoretically possible. Prelude Hybrid IDS Framework Added 2005-09-21 Prelude is a Hybrid IDS framework, that is, a product enabling all security applications, be it open-source or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using a unique language. WiFiManager Added 2005-08-17 Integrated wlan security and Management tool. Identifies the vulnerabilities in the wlan, the intrusion attempts and mitigates wlan attacks. Helps in configuring the Access Points and in firmware upgrade. Libnids Added 2005-03-21 NIDS E-box implementation; emulates linux 2.0.36 TCP/IP stack. It provides IP defragmentation, TCP reassembly, portscan detection. IDS Policy Manager Added 2004-11-30 IDS Policy Manager was designed to manage Snort IDS sensors in a distributed environment. This is done by having the ability to take the textconfiguration and rule files and allow you to modify them with an easy touse graphical interface. With the added ability to merge new rule sets,manage preprocessors, control output modules and scp rules to sensors, thistool makes managing snort easy for most security professionals. Honeynet Security Console Added 2004-08-18 Honeynet Security Console is an analysis tool to view events on your personal honeynet. It gives you the power to view events from Snort, TCPDump, Firewall, Syslog and Sebek logs. It also allows you to correlate events from each of these data types to have a full grasp of the attackers' actions. Anti-Cracker Shield Added 2004-07-19 Protect your computer from Internet worms and hackers' attacks, which become possible due to the operational system and software vulnerabilities ("exploits"). Neither antiviruses, nor firewalls can protect from exploits. Only Anti-Cracker Shield, a multilevel security system is able to cope with all known and unknown versions of "exploits". It is possible and is necessary to protect from hackers! SnortNotify Added 2004-06-14 Running from cron at a specified interval SnortNotify will search a snort database for new alerts. If new alerts match a pre configured priority level, an email will be sent to the contact. The email will include Sensor name, the signaturename, and the timestamp. Browse by category |
|
|
Privacy Statement |
