Projects

ossec-hids

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

AlienVault OSSIM

AlienVault Open Source SIM aims to be the all-in-one security solution for enterprise needs, featuring: Low level real-time detection of known threats and unknown abnormal activity Network, host and policies Audit Network behavior analysis and profiling Log management Intelligence to improve the ... [More] accuracy of threat detection Risk oriented security analysis Compliance automation Executive and technical reports An scalable high performance architecture [Less]

Osiris

Osiris is a Host Integrity Monitoring System that periodically monitors one or more hosts for change. It maintains detailed logs of changes to the file system, user and group lists, resident kernel modules, and more. Osiris can be configured to email these logs to the administrator. Hosts are ... [More] periodically scanned and, if desired, the records can be maintained for forensic purposes. Osiris keeps an administrator apprised of possible attacks and/or nasty little trojans. The purpose here is to isolate changes that indicate a break-in or a compromised system. Osiris makes use of OpenSSL for encryption and authentication in all components. [Less]

Laser Pointer Pointing Device

The aim of this project is that you can do the following: 1. Take a laser pointer, webcam, and video projector. 2. Connect them to your computer. 3. Place the camera in the vicinity of the projector. 4. Now, simply use the laser pointer as a pointing device (read: mouse) to control your ... [More] computer! This might potentially be useful as a remote control device for home cinema (it is for me), or as an input device for presentations. Or maybe it's just something I wrote because I think it's cool. [Less]

sobek-hids

Sobek-Hids is a python based Host IDS system that is capable of monitor: Registry Changes File Activity Process Creation Printing Jobs External Drives (USB Disk Plugs) Shared Resources Windows Accounts Logon Firewall Changes InstallationYou need python for windows and the following packages: ... [More] win32 extensions from Mark Hammond WMI module Then download a copy of Sobek-Hids from the repository or zipped version: svn checkout http://sobek-hids.googlecode.com/svn/trunk/ sobek-hids-read-only http://sobek-hids.googlecode.com/files/sobek-hids.v0.1.zip You can activate/deactive some modules from the config.cfg file and change log file location: [log] file = c:\mon.log verbose = debug remoteip = [process] enable = True [printer] enable = True [media] enable = True [file] enable = True path = c:/ documents = .*doc [shares] enable = True [account] enable = True [logon] enable = True [share-access] enable = True [firewall] enable = True [Less]

pyHIDS

pyHIDS is a simple host-based intrusion detection system. It uses an RSA signature to check the integrity of its database. Alerts are written in the logs of the system and can be sent via email to a list of users. You can define rules to specify files to be checked periodically.

hi2136-6185-hw3

IDS project

fcheck3

File integrity validation based on the original fcheck

davjd

We will be creating a Host based Intrusion Detection System (HIDS) for windows using C#.