Projects tagged ‘linux’, ‘security’, ‘sysadmin’, and ‘tools’

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. (Wireshark was known as Ethereal until June 09, 2006)

Clam AntiVirus (ClamAV) is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a ... [More] tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. [Less]

Advanced Web Statistics (AWStats) is a free powerful Web server logfile analyzer (Perl script) that shows you all your Web statistics including visits, unique visitors, pages, hits, rush hours, search engines, keywords used to find your site, robots ... [More] , broken links, and more. It works with both IIS 5.0+ and Apache Web server log files as a CGI and/or from the command line. It also supports multiple languages including English, French, Dutch, Spanish, Italian, German, Polish, and Greek. [Less]

Nagios (formerly Netsaint) is a daemon written in C that is designed to monitor networked hosts and services. It has the ability to notify contacts (via email, pager or other methods) when problems arise and are resolved. Host and service checks are ... [More] performed by external "plugins", making it easy to write custom checks in your language of choice. Several CGIs are included in order to allow you to view the current and historical status via a Web browser, and a WAP interface is also provided to allow you to acknowlege problems and disable notifications from an internet-ready cellphone. [Less]

Snort® is an open source network intrusion prevention and detection system using a flexible rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is ... [More] the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry. [Less]

Zenoss is an IT infrastructure monitoring product that allows you to monitor your entire infrastructure within a single, integrated software application.Key features include: Monitors the entire stack: networks, servers, applications, services, power, environment, etc.

Zabbix is software that monitors your servers and applications. Polling and trapping techniques are both supported. It has a simple, yet very flexible notification mechanism, and a Web interface that allows quick and easy administration. It can be ... [More] used for logging, monitoring, capacity planning, availability and performance measurement, and providing the latest information to a helpdesk. [Less]

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. ... [More] Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. [Less]

IPCop Linux is a complete Linux distribution whose sole purpose is to protect the networks on which it is installed.

Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and grids. It is based on a hierarchical design targeted at federations of clusters. Ganglia is currently in use on over 500 clusters around the world and has scaled to handle clusters with 2000 nodes.

Prelude is an Hybrid IDS framework, that is, it is a product that enable all available security application, be it opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion ... [More] Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using an unified language. Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, honeyd, Nessus Vulnerability Scanner, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events. Prelude is commited to providing an Hybrid IDS that offers the ability to unify currently available tools. [Less]

sshproxy is a pure python implementation of an ssh authenticating proxy. It allows users to connect to remote sites without having to know the password or key of the remote sites. ACL rules can be set up to allow or deny users based on ... [More] different parameters like their IP address or the time of the day. Access attempts are logged via syslog, and an enhanced "action log" system is under development. The client is the standard ssh client. [Less]

inoclam uses inotify to watch user specified directories. When a file is created, changed or copied to one of the monitored directories, the file is virus checked with ClamAV. If a virus is detected, the file is optionally removed from the file system and the administrator is optionally notified.

Sawmill is a log analysis tool which can be used to analyze Web site traffic, proxy usage, ftp usage, and much more. Major features include a persistent database for long-term tracking of statistics, hierarchical data mining features, and many security features appropriate for use in a multi-user environment.