check-ps
Details
| Size: | 0K |
| Last Update: | 2008-05-14 23:53:52 |
| Version: | 0.8.5 |
| OS Support: | Linux |
| License/Program Type: | GPL (GNU General Public License) |
| Publisher: | Jeff Yestrumskas |
| Price: | $0.00 |
Description:
check-ps 0.8.5 is monitoring software developed by Jeff Yestrumskas.
Devialog is a behavior/anomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog.
Present log-based IDS:
Nearly all present log-based intrusion detection systems operate using a pre-defined known signature base, usually painstakingly created by hand. They can work well if the creator knows exactly all error and informational messages the software on a system(s) will write to syslog. Most overworked administrators wish there was an easier way to handle system logfiles in a sane, time-saving fashion. Present log-based intrusion detection systems have difficulty in detecting new attacks.
How devialog Differs:
devialog makes syslog parsing far less of a chore than it previously has been. It is functionally the inverse of standard log monitoring software. devialog, by default, reports on what is not know in its signature base, i.e. anomalous. This type of intrusion detection system is considered behavior-based, or anomaly detection. Reporting can be in the form of an email for each anomalous log, or an email for all the logs sent within a pre-defined time window. devialog can also execute commands, or simply write all anomalies to a file for periodical review.
Signature Creation:
For log-based anomaly detection to operate effectively, one must create an extremely large signature base. With an included utility, devialogsig, the signatures are created automatically. Future signature additions are ver simple, like a copy from the alert email.
check-ps 0.8.5 supports english interface languages and works with Linux.
Downloading check-ps 0.8.5 will take if you use fast ADSL connection.
0 comments
Add to
check-ps Version History
Related Software
|
|
From category: Operating-Systems-Kernels |
| FR1 2.15b is operating systems kernels software developed by Peter T. Breuer. FR1 is a Linux kernel driver that adapts the kernel\'s own software RAID1 driver. It\'s intelligent in that it d... |
|
|
From category: Emulators |
| Yabause is a Sega Saturn emulator.... |
|
|
From category: Operating-Systems-Linux-Distri |
| Ark Linux Live 2006.1 is operating systems linux distri software developed by ArkLinux. Ark Linux Live is a Live CD edition of Ark Linux. Ark Linux is a beginner-friendly Linux distribution meant p... |
|
|
From category: Monitoring |
| Automatic Firewall 0.3.2 is monitoring software developed by Baruch Even. Automatic Firewall is a script that will automatically configure a firewall. If you are a broadband or dial-up user who doe... |
|
|
From category: Monitoring |
| doinkd 0.01 is monitoring software developed by Lott Caskey. doinkd project is a \"daemon\" that runs on a machine to keep an eye on current users. If users have been idle for too long, or have be... |
|
|
From category: Installer-Setup |
| Feta 1.4.12 is installer/setup software developed by piman. Feta is a front end to various package management tools like dpkg, APT, and debconf. Feta provides a wrapper around these and other progr... |
|
|
From category: Networking |
| AGT 1.11 is networking software developed by Andy. AGT is a powerful console frontend to iptables, supporting nearly all of the iptables extensions (such as quota, random, MIRROR, multiport, owner,... |
|
|
From category: Emulators |
| GNOME Video Arcade is a simple xmame front-end for the GNOME Desktop Environment.... |
|
|
From category: Boot |
| GAG 4.7 is boot software developed by Raster Software Vigo. GAG (initials, in spanish, of Graphical Boot Manager) is a Boot Manager program. GAG&039;s loaded when the computer is turned on and all... |
|
|
From category: Filesystems |
| ext3 0.0.7a is filesystems software developed by Stephen Tweedie. ext3 adds journaling filesystem capabilities to ext2fs. What is journaling? It means you don\'t have to fsck after a... |
|
|
From category: Shells |
| BASH Debugger 3.1-0.06 is shells software developed by Rocky Bernstein. Bash Debugger project contains patched sources to BASH that enable better debugging support as well as improved error reporti... |
|
|
From category: System-Administration |
| Build Log 0.0.3 is system administration software developed by Thumb. Buildog was inspired by my need to track the steps involved in software builds. Particularly the software packages in the Linux... |
|
|
From category: Networking |
| Online Tools package contains some handy networking tools.... |
|
|
From category: Operating-Systems-Linux-Distri |
| Cool Linux 2.3 is operating systems linux distri software developed by Michael Vasiliev & Andrew S Velikoredchanin. Cool Linux CD is a bootable CD with Linux operating system that contains a 2.4 ke... |
|
|
From category: Networking |
| AutoDNS 1.0.0 is networking software developed by Jonathan McDowell.. AutoDNS is an easy way to enable configuration of secondary DNS via email. It allows addition, deletion and listing of secondar... |
Leave a comment