| JVSniff | |
| Submit Date: 4/9/2000 10:46:18 PM | License Info: free Price: see website |
| Short Description: Packet sniffer for Win32 | |
| Web Link: http://www.gordian.com/users/jim/dnload.html | |
| Home Page: http://www.gordian.com/users/jim/ | |
Rating:  | |
| Submitted By: Cybersnitch Webmaster | |
| Information: This first little goody is a packet sniffer for Win32 (i.e. NT and 95) that saves captured data into sniffer format. It consists of a NDIS protocol driver and a user app that lets people set up some simple filters and capture network data. It runs under Windows NT 3.51 and 4.0 workstation and server, and Windows 95. | |
| LaBrea | |
| Submit Date: 10/9/2001 1:49:34 PM | License Info: GPL Price: free - see website |
| Short Description: Create a sticky-honeypot to stop Internet worms and other abusers | |
| Web Link: http://www.hackbusters.net/LaBrea/ | |
| Home Page: http://www.hackbusters.net/ | |
Rating:  | |
| Submitted By: CERI Labs | |
| Information: CERI rating - due to innovation and effectiveness.
Complete information about LaBrea located at
http://www.hackbusters.net/LaBrea/
and also at
http://www.incidents.org/archives/intrusions/msg01368.html | |
| SNORT | |
| Submit Date: 9/27/2001 3:11:56 PM | License Info: GPL Price: free |
| Short Description: Award winning Intrusion Detection System | |
| Web Link: http://www.snort.org/ | |
| Home Page: http://www.snort.org/ | |
| Rating: | |
| Submitted By: CERI Labs | |
| Information: CERI Lab Note: SNORT is a powerful program that has applications for both IDS for business as well as for law enforcement network investigations. Contact us at cerilabs@cyberenforcement.com for questions as well as implementation solutions.
---------
The Open Source Network Intrusion Detection System. There are three main modes in which Snort can be configured: sniffer, packet logger, and network intrusion detection system. Sniffer mode simply reads the packets off of the network and displays them for you in a continuous stream on the console. Packet logger mode logs the packets to the disk. Network intrusion detection mode is the most complex and configurable configuration, allowing Snort to analyze network traffic for matches against a user defined rule set and perform several actions based upon what it sees. | |
| WINDUMP | |
| Submit Date: 10/22/2000 2:21:04 AM | License Info: free Price: free |
| Short Description: Packet capture: TCPDUMP Port to Windows Platform | |
| Web Link: http://netgroup-serv.polito.it/windump/install/Default.htm | |
| Home Page: http://netgroup-serv.polito.it/windump/ | |
| Rating: | |
| Submitted By: Cybersnitch Webmaster | |
| Information: WinDump is the porting to the Windows platform of tcpdump, the most used network analyzer for UNIX. Porting is currently based on version 3.4a6. WinDump is fully compatible with tcpdump and can be used to watch and diagnose network traffic according to various complex rules. It can run under Windows 95/98, under Windows NT and under Windows 2000 | |