SecurityFocus ARIS Extractor is a sophisticated Intrusion Detection System (IDS) log analyzer and reporting system, integrated with the SecurityFocus ARIS web site. It allows administrators to upload Intrusion Detection System (IDS) logs to the SecurityFocus ARIS Web site, producing sophisticated reporting, and research attacks and events. By filtering out insignificant or benign data and converting it to a common (XML) format, ARIS extractor streamlines incident reporting for both security professionals and home users, allowing IDS operators to focus only on relevant attacks and incidents. It allows you to analyze and archive logged incidents, cross reference incidents/attacks with the SecurityFocus Vulnerability Database, look up contact information for offending IP addresses, generate personal incident statistics and reports, automatically identify and report important incidents, reduce the amount of time spent parsing IDS logs, and generate daily summary reports, delivered by email (optional). All of this is done without revealing any information that could be used to discern your identity. It can be configured to obfuscate IP addresses, names, and other pertinent details before submitting them to the ARIS Analyzer web site. It supports Snort, Cisco Secure IDS, Dragon, NetProwler, RealSecure, BlackICE Defender, and ICEPac.
The DAP daemon runs entirely as a non-privileged user and sends regular updates of the server status to a specified set of peers in a cluster. You can specify any number of information elements, such as uptime, networkdevice counters (packet/octet), logged in users (via utmp), load averages, and memory/swap usage.
Complete System Resource Monitor and Task Organizor consists of a daemon, a client, and a WWW-server (within the daemon). The daemon can run tasks and handle client-daemon and WWW-daemon requests. Clients can receive statistics and issue commands. Monitoring and maintenance is performed as prescheduled tasks. The system includes a process monitor and handler, a basic WWW-client, and a console client.
MRTGFE is primarily a frontend for MRTG. It creates a dynamic index for your MRTG targets, eliminating the need to run indexmaker after each update to the MRTG configuration file. MRTGFE can also generate totals and average totals for any time period. The viewing of mrtg.cfg configurations can also be viewed for each target, encouraging the sharing of mrtg.cfg to make life easier for all.
GTrace is a graphical front-end to traceroute that geographically displays the IP path information between the source and destination hosts. It is written in Java and works on the Solaris, Linux, and FreeBSD. It uses a combination of methods to either determine or guess at the physical location of a node in the traceroute path. It is flexible enough to support the addition of new databases, heuristics to map IP addresses to physical locations, and maps.