|
|
|
| End User License Agreement |  |
|
All files listed below are ©2000-2005 under the GNU-GPL Licensing Terms.
These programs and scripts are provided as is without any guarantees or warranty.
Although the author has attempted to find and correct any bugs in these free software programs and scripts, the author is not responsible for any damage or losses of any kind caused by the use or misuse of these programs or scripts.
The author is under no obligation to provide support, service, corrections, or upgrades to these free software programs and scripts.
The 'discovery' tools offered here are for Educational Purposes ONLY!
By downloading and/or using these programs and scripts you acknowledge this agreement.
|
|
|
This project has grown into v2.0 and has moved to
I wrote this tool because I couldn't find any parsers out there for what is today the newest form of logging on the Cisco PIX: PIX OS v6.3x with object-groups tied to ACLs via access-groups.
Here is what a log entry in this format looks like:
Feb 7 14:19:12 10.2.1.1 Feb 07 2005 14:17:45: %PIX-4-106023: Deny tcp src outside:65.95.XXX.XXX/4553 dst dmzweb:65.120.XXX.XXX/445 by access-group "101"
This parsing tool shows you a lot of information on a single screen such as block counts by protocol, top 10 hits by source IP, top 10 hits by destination IP, etc. It allows you to bring up all matching log entries for a given IP address or port (by port number or port name, depending on which logging facility you use) in a new window, pre-double-spaced for easier abuse reporting. From this page it gives you the ability to single-click for a new window that takes you to to view a detailed report of the IP address you're looking at in your logs. This again makes abuse reporting easier.
It also has a function built-in that lets you track which IP address you've filed abuse reports against along with the email address you reported to. It automatically timestamps these entries. If an entry's IP address is present in the attacker's list it will be highlighted in yellow.
This utility also boasts an RSS feed that gives you the top 5 attackers, targets, etc.
Please see the included "readme" for instructions and usage.
|
|
|
A PHP script that can run as a stand-alone page or be plugged into any existing PHP page. It detects if a user is running any version of IE on any platform and warns the user of the existing vulnerabilities in IE, gives a link to the CERT advisory recommending that everyone use an alternate browser and provides brief descriptions of and download buttons for Firefox and Mozilla.
|
|
|
A CGI click-tracker that captures hits, IP address and browser of the user. It has a nice Admin interface that allows you to see the statistics.
New in v2.0: A line has been added to the admin interface that tracks the current log's start date and time.
|
|
|
A Mod written in the style of phpBB Mods (meaning it's easy to follow, with step-by-step directions) for FocalMedia's .
It strips the path and extension off of filenames before writing the entries to index.idx and the individual statistics files (i.e. an entry that would normally look like 'tools/stuff/MyApp.zip' will now be written simply as 'MyApp'). This makes for a much cleaner view in the reporting interface.
|
|
|
A Mod written in the style of phpBB Mods (meaning it's easy to follow, with step-by-step directions) for FocalMedia's .
It displays the name of the file whose log you are viewing in the "View log" screen.
*Note: You MUST have the Clean Names Mod installed prior to installing this mod!!!
|
|
|
A Mod written in the style of phpBB Mods (meaning it's easy to follow, with step-by-step directions) for FocalMedia's .
It displays the Download Log entries in descending chronology, meaning the newest records are on top.
|
|
|
|
|
|
|
|
|
