[TOOL] OS SIM - Security Infrastructure Monitor

From: SecuriTeam (support_at_securiteam.com)
Date: 06/20/05

  • Next message: SecuriTeam: "[NT] Adobe Acrobat/Reader Information Disclosure (XML External Entity)"
    To: list@securiteam.com
    Date: 20 Jun 2005 09:59:51 +0200
    
    

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      OS SIM - Security Infrastructure Monitor
    ------------------------------------------------------------------------

    SUMMARY

    DETAILS

    The OS SIM project's goal is to build a working SIM (Security
    Infrastructure Monitor) able to integrate, qualify and correlate both high
    level and low level security and network events which is able to compete
    with commercial products recently appearing on the security market.

    Integrate multiple open source security/network monitoring products to
    obtain three network/host visibility levels:
     * Low level log/alert/anomaly information
     * Mid level network risk level information
     * High level decision support information

    Components:
     * Spade: network anomaly detection
     * Snort: pattern matching intrusion detection system
     * Acid: log viewer (Event Database)
     * Ntop: network use monitor
     * OpenNMS: Service availability monitoring
     * Mrtg: graphing
     * Mysql and PostgreSQL: data storage
     * rrdtool: Round robin data storage
     * Nessus: vulnerability assessment
     * Nmap: Network discovery
     * P0f: OS Fingerprinting.
     * Arpwatch: Host - Mac.
     * More to come....

    To download the tool please visit:
    <http://sourceforge.net/project/showfiles.php?group_id=86016&package_id=89233> http://sourceforge.net/project/showfiles.php?group_id=86016&package_id=89233

    ADDITIONAL INFORMATION

    The information has been provided by <mailto:dkarg@users.sourceforge.net>
    Dominique Karg.
    To keep updated with the tool visit the project's homepage at:
    <http://sourceforge.net/projects/os-sim/>
    http://sourceforge.net/projects/os-sim/

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.


  • Next message: SecuriTeam: "[NT] Adobe Acrobat/Reader Information Disclosure (XML External Entity)"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #50
      ... Subject: SecurityFocus Microsoft Newsletter #50 ... Specialist in Microsoft's Security Services Partner Program, ... Network Monitoring for Intrusion Detection ... Relevant URL: ...
      (Focus-Microsoft)
    • Re: << SBS News of the week - Sept 26 >>
      ... > And he points to the info you need to put the file on the server in the ... > at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... An attacker can exploit these flaws in tandem via specially ...
      (microsoft.public.backoffice.smallbiz2000)
    • << SBS News of the week - Sept 26 >>
      ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
      (microsoft.public.windows.server.sbs)
    • Re: << SBS News of the week - Sept 26 >>
      ... > And he points to the info you need to put the file on the server in the ... > at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... An attacker can exploit these flaws in tandem via specially ...
      (microsoft.public.windows.server.sbs)
    • << SBS News of the week - Sept 26 >>
      ... And he points to the info you need to put the file on the server in the ... at the network perimeter. ... The Symantec Firewall/VPN and the Gateway Security ... by the firewall at risk. ...
      (microsoft.public.backoffice.smallbiz)