Bo-log cua Vu Lam Chi Nhan (nhanitvn)

Thursday, September 15, 2005

SwitchProxy

SwitchProxy is a Firefox extension that can be used in two different ways:

  • If you work with more than one proxy server on a regular basis, SwitchProxy lets you edit and remove them from a single master list. Then you can select a proxy from the list and click Apply.
  • SwitchProxy can also be used as an anonymizer, allowing you to surf the web anonymously by using a list of proxies that it randomly switches at defined intervals.
download help

Wednesday, July 27, 2005

OSSIM (Open Source Security Information Management)

Summary

OSSIM aims to unify network monitoring, security, correlation and qualification in one single tool. Using Snort, Acid, Mrtg, NTOP, OpenNMS, nmap, nessus and rrdtool, OSSIM team want the user to have full control over every network or security aspect.

Here you can read a full description of OSSIM [ pdf pdf ] or you can visit OSSIM homepage at www.ossim.net


Components

OSSIM is divided in 5 subsystems as represented in the following graph:

components

you can click on the components to see their description


  • Spade: network anomaly detection
  • Snort: pattern matching intrusion detection system
  • Acid: log viewer (Event Database)
  • Ntop: network use monitor
  • OpenNMS: Service availability monitoring
  • Mrtg: graphing
  • Mysql and PostgreSQL: data storage
  • RRDtool: Round robin data storage
  • Nessus: vulnerability assesment
  • Nmap: Network discovery
  • More to come...

About OSSIM

OSSIM's goal is to obtain a working SIM (Security Infrastructure Monitor) able to integrate, qualify and correlate both high level and low level security and network events which is capable to compete with commercial products recently appearing on the security market.

Integrate multiple opensource security/network monitoring products to obtain three network/host visibility levels:

  • Low level log/alert/anomaly information
  • Mid level network risk level information
  • High level decision support information

Development languages

  • C
  • Perl
  • Python
  • PHP
  • Java

Supported platforms

  • Linux
  • Limited functionality on: *BSD, Solaris, MacosX

Conclusion

Using the above described systems and programming languages, OSSIM's goal is to get the most information out of every tool with the following objectives in mind:

  • Event correlation
  • Event qualification
  • Network anomaly detection
  • Qualified intrusion detection
  • Network availability information

Wednesday, June 01, 2005

Everybody has his own page

And I am too