<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>Software on To Linux and beyond !</title>
    <link>https://home.regit.org/software/</link>
    <description>Recent content in Software on To Linux and beyond !</description>
    <generator>Hugo</generator>
    <language>en</language>
    <lastBuildDate>Sun, 17 Feb 2013 17:14:19 +0000</lastBuildDate>
    <atom:link href="https://home.regit.org/feed/software/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>nf3d</title>
      <link>https://home.regit.org/software/nf3d/</link>
      <pubDate>Sun, 17 Feb 2013 17:14:19 +0000</pubDate>
      <guid>https://home.regit.org/software/nf3d/</guid>
      <description>&lt;h4 id=&#34;introduction&#34;&gt;Introduction&lt;/h4&gt;
&lt;p&gt;nf3d is a Netfilter visualisation tool. It displays connections and logged packets in a GANTT diagram fashion. nf3d source are hosted on github: &lt;a href=&#34;https://github.com/regit/nf3d&#34;&gt;nf3d source&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;Download latest version: &lt;a href=&#34;https://home.regit.org/uploads/2013/02/nf3d-0.8.tar.gz&#34;&gt;nf3d-0.8.tar.gz&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;&lt;a href=&#34;https://home.regit.org/uploads/2013/02/nf3d-ordering.png&#34;&gt;&lt;img loading=&#34;lazy&#34; decoding=&#34;async&#34; src=&#34;https://home.regit.org/uploads/2013/02/nf3d-ordering.png&#34; alt=&#34;&#34; title=&#34;nf3d-ordering&#34; width=&#34;756&#34; height=&#34;486&#34; class=&#34;aligncenter size-full wp-image-1425&#34; srcset=&#34;https://home.regit.org/uploads/2013/02/nf3d-ordering.png 756w, https://home.regit.org/uploads/2013/02/nf3d-ordering-300x192.png 300w&#34; sizes=&#34;auto, (max-width: 756px) 85vw, 756px&#34; /&gt;&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;This is a visualization method that can be used to see and detect attacks. For example, the following image is the trace of an ssh scan:&lt;br&gt;
&lt;a href=&#34;https://home.regit.org/uploads/2013/02/nf3d-ssh-scan.png&#34;&gt;&lt;img loading=&#34;lazy&#34; decoding=&#34;async&#34; src=&#34;https://home.regit.org/uploads/2013/02/nf3d-ssh-scan.png&#34; alt=&#34;&#34; title=&#34;nf3d-ssh-scan&#34; width=&#34;684&#34; height=&#34;556&#34; class=&#34;aligncenter size-full wp-image-1426&#34; srcset=&#34;https://home.regit.org/uploads/2013/02/nf3d-ssh-scan.png 684w, https://home.regit.org/uploads/2013/02/nf3d-ssh-scan-300x243.png 300w&#34; sizes=&#34;auto, (max-width: 684px) 85vw, 684px&#34; /&gt;&lt;/a&gt;&lt;/p&gt;</description>
    </item>
    <item>
      <title>Suri-stats</title>
      <link>https://home.regit.org/software/suri-stats/</link>
      <pubDate>Fri, 10 Aug 2012 09:35:55 +0000</pubDate>
      <guid>https://home.regit.org/software/suri-stats/</guid>
      <description>&lt;p&gt;Suri-stats is a small script based on ipython and matplotlib. It enables you to load a suricata stats.log file. Once this is done, it is possible to graph things.&lt;/p&gt;
&lt;p&gt;&lt;a href=&#34;https://home.regit.org/uploads/2012/08/correl.png&#34;&gt;&lt;img loading=&#34;lazy&#34; decoding=&#34;async&#34; src=&#34;https://home.regit.org/uploads/2012/08/correl-300x225.png&#34; alt=&#34;&#34; title=&#34;Exemple graph&#34; width=&#34;300&#34; height=&#34;225&#34; class=&#34;aligncenter size-medium wp-image-1130&#34; srcset=&#34;https://home.regit.org/uploads/2012/08/correl-300x225.png 300w, https://home.regit.org/uploads/2012/08/correl.png 800w&#34; sizes=&#34;auto, (max-width: 300px) 85vw, 300px&#34; /&gt;&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;Suri-stats is hosted on github: &lt;a href=&#34;https://github.com/regit/suri-stats&#34;&gt;https://github.com/regit/suri-stats&lt;/a&gt;&lt;/p&gt;</description>
    </item>
    <item>
      <title>Opensvp</title>
      <link>https://home.regit.org/software/opensvp/</link>
      <pubDate>Sun, 03 Jun 2012 10:47:13 +0000</pubDate>
      <guid>https://home.regit.org/software/opensvp/</guid>
      <description>&lt;h2 id=&#34;introduction&#34;&gt;Introduction&lt;/h2&gt;
&lt;p&gt;Opensvp is a security tool implementing attacks to be able to the&lt;br&gt;
resistance of firewall to protocol level attack. It implements&lt;br&gt;
classic attacks as well as some new kind of attacks against application&lt;br&gt;
layer gateway (called helper in the Netfilter world).&lt;/p&gt;
&lt;p&gt;The document &lt;a href=&#34;https://home.regit.org/netfilter-en/secure-use-of-helpers/&#34;&gt;Secure use of iptables and connection tracking helpers&lt;/a&gt; describes&lt;br&gt;
the protection method against this type of attack for a Netfilter firewall.&lt;/p&gt;
&lt;h2 id=&#34;download-and-more&#34;&gt;Download and more&lt;/h2&gt;
&lt;p&gt;The project is hosted on github:&lt;/p&gt;</description>
    </item>
    <item>
      <title>Suriwire</title>
      <link>https://home.regit.org/software/suriwire/</link>
      <pubDate>Thu, 29 Sep 2011 00:07:13 +0000</pubDate>
      <guid>https://home.regit.org/software/suriwire/</guid>
      <description>&lt;h2 id=&#34;introduction&#34;&gt;Introduction&lt;/h2&gt;
&lt;p&gt;Suriwire is a plugin for &lt;a href=&#34;http://www.wireshark.org/&#34;&gt;wireshark&lt;/a&gt; which display &lt;a href=&#34;http://www.openinfosecfoundation.org/&#34;&gt;suricata&lt;/a&gt; alert and protocol info on a pcap file inside the wireshark output. Suriwire is using Suricata’s EVE JSON log file to generate information inside Wireshark and thus is requiring at least Suricata 2.0.&lt;/p&gt;
&lt;p&gt;&lt;a href=&#34;http://home.regit.org/uploads/2011/09/suriwire.png&#34;&gt;&lt;img loading=&#34;lazy&#34; decoding=&#34;async&#34; src=&#34;http://home.regit.org/uploads/2011/09/suriwire-300x222.png&#34; alt=&#34;&#34; title=&#34;Suriwire output&#34; width=&#34;300&#34; height=&#34;222&#34; class=&#34;aligncenter size-medium wp-image-836&#34; srcset=&#34;https://home.regit.org/uploads/2011/09/suriwire-300x222.png 300w, https://home.regit.org/uploads/2011/09/suriwire.png 965w&#34; sizes=&#34;auto, (max-width: 300px) 85vw, 300px&#34; /&gt;&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;Suriwire has the following features:&lt;/p&gt;
&lt;ul&gt;
&lt;li&gt;Display of alerts in the expert info window&lt;/li&gt;
&lt;li&gt;Display of alerts on a packet in the packet details&lt;/li&gt;
&lt;li&gt;Filter wireshark output by using signature fields such as a given sid or the content of a signature message&lt;/li&gt;
&lt;li&gt;Display of protocols information such as TLS and SSH in the expert info window and packet details&lt;/li&gt;
&lt;li&gt;Filter wireshark output using Suricata extracted protocol fields such as TLS subject DN&lt;/li&gt;
&lt;/ul&gt;
&lt;p&gt;For example, you can filter on all TLS subject matching a string like ‘microsoft’ by using the filter &lt;em&gt;suricata.tls.subject contains “microsoft”&lt;/em&gt;:&lt;/p&gt;</description>
    </item>
    <item>
      <title>Coccigrep</title>
      <link>https://home.regit.org/software/coccigrep/</link>
      <pubDate>Sat, 13 Aug 2011 20:59:57 +0000</pubDate>
      <guid>https://home.regit.org/software/coccigrep/</guid>
      <description>&lt;h2 id=&#34;introduction&#34;&gt;Introduction&lt;/h2&gt;
&lt;p&gt;&lt;a href=&#34;http://home.regit.org/uploads/2011/08/coccigrep.jpg&#34;&gt;&lt;img loading=&#34;lazy&#34; decoding=&#34;async&#34; src=&#34;http://home.regit.org/uploads/2011/08/coccigrep.jpg&#34; alt=&#34;&#34; title=&#34;Coccigrep logo.&#34; width=&#34;100&#34; height=&#34;100&#34; class=&#34;alignleft size-full wp-image-872&#34; srcset=&#34;https://home.regit.org/uploads/2011/08/coccigrep.jpg 200w, https://home.regit.org/uploads/2011/08/coccigrep-150x150.jpg 150w&#34; sizes=&#34;auto, (max-width: 100px) 85vw, 100px&#34; /&gt;&lt;/a&gt;&lt;br&gt;
coccigrep is a semantic grep for the C language based on &lt;a href=&#34;http://coccinelle.lip6.fr&#34;&gt;coccinelle&lt;/a&gt;. It can be used to find where a given structure is used in code files. coccigrep depends on the spatch program which comes with coccinelle.&lt;/p&gt;
&lt;h2 id=&#34;download-and-source&#34;&gt;Download and source&lt;/h2&gt;
&lt;p&gt;Latest version is 1.13: &lt;a href=&#34;http://home.regit.org/uploads/2011/08/coccigrep-1.13.tar.gz&#34;&gt;coccigrep-1.13.tar.gz&lt;/a&gt;&lt;/p&gt;
&lt;p&gt;The source can be accessed via &lt;a href=&#34;https://github.com/regit/coccigrep&#34;&gt;github&lt;/a&gt;.&lt;/p&gt;
&lt;h2 id=&#34;examples&#34;&gt;Examples&lt;/h2&gt;
&lt;p&gt;To find where in a set of files the structure named &lt;code&gt;Packet&lt;/code&gt; is used, you can run:&lt;/p&gt;</description>
    </item>
  </channel>
</rss>
