Free ips software for linux

Pipss project is an Internet protocol scanner/sniffer in 3D.

Perl Internet Protocol Scanner/Sniffer (pipss) is a small series of tools for creating a 3-dimensional network monitoring system.

Packets fly through the air from IPs to a given firewall/gateway. Pipss uses Tethereal to gather info, then uses OpenGL to create the scene.

Traffic is updated in real time (about every 30 seconds) and is even color coded.

This program should primarily be used by network admins with a decent amount of traffic to cover, otherwise its not really interesting.

IPy is a Python class and tools for handling of IPv4 and IPv6 addresses and networks. The script is similar to the Net::IP Perl module.
The IP class allows a comfortable parsing and handling for most notations in use for IPv4 and IPv6 Addresses and Networks. It was greatly inspired bei RIPEs Perl module NET::IPs interface but doesnt share the Implementation. It doesnt share non-CIDR netmasks, so funky stuff lixe a netmask 0xffffff0f cant be done here.
>>> from IPy import IP
>>> ip = IP(127.0.0.0/30)
>>> for x in ip:
... print x
...
127.0.0.0
127.0.0.1
127.0.0.2
127.0.0.3
>>> ip2 = IP(0x7f000000/30)
>>> ip == ip2
1
>>> ip.reverseNames()
[0.0.0.127.in-addr.arpa., 1.0.0.127.in-addr.arpa.,
2.0.0.127.in-addr.arpa., 3.0.0.127.in-addr.arpa.]
>>> ip.reverseName()
0-3.0.0.127.in-addr.arpa.
>>> ip.iptype()
PRIVATE
Enhancements:
- This release is able to parse any IPv4 and IPv6 address in many formats with or without netmask.

PPPstat is an easy-to-use console utility to see the summary of dial-up connections from your unix system. Uses logs of pppd.
PPPstat is designed to provide a statistic on dial-up Internet connection. PPPstat project uses system logs of pppd daemon, thats why it would be useless if one would use something else to connect via PPP.
Main features:
- store info about connects in separate file;
- after getting info about connects to Internet from logs, PPPstat can group them:
- by user, who starterd pppd or by ISP in any combinations;
- by period: day or mounth;
- to make output more pretty, there is a configuration file which contais info about IPs of ISPs modem pools to print ISP name instead IP;
- count costs of connects.
Enhancements:
- make use of autotools. Now installation is corresponds GNU requirements
- output completely changed. Hope, it would be more convinient. Inspired by ppplag
- location of file, where syslog stores its messages, is taken from its config file
- added script for cron (/etc/cron.weekly/pppstat) to keep /var/log/pppd.log up to date, independently of program usage
- added ukrainian and russian translation

ipt_ACCOUNT is a high performance local network accounting system written for the Linux netfilter/iptables system.
It has just two parameters:
addr is the subnet which is accounted for
tname is the table name where the information is stored
The data can be queried later using the libipt_ACCOUNT userspace library or by the "iptaccount" tool which is part of the libipt_ACCOUNT package.
A special subnet is "0.0.0.0/0": All data is stored in the src_bytes and src_packets structure of slot "0". This is useful if you want to account the overall traffic to/from your internet provider.
pt_ACCOUNT is designed to be queried for data every second or at least every ten seconds. It is written as kernel module to handle high bandwidths without packet loss.
The largest possible subnet size is 24 bit, meaning f.e. 10.0.0.0/8 networks. Therefore its able to use a fixed internal data structures which speeds up the processing speed for each packet. Furthermore, accounting data for one complete 192.168.1.X/24 network takes 4kb of memory. Memory for 16 or 24 bit networks is only allocated when needed.
The data is queried using the userspace libipt_ACCOUNT library. There is no /proc interface as it would be too slow for continuous access. The read&flush query operation is the fastest, as no internal data snapshot needs to be created&copied for all data. Use the "read" operation without flush only for debugging purposes!
To optimize the kerneluserspace data transfer a bit more, the kernel module only transfers information about IPs, where the src/dst packet counter is not 0. This saves precious kernel time.
Install the pom-ng-ipt_ACCOUNT archive in your patch-o matic-ng directory
Patch your kernel (./runme ACCOUNT)
Patch the userspace iptabels tool with the iptables-ext ipt_ACCOUNT.patch
Recompile the kernel
Recompile iptables tool
Unpack the libipt_ACCOUNT library archive
Run autoreconf -f
./configure && make && make install
You can also install&build the provided .src.prm
Enhancements:
- Linux kernel 2.6.22 support was added.

Nmap Log Stripp3r program is intended to be a way to condense all, or some, of the IPs of a "random" nmap scan into a file for later usage.

Common uses are to be able to feed the file back into nmap with the -iL switch, or feeding it into another port or vulnerability scanner of your choice.

Stripp3r supports stripping the nmap log of all but the IPs of hosts running a certain service, a version of a service, or even an arbitrary banner, and writing them to a file.

This is intended to be a way to condense all the IPs of a "random" Nmap scan into a file for later useage. Common uses are to be able to feed the file back into Nmap its self with the -iL switch, or feeding it into another port or vulnerability scanner.

Useage: ./stripp3r < logfile > < output > "< version string >" -v

Pretty simple. First, you must run an Nmap scan, on random hosts.

Ex. nmap -p 80 -sV -v -iR 500000 -oN nmaplogfile.nmap

This will tell nmap to do a scan service scan of 500,000 random IP addresses for the port 80, vobosely, and save the log to a file named nmaplogfile.nmap. You can change this around, eg, scanning a different service port (if say, you were looking for computers running FTP, you would scan for port 21 instead of 80 for HTTP), scanning a different number of hosts (500,000 or so is good, takes a few hours ususally though), or saving the log file to a different filename.

Nmap will then save a list of hosts that were "up" to a log file, with some informaiton about them, specifically weather the port that you specified was open, closed, or filtered. We are interested in "open" ports, so by default, Stripp3r will take all the log
enteries that have the port your specified listed as "open" and condense them into a file, listing only the IPs, one on each line.

Ex. ./stripp3r nmaplogfile.nmap output.ips

You can be more specific, and have Stripp3r put only the IPs that are running a certain service in the output file. The service string will only register the strings matching EXACTLY, so be careful to get the case and such correct.

apache httpd 1.3.27 (wont work)
Apache 1.3.27 (wont work)
Apache httpd 1.3.27 (works!)

Ex. ./stripp3r nmaplogfile.nmap output.ips "Apache httpd 1.3.27"

If you want to try it with verbosity, say

Ex. ./stripp3r nmaplogfile.nmap output.ips "Apache httpd 1.3.27" -v

And stripp3r will print out what it finds, along with writing it to the file.

You may change, copy, and reproduce this file, as long as the author is given credit for the initial writing of the code.

Pop-before-SMTP allows you to first authenticate Yourself via POP3 and then relay your mails.
Pop-before-SMTP reads data from FIFO file (POP3-daemon writes to this FIFO) and adds RELAY hosts into access file. Next rebuilds database allowing IPs relay mails. Everything goes in real time allowing Your clients to send mails immediately after receiving post via POP3.
Enhancements:
- at syslog() program shows now the whole record added into database (before was bug),
- you can determine facility for syslog in conf section,
- now You can hash IP numbers in "access" file (before was bug if IP number was hashed, logrelaypop3 didnt add its into database),
- new parameter in conf section.
- LOGRELAY-POP3 for Zmailer & solid-pop3d support
- LOGRELAY-POP3 for Sendmail & ipop3 support
- LOGRELAY-POP3 for Sendmail & solid-pop3 support

WAG Applications provides a collection of WAG-hosted Web applications.
WAG Applications is a collection of Web applications that are capable of being hosted by the Web Application Gateway.
WAG provides core functionality such as user definition, authentication, and administration, for all hosted Web applications.
Enhancements:
- Added application specific handlers to the wagErrorHandler function.
- Added is_email() function to functions.php which checks if a a given e-mail address is valid. It checks for all top level domains including the new ones (.biz, .info, .museum etc.) and the special ones (.arpa, .int etc.) as well as with e-mail addresses based on IPs (e.g. webmaster@123.45.123.45). (Function derived from PHP user contributed notes.)
- Enhanced the error reporting for both WAG and application database errors to include the server name and user name/id. This will help admins target problems if they are responsible for multiple WAG installations.
- Added "Date Added" and "Date Last Login" information to Administration > Users screen.
- Made style sheet changes related to form field fonts.
- Bug Fixes
- Validation of user e-mail addresses was not performed correctly and causing any valid e-mail address to be flagged as invalid.
- When admin changes a users password, the e-mail password, if configured, is also changed. This allows the admin to "lockout" a user from both WAG and e-mail if needed.