libevt{,-devel,-python,-python3,-tools}-20180317-1.{fc22,fc23,fc24,fc25,fc26,fc27}.{i686,x86_64}.rpm, libevt{,-devel,-python,-tools}-20180317-1.el6.{i686,x86_64}.rpm, and libevt{,-devel,-python,-python3,-tools}-20180317-1.el7.x86_64.rpm -
Libevt contains libraries and tools to access the Windows Event Log (EVT) format files.
See here for the list of changes.
snort-2.9.11.1-2.{el6,el7}.x86_64.rpm - Snort is an open
source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
This release was recomplied to use PF_Ring.
snort-openappid-2.9.11.1-2.{el6,el7}.x86_64.rpm -
This is the snort package built --enable-open-appid option added to the configure script that configures the build of snort.
See here for more details.
See the OpenAppId Detector Developer Guide for more information.
To install snort-openappid on your system, you must first remove snort.
Here is an example:
if rpm -q --quiet snort; then sudo rpm -ev snort --nodeps; fi
sudo dnf install snort-openappid # On CentOS/RHEL, use yum instead of dnf
In addition, this release includes support for PF_Ring for CentOS/RHEL 6 and 7 for the x86_64 architecture.
python-dfdatetime-20180318-1.{fc22,fc23,fc24,fc25,fc26,fc27,el6,el7}.noarch.rpm -
dfDateTime,
or Digital Forensics date and time, provides date and time objects to preserve accuracy and precision.
bro{,-core,ctl}-2.5.3-1.1.{fc22,fc23,fc24,fc25,fc26,fc27,el7}.{i686,x86_64}.rpm and libbroccoli{,-devel}-2.5.3-1.1.{fc22,fc23,fc24,fc25,fc26,fc27,el7}.{i686,x86_64}.rpm - Bro
is a powerful network analysis framework that is much different from the typical IDS you may know.
While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well.
Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception.
Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure.
Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.
pfring-7.0.0-1804.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically
improves the packet capture speed.
This package contains header files and libraries, among other files, to support the PF_Ring network socket.
pfring-dkms-7.0.0-1804.{el6,el7}.x86_64.rpm - PF_Ring is a new type of network socket that dramatically
improves the packet capture speed.
This package conains the code and supporting files needed to create the PF_Ring kernel module.
guymager-0.8.8-1.{fc22,fc23,fc24,fc25,fc26,fc27,el6}.{i686,x86_64}.rpm and guymager-0.8.8-1.el7.x86_64.rpm -
Guymager is a forensic imaging package.
See here for the list of changes.
ddrescue-1.23-1.{fc22,fc23,fc24,fc25,fc26,fc27,el6,el7}.{i686,x86_64}.rpm - Ddrescue
is a data recovery tool. It copies data from one file or block device (hard disc, cdrom, etc) to another, trying hard to rescue data in case of read errors.
See here for the changes since the last version (1.22) released to this repository.