Don's Pages and my Music

Tuesday, November 23, 2010

Prelude SIEM: Welcome

Download Prelude

Try out Prelude and learn why telecoms, large accounts and governmental agencies around the world choose Prelude to protect their data.

You as well, open yourself to open technologies, use a Universal SIM system, use Prelude:

Go there...
http://www.prelude-technologies.com/en/welcome/index.html

To install Prelude, you have to download and compile the packages linked below (sensors are not mandatory). Make sure to compile libprelude first. See the User Manual if you have never compiled Prelude before.

 

Libprelude is a library that guarantees secure connections between all sensors and the Prelude Manager. Libprelude provides an Application Programming Interface (API) for the communication with Prelude sub-systems, it supplies the necessary functionality for generating and emitting IDMEF events with Prelude and automates the saving and re-transmission of data in times of temporary interruption of one of the components of the system.

Show all versions

Release Notes Signature Checksum
1.0.0 GPG MD5 SHA-1 SHA-256 Download
1.0.0rc1 GPG MD5 SHA-1 SHA-256 Download
0.9.25 GPG MD5 SHA-1 SHA-256 Download
0.9.24.1 GPG MD5 SHA-1 SHA-256 Download
0.9.24 GPG MD5 SHA-1 SHA-256 Download
0.9.23 GPG MD5 SHA-1 SHA-256 Download
0.9.22 GPG MD5 SHA-1 SHA-256 Download
0.9.21.3 GPG MD5 SHA-1 SHA-256 Download
0.9.21.2 GPG MD5 SHA-1 SHA-256 Download
0.9.21.1 GPG MD5 SHA-1 SHA-256 Download
0.9.21 GPG MD5 SHA-1 SHA-256 Download
0.9.20.2 GPG MD5 SHA-1 SHA-256 Download
0.9.20.1 GPG MD5 SHA-1 SHA-256 Download
0.9.20 GPG MD5 SHA-1 SHA-256 Download
0.9.19 GPG MD5 SHA-1 SHA-256 Download
0.9.18.1 GPG MD5 SHA-1 SHA-256 Download
0.9.18 GPG MD5 SHA-1 SHA-256 Download
0.9.17.2 GPG MD5 SHA-1 Download
0.9.17.1 GPG MD5 SHA-1 Download
0.9.17 GPG MD5 SHA-1 Download
0.9.16.2 GPG MD5 SHA-1 Download
0.9.16.1 GPG MD5 SHA-1 Download
0.9.16 GPG MD5 SHA-1 Download
0.9.15.2 GPG MD5 SHA-1 Download
0.9.15.1 GPG MD5 SHA-1 Download
0.9.15 GPG MD5 SHA-1 Download
0.9.14 GPG MD5 Download
0.9.13.2 GPG MD5 Download
0.9.13.1 GPG MD5 Download
0.9.13 GPG MD5 Download
0.9.12.2 GPG MD5 Download
0.9.12.1 GPG MD5 Download
0.9.12 GPG MD5 Download
0.9.11 GPG MD5 Download
0.9.10.2 GPG MD5 Download
0.9.10.1 GPG MD5 Download
0.9.10 GPG MD5 Download
0.9.9 GPG MD5 Download
0.9.8 GPG MD5 Download
0.9.7.2 GPG MD5 Download
0.9.7.1 GPG MD5 Download
0.9.7 GPG MD5 Download
0.9.6.1 GPG MD5 Download
0.9.6 GPG MD5 Download
0.9.5 GPG MD5 Download
0.9.4 GPG MD5 Download
0.9.3 GPG MD5 Download
0.9.2 GPG MD5 Download
0.9.1 GPG MD5 Download
0.9.0 GPG MD5 Download
0.9.0-rc16 GPG MD5 Download
0.9.0-rc15 GPG MD5 Download
0.9.0-rc14 GPG MD5 Download
0.9.0-rc13 GPG MD5 Download
0.9.0-rc12 GPG MD5 Download
0.9.0-rc11 GPG MD5 Download
0.9.0-rc10 GPG MD5 Download
0.9.0-rc9 GPG MD5 Download
0.9.0-rc8 GPG MD5 Download
0.9.0-rc7 GPG MD5 Download
0.9.0-rc6 GPG MD5 Download
0.9.0-rc5 GPG MD5 Download
0.9.0-rc4 GPG MD5 Download
0.9.0-rc3 GPG MD5 Download
0.9.0-rc2 GPG MD5 Download
0.9.0-rc1 GPG MD5 Download
0.8.10 GPG MD5 Download
0.8.9 GPG MD5 Download
0.8.8 GPG MD5 Download
0.8.1 n/a Download
0.8.6 GPG MD5 Download
0.8.4 n/a Download
0.8.2 n/a Download
0.8.7 GPG MD5 Download
0.8.0 n/a Download
0.8.5 GPG MD5 Download
0.8.3 n/a Download

Win32 version

Show all versions

Release Notes Signature Checksum
libprelude-PreludeEasy-1.0.0.win32-py2.6 GPG MD5 SHA-1 SHA-256 Download
libprelude-1.0.0 GPG MD5 SHA-1 SHA-256 Download
libprelude-PreludeEasy-1.0.0rc1.win32-py2.6 GPG MD5 SHA-1 SHA-256 Download
libprelude-1.0.0rc1 GPG MD5 SHA-1 SHA-256 Download
libprelude-PreludeEasy-0.9.23.win32-py2.5 GPG MD5 SHA-1 SHA-256 Download
libprelude-0.9.23 GPG MD5 SHA-1 SHA-256 Download
libprelude-0.9.22 GPG MD5 SHA-1 SHA-256 Download
libprelude-PreludeEasy-0.9.22.win32-py2.5 GPG MD5 SHA-1 SHA-256 Download
libprelude-PreludeEasy-0.9.21.3.win32-py2.5 GPG MD5 SHA-1 SHA-256 Download
libprelude-0.9.21.3 GPG MD5 SHA-1 SHA-256 Download
libprelude-PreludeEasy-0.9.21.2.win32-py2.5 GPG MD5 SHA-1 SHA-256 Download
libprelude-0.9.21.2 GPG MD5 SHA-1 SHA-256 Download
libprelude-PreludeEasy-0.9.21.1.win32-py2.5 GPG MD5 SHA-1 SHA-256 Download
libprelude-0.9.21.1 GPG MD5 SHA-1 SHA-256 Download
libprelude-0.9.21 GPG MD5 SHA-1 SHA-256 Download
libprelude-PreludeEasy-0.9.21.win32-py2.5 GPG MD5 SHA-1 SHA-256 Download

The PreludeDB Library provides an abstraction layer upon the type and the format of the database used to store IDMEF alerts. It allows developers to use the Prelude IDMEF database easily and efficiently without worrying about SQL, and to access the database independently of the type/format of the database.

Prelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications, see the Compatibility page to learn more.

Access to the Prelude-LML Technical Documentation

Prelude-Manager is a high availability server that accepts secured connections from distributed sensors and/or other Managers and saves received events to a media specified by the user (database, log file, mail etc.). The server schedules and establishes the priorities of treatment according to the critical character and the source of the alerts.

Access to the Prelude-Manager technical documentation

Prewikka is the graphical front-end analysis console for the Prelude Universal SIM. Providing numerous features, Prewikka facilitates the work of users and analysts. To learn more about Prewikka functionality see the Prewikka(Pro) Interface page. Prewikka also provides access to external tools such as whois and traceroute.

Prelude-Correlator allows conducting multistream correlations thanks to a powerful programming language for writing correlation rules. With any type of alert able to be correlated, event analysis becomes simpler, quicker and more incisive.

See the Correlation Engine page

External Sensors

Many well known security software natively support the Prelude Universal SIM.

 

Project Website Description  
AuditD Auditd provides user-space utilities for creating audit rules, as well as for storing and searching audit records generated by the audit subsystem in the Linux 2.6 kernel. It features an Intrusion Detection plugin that analyses the audit stream in realtime for suspicious events and alerts via IDMEF using Prelude.
install
Nepenthes Nepenthes is a versatile tool to collect malware. It acts passively by emulating known vulnerabilities and downloading malware trying to exploit these vulnerabilities.
install
NuFW NuFW adds user-based filtering to Netfilter, the state of the art IP filtering layer from the Linux kernel. Its exclusive algorithm allows authenticated filtering even on multiuser computers. NuFW can be seen as an Identity access management solution, at the network level.
install
OSSEC OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.
install
PAM Linux-PAM is a system of libraries that handle the authentication tasks of applications on the system. The library provides a stable general interface that privilege granting programs (such as login and su) defer to perform standard authentication tasks.
install
Samhain Samhain® is a multiplatform, open source host-based intrusion detection system (HIDS) for POSIX (Unix, Linux, Cygwin/Windows). Samhain provides file integrity checking, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
install
SanCP SanCP is a network security tool designed to collect statistical information regarding network traffic, as well as, record the traffic itself to file in pcap format for the purpose of: auditing, historical analysis, and network activity discovery.
install
Snort Snort® is a network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods.

Go there...
http://www.prelude-technologies.com/en/development/download/index.html


Don

No comments:

Post a Comment