sobek-hids

Automatically exported from code.google.com/p/sobek-hids

Host IDS to monitor windows systems

Sobek-Hids is a python based Host IDS system that is capable of monitor: * Registry Changes * File Activity * Process Creation * Printing Jobs * External Drives (USB Disk Plugs) * Shared Resources * Windows Accounts * Logon * Firewall Changes

Installation

You need python for windows and the following packages: * win32 extensions from Mark Hammond * WMI module

Then download a copy of Sobek-Hids from the repository or zipped version: * svn checkout http://sobek-hids.googlecode.com/svn/trunk/ sobek-hids-read-only * http://sobek-hids.googlecode.com/files/sobek-hids.v0.1.zip

You can activate/deactive some modules from the config.cfg file and change log file location: ``` [log] file = c:\mon.log verbose = debug remoteip =

[process] enable = True

[printer] enable = True

[media] enable = True

[file] enable = True path = c:/ documents = .*doc

[shares] enable = True

[account] enable = True

[logon] enable = True

[share-access] enable = True

[firewall] enable = True

Name		Name	Last commit message	Last commit date
Latest commit History 5 Commits
Logger.py		Logger.py
Main.py		Main.py
README.md		README.md
config.cfg		config.cfg
fileMon.py		fileMon.py
ieMon.py		ieMon.py
syslog.py		syslog.py
test_syslog.py		test_syslog.py
testie.py		testie.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Logger.py

Logger.py

Main.py

Main.py

README.md

README.md

config.cfg

config.cfg

fileMon.py

fileMon.py

ieMon.py

ieMon.py

syslog.py

syslog.py

test_syslog.py

test_syslog.py

testie.py

testie.py

Repository files navigation

sobek-hids

About

Releases

Packages

Languages

YouCannotBurnMyShadow/sobek-hids

Folders and files

Latest commit

History

Repository files navigation

sobek-hids

About

Resources

Stars

Watchers

Forks

Languages