Key | Value |
---|---|
FileSize | 233536 |
MD5 | BD1AE5FE3C88D5286A9777AE0DD4FE76 |
PackageDescription | Security Information Management System [ Log Agent ] Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. . Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc. |
PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
PackageName | prelude-lml |
PackageSection | admin |
PackageVersion | 1.0.0-5.3 |
SHA-1 | 02980F19C2A3168079E78080E03E840B5AE512C5 |
SHA-256 | C3EAAEFCA44BE88E9FB41A04414E71423F6FFAE2F07C18D781D16CFA354DF589 |
hashlookup:children-total | 75 |
hashlookup:trust | 50 |
The searched file hash includes 75 children files known and seen by metalookup. A sample is included below:
Key | Value |
---|---|
FileName | ./usr/share/doc/prelude-lml/README |
FileSize | 1614 |
MD5 | 0B3622258A37E0DFB6B4706F99ABBE9B |
SHA-1 | 008F072B682051A22DF03F94BF07561919A86A2E |
SHA-256 | BCB4A33B803CA04974F0CC3A5EE35A107AB5B94629CAE8C0F8FF39B509C996B2 |
SSDEEP | 24:yiwdzTWLV5oz3w5Ql0fy1XICIrmkXeJkt8MswCZORkeXZZTV/YcDwaq+ygXA:Mkoz3l1XtkXskt8DJORkgZZTV/yP |
TLSH | T1653140FEF63C317132402A8D721AD0E3CB96B4EE266021F0B8AC84C4236571C95B6BC9 |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/netscreen.rules |
FileSize | 2964 |
MD5 | 57A39BBF59A20DB99B1A538C5A6A98AC |
SHA-1 | 01F4F4BAF2D73A9EA4C4ADEA85BBAC3C033E8920 |
SHA-256 | 8801F72D64849010972D962B98FFF024D85359C599F94A11F943A2CD2749C7FC |
SSDEEP | 48:luhW7Mlg4yUjH05RqhfcNU1ccK2blqhQaZSb2Rqh9xcK2b8qhzaZSbf:S3awwRtKW72blKQanRG72b8Kzay |
TLSH | T12851529C438042F94512116A190923F5B93CC1C8FEFF208892B8E306F295EFE776D9B5 |
tar:gname | bin |
tar:uname | root |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/modsecurity.rules |
FileSize | 12275 |
MD5 | 426E4FF4DE1918B2BFB5DAE1CEB4FEF8 |
SHA-1 | 03468B2BE82D7C8FF39781C8567ADA1B74F13FBB |
SHA-256 | EB85D9B6325F739284B884C5D0DEB4B97BF95176A28331D0B17585739ED02E2C |
SSDEEP | 192:swtg3vM0EE01J0V09luETF2kaXYIDvVc4rrzCmLTxHeMviT+7c2P29232w+gttg9:swtgfMOQ+wlBpAW4euG |
TLSH | T1DB42745E392870316963E1542CAB13943835614ECBDB60D892F4F525D11EEAEF32BFE2 |
Key | Value |
---|---|
FileName | ./usr/share/doc/prelude-lml/NEWS.gz |
FileSize | 9218 |
MD5 | 4ABDD0738BA4BF509A322A7714F6B744 |
SHA-1 | 052A6EDB93598ECBC8E44938A6BE30E5A0EB2CE4 |
SHA-256 | D3049BF6D459D42E183541453ECE4B8FCE69F9DC754341EE0CE3AE033C9BD426 |
SSDEEP | 192:7AKV+JIJsHCgV3SnqOp+CQBlStxOHpjGvzCow4Vh1HCg1ZzQyNTpx:MTIJsh9SqG1QTSt0pIWSnHCPyDx |
TLSH | T19A12B0CC4067E0AE1D077279A7B39891FC39CFAB93D95DBC4E38A2DB850168E101AD57 |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/suhosin.rules |
FileSize | 4599 |
MD5 | A54485C2257837E40975F24C397892E2 |
SHA-1 | 05DBFEAA0402CCA4443059129335315CE941F818 |
SHA-256 | 8FDF81E7CFBD937FB73AA203E8E04904762C43C58C551A40D8A21C94B1D780C4 |
SSDEEP | 96:CwDI/IdEt6UiJaj0k2+5TmvA6UyaX0GagXr2E96Uyaj0kYdztFa6UiJaX0E:CwscE8faj0kFTmLNaX0Gam2EsNaj0kYW |
TLSH | T1DA91060D3B5858621D879028049503F16D74E388D6DD98F067B4835FA31AFACB69AFF6 |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/webmin.rules |
FileSize | 2729 |
MD5 | 881040CFE0B575A509906405192678EA |
SHA-1 | 05E110B7A9789AC37329EB4D80A71AF6247736BE |
SHA-256 | 93425432C54350DE9D7CE828F01FD8476AD688A955CB66BA5B981233B9BC5B3D |
SSDEEP | 48:lV+sg4yUjH0hcruNESZjBzOi0HUH+zDpSZoBQaibQQH3H+zR:yFw5uNtZjBzOi0HVpSZoBQaibQQHk |
TLSH | T1DB5153CD9A4697B009060175061937E5A27C82D4FBE67848B378D249F315EFD37AD4A8 |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/squid.rules |
FileSize | 7626 |
MD5 | 6BA91B132FD0E724D75A8789D9D02744 |
SHA-1 | 0E27456C75209A99783BC3830F3AB1084EAEC19B |
SHA-256 | B8B4457FB3AC2ADFBDFA6BE8CEB0FF1018B1ADE9F650B5E96744D352DA854A94 |
SSDEEP | 192:vrw5clRIOXSIOXHIOXW6IOXoIOXgIX7IX3uEzXhQzag:zw2Fsa |
TLSH | T189F1634D3F2A99A14D8B1112286117E1E134D2E4E7D3A4C8D7B05932A20BFDCF726FB9 |
tar:gname | bin |
tar:uname | root |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/checkpoint.rules |
FileSize | 19783 |
MD5 | 3758C168285EFC9DC53FB6680FA3E133 |
SHA-1 | 0EC89F425217265014FEE07AEA96EA802D5A0564 |
SHA-256 | A7FC3286863CA138AABE310AA256BF0575587258B7DBC99E62449388600C3E4C |
SSDEEP | 192:YwfaX0haX0gMaX0HaX02OXzbGDOXzbnOXzbR5OXzbSaX0slbOXzs00YmIeBX0A0+:YwOm5AMqTZoS+6XDLK |
TLSH | T13592314E676490D149471014285113B07E7CD5D8DBEF24C8E3B09622E666FECBF9EFA1 |
tar:gname | bin |
tar:uname | root |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/f5-bigip.rules |
FileSize | 3246 |
MD5 | E02280F2F3AA3FE02414F3ACB62D4F1F |
SHA-1 | 0F3965B00F9AB8576A2C7E1F90A074D62967B4F2 |
SHA-256 | DFB5318F0282C800DA0D3A17AA0D3E08395C8644A98B3D77A692724176452190 |
SSDEEP | 48:lVRg4yUjH0hcGfk30XOuH0XOqHyxCbK+HX4:yw8k30XOuH0XOnR |
TLSH | T1CB61415D178192B08C030131204512F1757DD3D8EBEB5888A2B4D616F268EFEB6BDAB8 |
tar:gname | bin |
tar:uname | root |
Key | Value |
---|---|
FileName | ./etc/prelude-lml/ruleset/arpwatch.rules |
FileSize | 4841 |
MD5 | B8858B9E5A28B4675BFB22B7107324AB |
SHA-1 | 136E403E3440F369D3768C75D5870A910C2CBDCC |
SHA-256 | BBB24B1C1FDC2C92684F3B829227753731944026855DAEE7883146FFAC48CDCE |
SSDEEP | 96:NwbuzT0OXHVR/zOXf4V4izOXh+szOXKPgyQOXm:NwbuzT0OXHzOXUzOXkszOXKPgyQOXm |
TLSH | T165A1EE4E0319A5A14C0A00AA205523F07D39D2D9A6EE44C8F27CC513E3B8FFDFB99DA5 |
tar:gname | bin |
tar:uname | root |