Result for 1CC99BC85C413943410DDBBB6E6F85BB7E51BED9

Query result

Key Value
FileName./etc/prelude-lml/ruleset/navce.rules
FileSize5504
MD51197FAC17F311D7EAE820B912E75B07B
SHA-11CC99BC85C413943410DDBBB6E6F85BB7E51BED9
SHA-256DFA37F35BA4EF819A639BD30EF2099BE1ECF2FEA626897464BACB6DE4CFC8CE4
SSDEEP96:jFw/e0PUlCPQLO2SFGK7IXOiVR19VIXOiqVIzXaNke/ItKczXa0IaPkeHj:jFwvXQLOLIXOiVfIXOiqizXaVqKczXa8
TLSHT1DEB1304D3D1DA0514847A1623499C3E2B630F7999BC248E453B84970E217FECF7AAFAD
tar:gnamebin
tar:unameroot
hashlookup:parent-total81
hashlookup:trust100

Network graph view

Parents (Total: 81)

The searched file hash is included in 81 parent files which include package known and seen by metalookup. A sample is included below:

Key Value
MD583370381B9A6418A65D634F6FE277CEA
PackageArchs390
PackageDescriptionPrelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications,
PackageMaintainerFedora Project
PackageNameprelude-lml
PackageRelease10.fc19
PackageVersion1.0.0
SHA-100C52685FDB1A48951430E5E814E65D85E2AA0C0
SHA-2562AE1B0472F1FEEBF11F1DFBF6B592FCA5166701D8F5198E086C517271BB17501
Key Value
FileSize233536
MD5BD1AE5FE3C88D5286A9777AE0DD4FE76
PackageDescriptionSecurity Information Management System [ Log Agent ] Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. . Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc.
PackageMaintainerPierre Chifflier <pollux@debian.org>
PackageNameprelude-lml
PackageSectionadmin
PackageVersion1.0.0-5.3
SHA-102980F19C2A3168079E78080E03E840B5AE512C5
SHA-256C3EAAEFCA44BE88E9FB41A04414E71423F6FFAE2F07C18D781D16CFA354DF589
Key Value
FileSize235652
MD51897290586C1B3F7E1F64DCB71FB4C5F
PackageDescriptionSecurity Information Management System [ Log Agent ] Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. . Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc.
PackageMaintainerPierre Chifflier <pollux@debian.org>
PackageNameprelude-lml
PackageSectionadmin
PackageVersion1.0.0-5.3+b4
SHA-1070A91F4BD8F6568BC23752A1A651FC917E060A7
SHA-256DE5FCE204B978D8CB2E57FD2B05E162C1F6AF9481C48BBF291CC2E324D5918BE
Key Value
MD5723166817B0F37FF937009D3CFBC4994
PackageArchppc
PackageDescriptionPrelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications,
PackageMaintainerKoji
PackageNameprelude-lml
PackageRelease4.fc15
PackageVersion1.0.0
SHA-10A128C32A6610B73E4A0D55681EC4BA7B97DC12E
SHA-256A105610776B95454BC395D3965B5E5A48DD5BD706CA0CEF9D357796F831DE4C9
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD//4.4//packages//powerpc//prelude-lml-0.9.10.tgz
MD574F84CA3BAB1453955AE0320D7CF54CD
SHA-10B7E36C6420A9A6BC4FF9A6C06774849FD0383D0
SHA-2564404815092FFF7557330B8FF715D9EEC8F05AEE7F07B146DB1D00E88B20E79F6
SSDEEP3072:zLGZivuE5XnxLt2LP/shlkp1uILWqiDMEf53lONy7NnfYQG:nkimO9tocA+zDrR3IGNnfXG
TLSHT19FD3126A3499E1905DCAC38EEC93DC281DC04FFB17095FA996432E969F133E6449235B
Key Value
FileSize131990
MD5091ABBD2B4FDF7331F96EFF207CEA445
PackageDescriptionSecurity Information Management System [ Log Agent ] Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. . Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc.
PackageMaintainerUbuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageNameprelude-lml
PackageSectionadmin
PackageVersion1.0.0-5build1
SHA-10C95E178EAF9F850E778DBC2722EDDD5231062CF
SHA-256CF96A52610A17997A46E87F851C34429A64395F994ACAA402B94DE51DC425F30
Key Value
MD5ADB7EC94887D2F21F1E4B9BB04FA59EA
PackageArchs390x
PackageDescriptionPrelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications,
PackageMaintainerFedora Project
PackageNameprelude-lml
PackageRelease4.fc15
PackageVersion1.0.0
SHA-10CD1D632D8C9FF937C9863CF50C0F5EF10FBC887
SHA-256606B8D80FFC40277D5C0CCCCB80C98F9615032487713DD2506855CEF3A75B8FA
Key Value
MD56E4BA087E5259C946588DBE0E49E38DF
PackageArcharmv5tel
PackageDescriptionPrelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications,
PackageMaintainerFedora Project
PackageNameprelude-lml
PackageRelease1.fc14
PackageVersion1.0.0
SHA-111B2B40188022101BBDEB396077A4997AEF2EB82
SHA-25625025D638FC21BB24D779BA4A546AD158576273970830AE7831A48B0CFC9BDA6
Key Value
MD5FDD9FBE9B945C7D2ED6727917AB76511
PackageArchia64
PackageDescriptionPrelude-LML’s primary function is log analysis. Logs on a local system or logs monitored over the network (if configured to accept syslog messages from other hosts) can be processed and analyzed in order to discover security anomalies.
PackageMaintainerFedora Project
PackageNameprelude-lml
PackageRelease2.fc9
PackageVersion0.9.11
SHA-111B5BC2BADA97B588F6B280253B79F54C439626B
SHA-256D5A1A9450BD996C6460CC5E69CFF4D9AE3A0B2B52EE86617FB20249C924635EA
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD//4.3//packages//sparc64//prelude-lml-0.9.10.tgz
MD577137E65FD150BEDAB7F13FC8088652E
SHA-112620F846B3B196FDEF51FD84B6091BC73739B0D
SHA-25644333FE9EC3F1F75E557E5983631248ECCAC95C886BD981D8914F3471278F9CF
SSDEEP3072:cn4WYUCp7TEWD0kmLFlRzDwR8A7ksM3NSaRDFoAHzO:c4bU+Ik2RzDwR5sNSaRDdHy
TLSHT1B5D3121E1178CE6D8F4D4B47DF208469BB1DA347AF2B0309DA47D46AB25AAB041CCF8D