ITP: argus -- IP network auditing facility
I intend to package argus, a network transaction auditing tool.
As taken from the manpage:
"Argus is an IP transaction auditing tool that categorizes
IP packets which match the boolean expression into a protocol
specific network transaction model. Argus reports
on the transactions that it discovers, as they occur.
Designed to run as a daemon, argus generally pulls packets
directly from a network interface, and writes the transaction
status information to a log file or open socket connected to an argus client
Argus can also read packet information from tcpdump(1) raw packet files and/or
write the transaction logs to stdout. "
It is currently licensed under a non-free license but the author told me that
version 2.0 is to be relicensed under QoSient's license which seem sufficiently
free in order to be incorporated into the distribution.
Please note that version 2.0 will be made available at the end of January.
A free testing version is already available.
I am still going through the new applicant process so I will need a sponsor.
ftp://qosient.com/dev/argus/argus-2.0/argus-2.0.0N.tar.gz (Testing version)
ftp://ftp.sei.cmu.edu/pub/argus/argus-2.0.tar.gz (Free, not available yet.)
License: QoSient Public License
Cheers, Yotam Rubin