ITS Custom Security Software

From ITS Wiki - Information Technology Services - University of Rhode Island

Jump to: navigation, search

About

Our ITS Security Team consists of Greg Bowser, and Dan Ketcham round our team. Greg Bowser is our resident programmer, and has authored all our software.

Each of the software tools we have developed based on the simple principle: "Work smarter, not harder." At URI we have been using both open source and licensed software for many years. Each of these software projects addresses a need that is not fulfilled by other software that is available to us.

Software Tools

Guest Access Management Engine (GAME)

GAME Login page
  • What is Game?
Game is a tool used to augment our Impulse SafeConnect Network Access Control implementation. It provides the management interface necessary to support a secondary guest access authentication store, independent from our central authentication store. GAME supports multiple Guest Access administrators (with role based permissions) and a simple, secure user interface.
  • Why?
Adding guest accounts dynamically into our central authentication system was not an option. GAME provides a simple way of managing guest users, without impacting our existing authentication system.
  • Requirements
Web server
PHP 4.X or 5.X
MySQL 4.X or 5.X
  • Installation

Please click on the link below for detailed GAME Installation instructions and Documentation
GAME Installation & Documentation

Labrea Web Interface

  • What is Labrea Web Interface?
Our Labrea Interface is a highly refined view into information gathered from a Labrea Tarpit. Based on a project at the University of Oklahoma, our version has been rewritten many times over to get it to the state it is today.
  • Why?
Simply put, good guys should not be talking to IP Addresses that do not exist. Our tarpit interface provides an in depth look at IP's that have "visited" a labrea Tarpit. Data includes private hits (hits from within your organization), public hits (hits from the internet), as well as information about top attacked ports. "Whois" functionality has also been built in for quickly determining the location of the attacker.
  • Requirements
  • Installation

SMAC

SMAC's output page
  • What is SMAC?
SMAC, a quick, highly customizable query engine for BASE.
  • Why?
When correlating events across several platforms, there exists a need to get an overview of events, and dive down deeper where needed. SMAC integrates with the Snort/BASE platform. With SMAC, a user can quickly query based on IP address or Snort Signature. The strength of SMAC is its filtering engine. A user can pear down results based on unique Source IP, Destination IP, and Signature.
  • Notes:
Yes, this might be a slight "reinvention of the wheel", but we like it that way :)
  • Requirements
  • Installation

RSS²

  • What is RSS²?
RSS² (we don't know what it stands for either) is a simple, web-based RSS management system. The interface allows a user to create, edit and manage an RSS feed. RSS² can either FTP your RSS feed to a webserver, or write the file locally.
  • Why?
We want to maintain a single RSS feed without the need for editing the XML directly. This basic package does that for us.
  • Requirements
  • Installation

External Links