Download phpSAM.
>> phpSAM ver 1.9
>> phpSAM DB.sql v.1.9
Changelog.
----------------------
phpSAM - Changelog
----------------------
2005-03-25 Lars Knudsen
### 1.9 released
DB.sql updated for the latest db-setup.
Updated phpsam_admin.php so that administrator is able to see customers password (for unknown reason)
Updated various documentation
2005-03-17 Lars Knudsen
Fixed reference to snort rules at snort.org (/pub-bin/sigs.cgi?sid)
Corrected Google reference in various files. There should be a link to google an eventtype.
Removed the table sam_sig_details. No need for it when it is possible to google it.
Removed the listing of all the eventtypes the user is allowed to see in the advanced_search.php. I just took to much time to get it..
2005-03-02 Lars Knudsen
Cleaned up to release v. 1.9
- Some minor issues with design
- The calc error in graph_year_stat_cache.php should be fixed.
- Adding an admin page for adding/editing/deleting users and assigning sensors
- Please apply DB.sql - Only addition is userdb.
2004-12-07 Lars Knudsen
Calculation error regarding actual month in graph_year_stat_cache.php
Added update_sam_event rutine to copy_data_to_sam_cache.php
2004-11-24 Lars Knudsen
Cutting strings to max. 40 in graphs
Major calculating error in copy_data_to_sam_cache.php fixed. Now it will show the correct total amount of events.
2004-10-08 Lars Knudsen
After tumbling with table data getting larger than 3.8 Gb and therefore making the table unawailable
(thought Win2K was the limiter on space by NTFS) I altered the data table with:
ALTER TABLE data AVG_ROW_LENGTH=1, MAX_ROWS=4294967297
(see http://dev.mysql.com/doc/mysql/en/Table_size.html for more info)
2004-09-28 Lars Knudsen
For the error "Mysql Server has gone away" please alter your my.cfg | my.ini with:
key_buffer=32M
max_allowed_packet=64M
or more
adv_search.php is added.
Added function num_to_text() [used in adv_search.php]
Returns [0..2] equals [AND/OR/NOR]
header.php altered to fit advsearch.gif (link)
2004-09-20 Lars Knudsen
### 1.8 released
Added graph_top_ten_attacked.php for view of those most attacked.
Added dirlist.php. A list over files in phpSAM
Changed alert_history.php to show total number of alerts in [Signatures]
unknown.html now has some text ;-)
2004-09-17 Lars Knudsen
Design changed again (slightly..)
detail_ip.php showed packetdata wrongly. Added htmlentities.
Altered detail_ip.php / trace.php to work with OS=[Win32/Un*x] {settings.php = $OS_System}
2004-09-15 Lars Knudsen
clear_event.php is removing any data in event, iphdr, tcphdr, udphdr and data that is over 24 Hours old.
There might be an error message (2006) "Mysql server gone away" on number of rows > 100.000.
See http://dev.mysql.com/doc/mysql/en/Gone_away.html for a solution.
clear_event.php should be run at least once every day.
2004-09-13 Lars Knudsen
### 1.7.1 released
Altered the graphs to work with sam_cache
copy_data_to_sam_cache.php is inserting/updating sam_cache with data from the last 24 Hours (or since we last updated)
copy_data_to_sam_cache.php is also inserting/updating sam_event_stat with total per month (or updating)
copy_data_to_sam_cache.php should be run at least every 1 minute.
New DB table. sam_cache. Be sure to dump the table + the alterations from DB.sql
2004-09-12 Lars Knudsen
Added the feature of altering the refresh rate for alert.php in header.php
Help.php improved with more text.
Design sligtly altered
2004-09-10 Lars Knudsen
Altered the alert.php script slightly for better performance.
Using the sam_event.status field it is now possible to monitor an event by keeping it in the alertwindow
(it is also possible to release it or delete it)
- Working on a comparison mechanism to check if the same event occours again and if so show it just under the "original" event.
2004-09-06 Lars Knudsen
### 1.7 released
Found that alert.php took more than 27 sec. on a 300 entries table.
A missing index and date calculations were the main causes.
Changed sam_event and event and iphdr to have an alternate primary key and index.
Changes are in DB.sql.
- Changed the way it searches for the time (min, hour, year) so that it actually does it right. ;-)
Thanx to Richard Armstrong there.
- Major overhaul on design / page setup. (For the better I hope.)
2004-08-31 Lars Knudsen
### 1.6 released
- Layout for alerts changed to better make place for information
- detail_packet.php altered to accomodate data
- functions.php
[
functions
get_icmp_type
get_icmp_code
get_port_code
]
- Added sam_ports to show in a more human fashion the assignments of ports.
Note: Phew.. Loads of ports there.
2004-08-30 Lars Knudsen
### 1.5 released
- Changed $number_priority to $number_events (settings.php and alert.php)
- alert.php
changed code for altering priority in sam_events
changed code to check for Data_free (overhead) in tables.
- Check on protocol type in alert and overview files
[function check_ip_protocol(iphdr.ip_proto)]
- detail_packet.php added.
[function hex2asc(data)]
2004-08-27 Lars Knudsen
- Trace.php changed to do a proper trace and show it nicely.
- settings.php : added $OS_system [0|1] for Unix|Win32
- help.php : Help(Info file with references in all other files ([?] links)
- Graphs v 1.5 : graph_5min_stat.php
graph_1hour_stat.php
graph_24hour_stat.php
graph_year_stat.php
graph_top_events.php
graph_top_ten.php
show_graphs.php - Show all above graph files
2004-08-25 Lars Knudsen
- Logo created
2004-08-24 Lars Knudsen
- Graphs v. 1.0
2004-08-23 Lars Knudsen
Search function added
Files added: search.php
links.php
traceroute page added (from detail_ip.php)
Functions added: phpSAMip2long
phpSAMlong2ip
netcalc
2004-08-22 Lars Knudsen
### 1.0 released