debian/0000755000000000000000000000000011642041660007166 5ustar debian/docs0000644000000000000000000000005011642041553010035 0ustar README doc/AUTHORS doc/ROADMAP doc/TODO debian/dirs0000644000000000000000000000006411642041553010053 0ustar etc/prads usr/sbin usr/share/man/man1 var/lib/prads debian/compat0000644000000000000000000000000211642041553010365 0ustar 7 debian/changelog0000644000000000000000000000023311642041553011037 0ustar prads (0.3.0-1) unstable; urgency=low * Initial release (Closes: #644050) -- Stig Sandbeck Mathisen Sun, 02 Oct 2011 12:55:25 +0200 debian/README.Debian0000644000000000000000000000017611642041553011234 0ustar prads for Debian ---------------- Straight up. -- Kacper Wysocki Wed, 20 May 2009 14:10:12 +0200 debian/prads.postinst0000644000000000000000000000047411642041553012112 0ustar #!/bin/sh # Postinst script for prads. # Stig Sandbeck Mathisen set -e set -u setup_user() { if ! getent passwd prads 2>&1 >/dev/null; then adduser --quiet --system --no-create-home --group prads fi } case ${1:-} in configure) setup_user ;; esac #DEBHELPER# debian/prads.init0000755000000000000000000000355411642041553011177 0ustar #!/bin/sh ### BEGIN INIT INFO # Provides: prads # Required-Start: $network $local_fs $remote_fs # Required-Stop: $network $local_fs $remote_fs # Default-Start: S 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Prads Realtime Asset Detection System # Description: Prads is a server that listens on your network, and # logs the presence of any servers and clients ### END INIT INFO # # Author: Stig Sandbeck Mathisen # DESC="Prads Realtime Asset Detection System" NAME="prads" DAEMON="/usr/bin/${NAME}" CONFIG="/etc/{$NAME}/{$NAME}.conf" USER="prads" GROUP="prads" CHROOT="/var/run/prads" PIDFILE="prads.pid" DAEMON_OPTS="-D -u $(id -u $USER) -g $(id -g $GROUP) -C $CHROOT -p $PIDFILE" test -f $DAEMON || exit 0 # Read LSB init functions . /lib/lsb/init-functions # Read service defaults, if it exists if [ -r /etc/default/$NAME -a -f /etc/default/$NAME ] then . /etc/default/$NAME fi create_chroot() { install -o $USER -g $GROUP -d $CHROOT } start_service() { log_begin_msg "Starting $DESC..." [ ! -d $CHROOT ] && create_chroot start-stop-daemon --start --quiet --pidfile $CHROOT/$PIDFILE \ --umask "007" \ --exec $DAEMON -- $DAEMON_OPTS \ ${INTERFACE:+-i "${INTERFACE}"} \ ${HOME_NETS:+-a "${HOME_NETS}"} 2>&1 log_end_msg $? } stop_service() { log_begin_msg "Stopping $DESC..." start-stop-daemon --stop --quiet --oknodo --retry 60 \ --pidfile $CHROOT/$PIDFILE log_end_msg $? } status_service() { status_of_proc $DAEMON $NAME } restart_service() { $0 stop && $0 start } fail() { echo "usage: $0 " exit 1 } case "$1" in start) start_service;; stop) stop_service;; status) status_service;; restart) restart_service;; force-reload) restart_service;; *) fail;; esac debian/examples0000644000000000000000000000001611642041553010725 0ustar doc/prads.sql debian/prads.default0000644000000000000000000000215211642041553011646 0ustar # /etc/default/prads - runtime options for prads # HOME_NET: Networks we consider "ours", only log assets on these networks. # # The debian default contains all rc1918 networks, and the ipv6 link # local network. The Debian defaults is set here. HOME_NETS="10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,fe80::/64" # Alternatively, set HOME_NETS to "" to log all traffic, which is the # builtin default. # # HOME_NETS="" # # LOGFILE: asset log location - opened for write before chrooting # LOGFILE=/var/log/prads.log # RUNDIR: Directory to chroot into when daemonized. Created if it doesn't exist. # RUNDIR=/var/run/prads # PIDFILE: Path to pidfile - must be under $RUNDIR to work under chroot # PIDFILE=$RUNDIR/$NAME.pid # USER: username for dropping privileges # USER=prads # GROUP: group for dropping privileges # GROUP=prads # INTERFACE: Interface to listen on. Default is to autodetect a capture source. # INTERFACE="eth0" # # DAEMON_OPTS: The options that our daemon runs with. NOTE: PIDNAME is relative to rundir. # DAEMON_OPTS="-D -u $(id -u $USER) -g $(id -g $GROUP) -C $RUNDIR -l $LOGFILE -a $HOME_NETS -p PIDNAME" debian/rules0000755000000000000000000000042011642041553010243 0ustar #!/usr/bin/make -f # -*- makefile -*- # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 %: dh $@ override_dh_auto_build: $(MAKE) CONFDIR=/etc/prads override_dh_auto_install: $(MAKE) PREFIX=/usr CONFDIR=/etc/prads DESTDIR=$(CURDIR)/debian/prads install debian/copyright0000644000000000000000000000262411642041553011126 0ustar This package was debianized by Kacper Wysocki on Wed, 20 May 2009 14:10:12 +0200. It was downloaded from http://gamelinux.github.com/prads/ Author(s): Edward Fjellskål Kacper Wysocki Copyright: Copyright (C) 2009-2010 Edward Fjellskål Copyright (C) 2010 Kacper Wysocki License: This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this package; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA On Debian systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL'. The Debian packaging is (C) 2010, Kacper Wysocki and is licensed under the GPL, see `/usr/share/common-licenses/GPL'. The various included signature files are (C) their respective authors. debian/source/0000755000000000000000000000000011642041553010467 5ustar debian/source/format0000644000000000000000000000001411642041553011675 0ustar 3.0 (quilt) debian/control0000644000000000000000000000275311642041553010601 0ustar Source: prads Section: utils Priority: extra Maintainer: Prads package developers Uploaders: Stig Sandbeck Mathisen , Kacper Wysocki Build-Depends: debhelper (>= 7.0.50~), libpcap-dev, libpcre3-dev, python-docutils (>= 0.6) Standards-Version: 3.9.2 Homepage: http://gamelinux.github.com/prads/ Vcs-Git: git://github.com/gamelinux/prads.git Vcs-Browser: http://github.com/gamelinux/prads/tree/master DM-Upload-Allowed: yes Package: prads Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, libpcap0.8, libpcre3, adduser Description: Passive Real-time Asset Detection System PRADS is a Passive Real-time Asset Detection System. . PRADS employs digital fingerprints to recognize services on the wire, and can be used to map your network and monitor for changes in real time. . Real-time passive traffic analysis will also let you detect assets that are just connected to the network for a short period of time, since PRADS can glean useful information from every packet. . PRADS aims to be the one-stop-shop for passive asset detection, and currently does MAC lookups, TCP and UDP OS fingerprinting as well as client and service application matching and a connection state table. Various output plugins include logfile and FIFO and make PRADS a useful replacement for p0f, pads and sancp. . PRADS was built from the ground up for a small footprint and modern networks with IPv6 and gigabits of throughput.