KeyFocus

 KFSensor
 About
 Overview
 Screen shots
 Features
 Enterprise edition
 Compare editions
 Download trial
 Buy KFSensor
 News
 Manual
 Knowledge Base
 Links
 Extras
 Factsheet (.pdf)
 
Click on an image to see it full size

KFSensor Administration Console

The Administration Console enables control of the sensors, event notification and investigation.

Ports View

Ports View
Displays the simulated services on each port. Ports are color coded to indicate recent activity.
The events displayed are from a variety of real life attack.		  

Visitor View

Visitor View
Displays each visitor to the sensor.

Remote Sensors

Remote Sensors
View multiple remote sensors and their events on one console.		  

System Tray

System Tray
When not in use the Administration Console sits in the system tray.
It flashes red and optionally plays an alarm sound when an attack is detected.

Event Investigation

View detailed information on every attack.

Event Details

Event Details
Each event contains a wealth of detail to enable further analysis of an attack.		  

Opaserv worm

Opaserv worm
View a detailed log of the data transmitted during an attack.
This example shows the Opaserv worm attempting spread itself via SMB.

RPC Blaster worm

RPC Blaster worm
View the data in different formats.
This example shows the Blaster worm's payload in Hex.		  

Edit Scenario

Edit Scenario
Each sensor can be configured for specific tasks or to simulate different systems and services.

Signatures

KFSensor is contains a fully featured signature based IDS engine.

Identify attacks

Identify attacks
Known attacks patterns are identified by the signature IDS engine and the signature details are available in the events view.		  

Edit Signature Base

Edit Signature Base
Signature rule administration is totally GUI based.

Edit Signature Rule

Edit Signature Rule
Signature rules support port based filters and multiple signatures.
Signatures support string, url and decoded data searches as well as regular expressions.		  

Import Signatures

Import Signatures
Import Snort format rule sets directly into KFSensor.

Configurable

KFSensor is highly configurable.

Control Remote Sensors

Control Remote Sensors
Manage multiple sensor installations across the network, from one console.
All protected by 3072 bit RSA public/private key authentication and 256 bit AES encryption.		  

Edit Ports

Edit Ports
KFSensor can be configured to listen on any port.

Edit Scenario

Edit Scenario
Each sensor can be configured for specific tasks or to simulate different systems and services.		  

NBT Settings

NBT Settings
Configure exactly how KFSensor should respond to a NetBIOS scan.

HTTP Emulation

HTTP Emulation
Each server emulation can be configured.		  

Add/Remove Columns

Add/Remove Columns
The interface is fully customizable. Choose exactly how you want the event details to be displayed.

Custom Enhancements

Add value to KFSensor by writing your own custom reports, or simulated servers.

External Database Log

External Database Log
Write your own custom reports in Access, or any other SQL database.		  

External Emulation

External Emulation
Write your own custom server emulations, using languages like PERL.

Spammer Log

Spammer Log
Load the log of spam attacks into Access for further analysis.