Community-supported view of Intrusion Detection and Intrusion Prevention Systems. Focus on open source technologies, methods, and data analysis related to IDS/IPS.
Related categories 1
Sites 16
Loading new listings for you to review...
- PreludeIDS Technologies Distributed hybrid IDS framework, that collects and aggregates event reports from available security systems, and analyses them on a central system.
- Honeyd Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet or for network monitoring. For *BSD, GNU/Linux, and Solaris.
- Snort A free lightweight network intrusion detection system for UNIX and Windows.
- ACID (Analysis Console for Intrusion Databases) Powerful PHP-based data analysis tool for network security events captured by many common IDS tools, including snort and tcpdump.
- Advanced Intrusion Detection Environment AIDE is a file integrity checker that supports regular expressions. Licensed with GPL.
- Chkrootkit Provides open source application to check for presence of rootkits installed on Linux/Unix machines. Links to security related sites.
- LAk Intrusion Prevention System A single compilation of source, binaries, scripts and whitepapers on intrusion prevention systems. The aim is to quickly establish a working IPS within minutes.
- Panoptis Network-IDS that detects and stops DoS/DDoS attacks by using real-time Cisco NetFlow data.
- Snortalog Perl-based log analysis tool that summarizes network security events from any native snort database format.
- Systrace (Interactive Policy Generation for System Calls) Systrace enforces system call policies for applications by interactively constraining the application's access to the system (*bsd and Linux). Systrace is able to monitor daemons on remote machines and generate warnings at a central location.
- sLink project sLink consists of a daemon and a suite of cgi programs which provide a web administration interface to an EDM/BOSCH Solution16 Alarm Panel.
- QuIDScor IDS/VA correlation QuIDScor is an Open Source project demonstrating the value in correlating information between Intrusion Detection Systems (such as Snort) and vulnerability assessment and management platforms such as QualysGuard.
- Firestorm Network Intrusion Detection System Firestorm is a high-performance GPL-licensed network intrusion detection system (NIDS). Features include being fully pluggable, easily configurable, and an extremely scalable signature engine.
- Rootkit Hunter Open-source GPL rootkit scanner for Unix-like systems. Scans for rootkits, trojans, backdoors and local exploits. Tests include scanning of plaintext and binary files for MD5 hash comparisons, default rootkit files, binary permissions, suspect LKM/KLD module strings, and hidden files.
- Fail2Ban fail2ban is a POSIX/Linux tool used to ban IP addresses that generate too many password failures. ssh, iptables, ipfwadm and ipfw are currently supported.
- Shadow Intrusion and Network Analysis Shadow is an intrusion-detection system from the Naval Surface Warfare Center, shows promise in detecting previously unknown attacks for which no known detection signatures exist.