Anomaly Detection System

Ourmon is a statistically oriented open-source network monitoring and anomaly detection system. It may also be viewed as a flow collection system. Ourmon is based on promiscuous mode packet collection on Ethernet interfaces and typically uses port mirroring via an Ethernet switch. A probe... Platforms: *nix

Devialog is a behavior/anomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog. Present log-based IDS: Nearly all present log-based intrusion detection systems operate using a pre-defined known signature base, usually painstakingly created by hand. They can... Platforms: *nix

Devialog is a behavior/anomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog. Present log-based IDS: Nearly all present log-based intrusion detection systems operate using a pre-defined known signature base, usually painstakingly created by hand. They... Platforms: *nix

Worried about hackers, worms and trojans? Want to improve your Internet security? Want to detect intruders? KFSensor is a host based Intrusion Detection System (IDS). It acts as a honeypot to attract and detect hackers by simulating vulnerable system services and trojans. The system is... Platforms: Windows

HTTP traffic generator allows to generate a good amount of http traffic for testing web applications, web servers, intrusion detection system and their resistance to HTTP attacks. You can specify the requests count and interval between two requests. The generated requests are sent to the... Platforms: Windows

The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities.The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in... Platforms: *nix

FTester (The Firewall Tester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities. The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in... Platforms: *nix

Snort Report is an add-on module for the Snort Intrusion Detection System. Snort Report add-on provides realtime reporting from the MySQL database generated by Snort. It has been tested on Redhat 6.2, 7.0, 7.1, and OpenBSD 2.9.. Symmetrix Technologies is a complete network integrator and... Platforms: *nix

Firestorm is an extremely high performance network intrusion detection system (NIDS). At the moment it just a sensor but plans are to include real support for analysis, reporting, remote console and on-the-fly sensor configuration. It is fully pluggable and hence extremely flexible. Firestorm... Platforms: *nix

Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. Asset management is an important factor in information security. A good security administrator should keep track of all devices attached to the network. Even though active... Platforms: *nix

EasyIDS software is an easy to install intrusion detection system configured for Snort. Based upon Patrick Harpers Snort installation guide and modeled after the trixbox installation cd, EasyIDS is designed for the network security beginner with minimal Linux experience. Whats New in This... Platforms: *nix

Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were... Platforms: *nix

NetFlow Auditor constantly keeps its eyes on your Network and provides total visibility to quickly identify and alert on who is doing what, where, when, with whom and for how long. NetFlow Auditor is a game-changing network auditing technology that complements existing network and security... Platforms: Windows, *nix, Java

Shoki is a free, open source network intrusion detection system. The fundamental design goals are simplicity and modularity, and the focus is on traffic analysis rather than content inspection. Platforms: *nix

PHPMotionDetect is a motion detection system written in PHP. It consists of - A PHP script for motion detection  - Archive snapshots in a MySQL database and/or disk.  - A web based frontend for browsing the archive, and creation of movies. You must have a webcam supported by your Unix-like... Platforms: Windows, Mac, *nix, PHP, BSD Solaris

Cave Canem is an extensible monitoring and intrusion detection system based on the Object Management Group (OMG) Data Distribution Service (DDS) standard. Platforms: *nix

Ax3soft Sax2 is a professional intrusion detection and prevention system that performs real-time packet capturing, 24/7 network monitoring, advanced protocol analyzing and automatic expert detection. By giving you insights into all of your network's operations, Sax2 makes it easy to isolate and... Platforms: Windows

The Securepoint Intrusion Detection System (nuzzler basic) allows to analyse your network for intrusion detections. Nuzzler basic is a full Intrusion Detection System using your local Computer. Nuzzler can detect possible attacks, viruses, trojans and other bad traffic. The Basic version comes... Platforms: Windows

SID-IDS is a host intrusion detection system. Shell/PTY Intrusion Detection: Aims at detecting unwanted PTY action on UNIX systems. SID-IDS is a Host Intrusion Detection System. Consists of a kernel part and a user part. The kernel part plugs into terminal processing subsystem and logs hashed... Platforms: *nix

pynids is a python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine (or kill) network links. pynids is free software, licensed under the GPL. To... Platforms: *nix