Intrusion Detection Systems Comparison

LaBrea is a intrusion detection / "sticky" honey pot technology using virtual servers to detect malware. LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers to connection attempts in a...

EasyIDS software is an easy to install intrusion detection system configured for Snort. Based upon Patrick Harpers Snort installation guide and modeled after the trixbox installation cd, EasyIDS is designed for the network security beginner with minimal Linux experience. Whats New in This...

Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were...


Platforms: *nix

Cave Canem is an extensible monitoring and intrusion detection system based on the Object Management Group (OMG) Data Distribution Service (DDS) standard.


Platforms: *nix

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. Fragroute features a simple...


Platforms: *nix

Samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). samhain project has been designed to monitor multiple hosts with potentially different operating systems from a central...


Platforms: *nix

M-ICE is a modular hostbased intrusion detection framework. It is used as middleware to close the gap between IDS research and IDS development. M-ICE consists of various parts that can be connected together by using network-or interprocess-communication


Platforms: Mac, BSD, Linux

IDSRG stands for Intrusion Detection System Report Generator. It generates graphic reports from a snort database of alerts.The main goal of the project IDS Report Generator is to provide instant reports of your ids events. It has 7 predefined reports and the plans.


Platforms: PHP

OpenAanval - The Open Source version of the Commercial Aanval Console - A full featured advanced Intrusion Detection System (IDS) Console for Snort.Real-time LIVE event monitoring, comprehensive statistics, multi-user, email / audio alerting, IP marking.


Platforms: PHP

pynids is a python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine (or kill) network links. pynids is free software, licensed under the GPL. To...


Platforms: *nix

check_openmanage is an intelligent plugin. It will by itself discover which hardware components are present in the server and monitor them. It does this because it assumes that most systems administrators are lazy, and are not interested in configuring the plugin to match different server models,...


Platforms: *nix

GFI LANguard System Integrity Monitor (S.I.M.) is a utility that provides intrusion detection by checking whether files have been changed, added or deleted on a Windows 2000/XP system. If this happens, it alerts the administrator by email. Because hackers need to change certain system files to...


Platforms: Windows

LANguard Security Event Log Monitor is a network wide event log monitor that retrieves logs from all NT/2000 servers and workstations and immediately alerts the administrator of possible intrusions for immediate host based intrusion detection. Using the LANguard event viewer you can also create...


Platforms: Windows

INIDS(IDS/IPS) stands for Intelligent Network Intrusion Detection System. It is a powerful security tool for pc users, which has the real-time network security monitoring and reporting capabilities.


Platforms: Windows

RegistryProt is a 100% free, standalone, compact, low-level realtime registry monitor and protector, that adds another dimension to Windows security and intrusion detection. By monitoring important locations and keys in the Windows system registry, RegistryProt will alert whenever a key is added...


Platforms: Windows

RegistryProt is a 100% free, standalone, compact, low-level realtime registry monitor and protector, that adds another dimension to Windows security and intrusion detection. By monitoring important locations and keys in the Windows system registry, RegistryProt will alert whenever a key is added...


Platforms: Windows

fwsnort parses the rules files included in the snort intrusion detection system and builds an equivalent iptables ruleset for as many rules as possible. fwsnort accepts command line arguments to restrict processing to any particular class of snort rules such as "ddos", "backdoor", or...


Platforms: *nix

RazorBack is a log analysis program that interfaces with the SNORT open source Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Snort should be configured to send data to syslog for razorback to display the data....


Platforms: *nix

RegistryProt is a 100% free, standalone, compact, low-level realtime registry monitor and protector, that adds another dimension to Windows security and intrusion detection. By monitoring important locations and keys in the Windows system registry, RegistryProt will alert whenever a key is added...


Platforms: Windows

An open-source configurable virtual testbed (based on the Eucalyptus cloud platform) for Intrusion Detection System Evaluation.


Platforms: Windows, Mac, Linux