Libnids

Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were...


Platforms: *nix

pynids is a python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine (or kill) network links. pynids is free software, licensed under the GPL. To...


Platforms: *nix

scanlogd project is a system daemon which attempts to log all portscans of a host to the syslog, in a secure fashion. This release of scanlogd can be built with support for one of several packet capture interfaces. In addition to the raw socket interface on Linux (which does not require any...


Platforms: *nix

scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with, for a Phrack Magazine article (see below). Thus, unlike some of the other port scan detection tools out there, scanlogd is designed to be totally safe to use. This...


Platforms: *nix