Network Intrusion Detection System Nids

mod_fortress is an application level firewall and intrusion detection system. mod_fortress is designed to intercept certain CGI/HTTP attacks by acting as a non-transparent proxy between an Apache server and an HTTP client..

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in...

OpenAanval - The Open Source version of the Commercial Aanval Console - A full featured advanced Intrusion Detection System (IDS) Console for Snort.Real-time LIVE event monitoring, comprehensive statistics, multi-user, email / audio alerting, IP marking.


Platforms: PHP

fwsnort parses the rules files included in the snort intrusion detection system and builds an equivalent iptables ruleset for as many rules as possible. fwsnort accepts command line arguments to restrict processing to any particular class of snort rules such as "ddos", "backdoor", or...


Platforms: *nix

RazorBack is a log analysis program that interfaces with the SNORT open source Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Snort should be configured to send data to syslog for razorback to display the data....


Platforms: *nix

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. Fragroute features a simple...


Platforms: *nix

An open-source configurable virtual testbed (based on the Eucalyptus cloud platform) for Intrusion Detection System Evaluation.


Platforms: Windows, Mac, Linux

SIDEN is a distributed network discovery tool used for intrusion detection research. The current SIDEN architecture allows you to simulate coordinated/distributed network probes by a group of attackers. SIDEN has been tested successfully on the OpenBSD and FreeBSD operating systems. If you try...


Platforms: *nix

Pads (Passive Asset Detection System) is a signature-based detection engine used to passively detect network assets. Asset management is an important factor in information security. A good security administrator should keep track of all devices attached to the network. Even though active...


Platforms: *nix

Hogwash Light BR is an Intrusion Prevention System that can filter packets directly in the layer 2 of the OSI model (so the machine doesnt need even an IP address). Detection of malicious/anomalous traffic is done by rules based in signatures, and the user can add more rules. It is an efficient...


Platforms: *nix

ModSecurity is an FREE and GPL lincesed software for intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. Whats...


Platforms: *nix

ImSafe (Immune Security For your Enterprise) is a host-based intrusion detection tool. After a learning phase, it is able to detect changes in processes behavior, to detect buffer overflows, etc. It is implemented through a device driver (as a kernel patch) for the Linux kernel, but can also be...


Platforms: *nix

LaBrea is a intrusion detection / "sticky" honey pot technology using virtual servers to detect malware. LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers to connection attempts in a...


Platforms: *nix

PHPMotionDetect is a motion detection system written in PHP. It consists of - A PHP script for motion detection  - Archive snapshots in a MySQL database and/or disk.  - A web based frontend for browsing the archive, and creation of movies. You must have a webcam supported by your Unix-like...


Platforms: Windows, Mac, *nix, PHP, BSD Solaris

GFI LANguard System Integrity Monitor (S.I.M.) is a utility that provides intrusion detection by checking whether files have been changed, added or deleted on a Windows 2000/XP system. If this happens, it alerts the administrator by email. Because hackers need to change certain system files to...


Platforms: Windows

Hogwash Light BR is an Intrusion Prevention System that can filter packets directly in the layer 2 of the OSI model (so the machine doesn't need even an IP address). Detection of malicious/anomalous traffic is done by rules based in signatures, and the user can add more rules. It is an efficient...


Platforms: *nix

LANguard Security Event Log Monitor is a network wide event log monitor that retrieves logs from all NT/2000 servers and workstations and immediately alerts the administrator of possible intrusions for immediate host based intrusion detection. Using the LANguard event viewer you can also create...


Platforms: Windows

System Health Monitor for Linux is a handy python program that will setup your system to generate RRD Graphs of network interface traffic, system load, memory usage, disk space and inode usage and graphs of the number of running processes. System Health Monitor features a user-friendly...


Platforms: *nix

EtherEye is a web-based network host checking system written in PHP and standards compliant HTML. You simply provide it with a list of IP addresses or domain names via the configuration interface and it will ping them on request and output the results as HTML. You can also access the results...


Platforms: *nix

M-ICE is a modular hostbased intrusion detection framework. It is used as middleware to close the gap between IDS research and IDS development. M-ICE consists of various parts that can be connected together by using network-or interprocess-communication


Platforms: Mac, BSD, Linux