Perimeter Intrusion Detection Systems

mod_fortress is an application level firewall and intrusion detection system. mod_fortress is designed to intercept certain CGI/HTTP attacks by acting as a non-transparent proxy between an Apache server and an HTTP client..

The Firewall Tester (FTester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities.The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in...

FTester (The Firewall Tester) is a tool designed for testing firewalls filtering policies and Intrusion Detection System (IDS) capabilities. The tool consists of two perl scripts, a packet injector (ftest) and the listening sniffer (ftestd). The first script injects custom packets, defined in...


Platforms: *nix

Packit is a network auditing tool that allows you to monitor, manipulate, and inject customized IP traffic into your network. This can be valuable for testing firewalls, intrusion detection systems, port scanning, and general TCP/IP auditing.


Platforms: *nix

ModSecurity is an FREE and GPL lincesed software for intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. Whats...


Platforms: *nix

LaBrea is a intrusion detection / "sticky" honey pot technology using virtual servers to detect malware. LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers to connection attempts in a...


Platforms: *nix

EasyIDS software is an easy to install intrusion detection system configured for Snort. Based upon Patrick Harpers Snort installation guide and modeled after the trixbox installation cd, EasyIDS is designed for the network security beginner with minimal Linux experience. Whats New in This...


Platforms: *nix

Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were...


Platforms: *nix

Shoki is a free, open source network intrusion detection system. The fundamental design goals are simplicity and modularity, and the focus is on traffic analysis rather than content inspection.


Platforms: *nix

Cave Canem is an extensible monitoring and intrusion detection system based on the Object Management Group (OMG) Data Distribution Service (DDS) standard.


Platforms: *nix

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. Fragroute features a simple...


Platforms: *nix

Samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). samhain project has been designed to monitor multiple hosts with potentially different operating systems from a central...


Platforms: *nix

M-ICE is a modular hostbased intrusion detection framework. It is used as middleware to close the gap between IDS research and IDS development. M-ICE consists of various parts that can be connected together by using network-or interprocess-communication


Platforms: Mac, BSD, Linux

IDSRG stands for Intrusion Detection System Report Generator. It generates graphic reports from a snort database of alerts.The main goal of the project IDS Report Generator is to provide instant reports of your ids events. It has 7 predefined reports and the plans.


Platforms: PHP

OpenAanval - The Open Source version of the Commercial Aanval Console - A full featured advanced Intrusion Detection System (IDS) Console for Snort.Real-time LIVE event monitoring, comprehensive statistics, multi-user, email / audio alerting, IP marking.


Platforms: PHP

ThreatSentry Windows Web server Host Intrusion Prevention software defends IIS against new and progressive attack techniques, protects network weak points, overcomes lapses in patch management, and reinforces regulatory compliance. An ISAPI filter hosted in MMC, ThreatSentry compares server...


Platforms: DOS, OS/2, BeOS, Palm OS, Windows, Mac, *nix, Windows CE

pynids is a python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine (or kill) network links. pynids is free software, licensed under the GPL. To...


Platforms: *nix

check_openmanage is an intelligent plugin. It will by itself discover which hardware components are present in the server and monitor them. It does this because it assumes that most systems administrators are lazy, and are not interested in configuring the plugin to match different server models,...


Platforms: *nix

GFI LANguard System Integrity Monitor (S.I.M.) is a utility that provides intrusion detection by checking whether files have been changed, added or deleted on a Windows 2000/XP system. If this happens, it alerts the administrator by email. Because hackers need to change certain system files to...


Platforms: Windows

ShareAlarmPro is a network tool that allows network administrators and users to easily perform network shares monitoring. Using ShareAlarmPro you can monitor users attempting to access secured shares and confidential files, detect and log network access to shared folders, monitor security events,...


Platforms: Windows