Intrusion Detection Systems Comparison
Hogwash Light BR is an Intrusion Prevention System that can filter packets directly in the layer 2 of the OSI model (so the machine doesnt need even an IP address). Detection of malicious/anomalous traffic is done by rules based in signatures, and the user can add more rules. It is an efficient...
Platforms: *nix
License: Freeware | Size: 194.56 KB | Download (104): Hogwash Light BR Download |
pynids is a python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine (or kill) network links. pynids is free software, licensed under the GPL. To...
Platforms: *nix
License: Freeware | Size: 133.12 KB | Download (103): pynids Download |
Kernel Configuration Comparison (kccmp) provides a GUI for comparing two Linux kernel ".config" files. It shows configuration variables with different values in a tabular format. It also shows configuration variables found in only one of the input configuration files. Building: kccmp by...
Platforms: *nix
License: Freeware | Size: 12.29 KB | Download (103): Kernel Configuration Comparison Download |
LEAF Bering-uClibc is the successor of the Bering distribution. Replacing glibc with uClibc a significantly smaller distribution is possible. All packages are ipv6-ready and based on the latest sources. It also provides a new and enhanced package management. LEAF Bering-uClibc is available for...
Platforms: *nix
License: Freeware | Size: 430.08 KB | Download (101): LEAF Bering-uClibc 3.1 Beta Download |
Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were...
Platforms: *nix
License: Freeware | Size: 143.36 KB | Download (100): Libnids Download |
ImSafe (Immune Security For your Enterprise) is a host-based intrusion detection tool. After a learning phase, it is able to detect changes in processes behavior, to detect buffer overflows, etc. It is implemented through a device driver (as a kernel patch) for the Linux kernel, but can also be...
Platforms: *nix
License: Freeware | Size: 245.76 KB | Download (99): ImSafe Download |
Udp Client Sever is a useful network utility for testing network programs, network services, firewalls and intrusion detection systems. Udp Client Sever can also be used for debugging network programs and configuring other network tools. The tool can work as a Udp client and Udp server, send and...
Platforms: Windows
License: Freeware | Size: 599.41 KB | Download (98): Udp Client Server Download |
Samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). samhain project has been designed to monitor multiple hosts with potentially different operating systems from a central...
Platforms: *nix
License: Freeware | Size: 1.3 MB | Download (97): samhain Download |
SID-IDS is a host intrusion detection system. Shell/PTY Intrusion Detection: Aims at detecting unwanted PTY action on UNIX systems. SID-IDS is a Host Intrusion Detection System. Consists of a kernel part and a user part. The kernel part plugs into terminal processing subsystem and logs hashed...
Platforms: *nix
License: Freeware | Size: 59.39 KB | Download (96): SID-IDS Download |
Devialog is a behavior/anomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog. Present log-based IDS: Nearly all present log-based intrusion detection systems operate using a pre-defined known signature base, usually painstakingly created by hand. They...
Platforms: *nix
License: Freeware | Size: 22.53 KB | Download (94): check-ps Download |
SIDEN is a distributed network discovery tool used for intrusion detection research. The current SIDEN architecture allows you to simulate coordinated/distributed network probes by a group of attackers. SIDEN has been tested successfully on the OpenBSD and FreeBSD operating systems. If you try...
Platforms: *nix
License: Freeware | Size: 20.48 KB | Download (94): SIDEN Download |
PushSite provides an utility to update remote site. Pushsite is intended for updating remote websites -- its like mirroring but in reverse. It only sends the changed/new files to conserve bandwidth. Of course, it has other applications too (e.g. software distribution). PushSite can detect...
Platforms: *nix
License: Freeware | Download (94): PushSite Download |
mod_fortress is an application level firewall and intrusion detection system. mod_fortress is designed to intercept certain CGI/HTTP attacks by acting as a non-transparent proxy between an Apache server and an HTTP client..
Platforms: *nix
License: Freeware | Size: 14.34 KB | Download (93): mod_fortress Download |
RazorBack is a log analysis program that interfaces with the SNORT open source Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Snort should be configured to send data to syslog for razorback to display the data....
Platforms: *nix
License: Freeware | Size: 26.62 KB | Download (93): RazorBack Download |
psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze Netfilter log messages to detect port scans and other suspicious traffic. psad incorporates many signatures from the Snort intrusion detection system to...
Platforms: *nix
License: Freeware | Size: 471.04 KB | Download (93): psad Download |
ModSecurity is an FREE and GPL lincesed software for intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. Whats...
Platforms: *nix
License: Freeware | Size: 634.88 KB | Download (92): ModSecurity Download |
DBIx::FetchLoop is a Perl module that can fetch with change detection and aggregates. SYNOPSIS use DBIx::FetchLoop; $lph = DBIx::FetchLoop->new($sth, $dbi_method); $hash_ref = $lph->fetch_current_data; $rowset = $hash_ref->{previous}; $rowset = $hash_ref->{current}; $rowset =...
Platforms: *nix
License: Freeware | Size: 6.14 KB | Download (92): DBIx::FetchLoop Download |
LaBrea is a intrusion detection / "sticky" honey pot technology using virtual servers to detect malware. LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers to connection attempts in a...
Platforms: *nix
License: Freeware | Size: 204.8 KB | Download (91): labrea Download |
IPAudit monitors network activity on a network by host, protocol and port. IPAudit listens to a network device in promiscuous mode, and records every connection between two ip addresses. A unique connection is determined by the ip addresses of the two machines, the protocol used between them,...
Platforms: *nix
License: Freeware | Size: 133.12 KB | Download (91): IPAudit Download |
THC-Snooze is a framework for network traffic analysis. THC-Snooze project can be used as a sniffer or a network based intrusion detection system. It will watch the network traffic and invoke small programs ("modules" or "protocol dissectors"), which are easily written in a script language, to...
Platforms: *nix
License: Freeware | Size: 95.23 KB | Download (91): THC-Snooze Download |