Added: July 05, 2010 | Visits: 1.404
Hogwash Light BR is an Intrusion Prevention System that can filter packets directly in the layer 2 of the OSI model (so the machine doesnt need even an IP address). Detection of malicious/anomalous traffic is done by rules based in signatures, and the user can add more rules. It is an efficient...
Platforms: *nix
Added: February 17, 2010 | Visits: 1.190
pynids is a python wrapper for libnids, a Network Intrusion Detection System library offering sniffing, IP defragmentation, TCP stream reassembly and TCP port scan detection. Let your own python routines examine (or kill) network links. pynids is free software, licensed under the GPL. To...
Platforms: *nix
Added: November 11, 2010 | Visits: 1.162
Kernel Configuration Comparison (kccmp) provides a GUI for comparing two Linux kernel ".config" files. It shows configuration variables with different values in a tabular format. It also shows configuration variables found in only one of the input configuration files. Building: kccmp by...
Platforms: *nix
Added: September 15, 2010 | Visits: 1.015
LEAF Bering-uClibc is the successor of the Bering distribution. Replacing glibc with uClibc a significantly smaller distribution is possible. All packages are ipv6-ready and based on the latest sources. It also provides a new and enhanced package management. LEAF Bering-uClibc is available for...
Platforms: *nix
Added: April 23, 2010 | Visits: 991
Libnids is an implementation of an E-component of Network Intrusion Detection System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP defragmentation, TCP stream assembly and TCP port scan detection. The most valuable feature of libnids is reliability. A number of tests were...
Platforms: *nix
Added: April 14, 2010 | Visits: 1.058
ImSafe (Immune Security For your Enterprise) is a host-based intrusion detection tool. After a learning phase, it is able to detect changes in processes behavior, to detect buffer overflows, etc. It is implemented through a device driver (as a kernel patch) for the Linux kernel, but can also be...
Platforms: *nix
Released: June 09, 2013
|
Added: June 30, 2013 | Visits: 816
Udp Client Sever is a useful network utility for testing network programs, network services, firewalls and intrusion detection systems. Udp Client Sever can also be used for debugging network programs and configuring other network tools. The tool can work as a Udp client and Udp server, send and...
Platforms: Windows
Added: April 01, 2010 | Visits: 980
Samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows). samhain project has been designed to monitor multiple hosts with potentially different operating systems from a central...
Platforms: *nix
Added: February 19, 2010 | Visits: 1.072
SID-IDS is a host intrusion detection system. Shell/PTY Intrusion Detection: Aims at detecting unwanted PTY action on UNIX systems. SID-IDS is a Host Intrusion Detection System. Consists of a kernel part and a user part. The kernel part plugs into terminal processing subsystem and logs hashed...
Platforms: *nix
Added: January 12, 2010 | Visits: 980
Devialog is a behavior/anomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog. Present log-based IDS: Nearly all present log-based intrusion detection systems operate using a pre-defined known signature base, usually painstakingly created by hand. They...
Platforms: *nix
Added: August 15, 2010 | Visits: 1.119
SIDEN is a distributed network discovery tool used for intrusion detection research. The current SIDEN architecture allows you to simulate coordinated/distributed network probes by a group of attackers. SIDEN has been tested successfully on the OpenBSD and FreeBSD operating systems. If you try...
Platforms: *nix
Added: November 22, 2010 | Visits: 742
PushSite provides an utility to update remote site. Pushsite is intended for updating remote websites -- its like mirroring but in reverse. It only sends the changed/new files to conserve bandwidth. Of course, it has other applications too (e.g. software distribution). PushSite can detect...
Platforms: *nix
Added: September 08, 2010 | Visits: 813
mod_fortress is an application level firewall and intrusion detection system. mod_fortress is designed to intercept certain CGI/HTTP attacks by acting as a non-transparent proxy between an Apache server and an HTTP client..
Platforms: *nix
Added: January 07, 2010 | Visits: 1.059
RazorBack is a log analysis program that interfaces with the SNORT open source Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. Snort should be configured to send data to syslog for razorback to display the data....
Platforms: *nix
Added: April 09, 2010 | Visits: 992
psad is a collection of three lightweight system daemons (two main daemons and one helper daemon) that run on Linux machines and analyze Netfilter log messages to detect port scans and other suspicious traffic. psad incorporates many signatures from the Snort intrusion detection system to...
Platforms: *nix
Added: January 20, 2010 | Visits: 1.002
ModSecurity is an FREE and GPL lincesed software for intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks. Whats...
Platforms: *nix
Added: April 06, 2010 | Visits: 640
DBIx::FetchLoop is a Perl module that can fetch with change detection and aggregates. SYNOPSIS use DBIx::FetchLoop; $lph = DBIx::FetchLoop->new($sth, $dbi_method); $hash_ref = $lph->fetch_current_data; $rowset = $hash_ref->{previous}; $rowset = $hash_ref->{current}; $rowset =...
Platforms: *nix
Added: September 25, 2010 | Visits: 992
LaBrea is a intrusion detection / "sticky" honey pot technology using virtual servers to detect malware. LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers to connection attempts in a...
Platforms: *nix
Added: June 20, 2010 | Visits: 966
IPAudit monitors network activity on a network by host, protocol and port. IPAudit listens to a network device in promiscuous mode, and records every connection between two ip addresses. A unique connection is determined by the ip addresses of the two machines, the protocol used between them,...
Platforms: *nix
Added: November 11, 2010 | Visits: 912
THC-Snooze is a framework for network traffic analysis. THC-Snooze project can be used as a sniffer or a network based intrusion detection system. It will watch the network traffic and invoke small programs ("modules" or "protocol dissectors"), which are easily written in a script language, to...
Platforms: *nix
Windows Software
Albina Merfyn - I find this to be really easy to use. I can...
