Community-supported view of Intrusion Detection and Intrusion Prevention Systems. Focus on open source technologies, methods, and data analysis related to IDS/IPS.
More information
More information
Related categories 1
Sites 17
Powerful PHP-based data analysis tool for network security events captured by many common IDS tools, including snort and tcpdump.
A file integrity checker that supports regular expressions. Licensed with GPL.
Provides open source application to check for presence of rootkits installed on Linux/Unix machines. Links to security related sites.
Monitors log files and bans failure-prone addresses. Updates firewall rules to reject the IP address or execute user defined commands.
Firestorm is a high-performance GPL-licensed network intrusion detection system (NIDS). Features include being fully pluggable, easily configurable, and an extremely scalable signature engine.
A pluggable framework for intrusion analysis built upon the Naval Surface Warfare Center, Dahlgren Division's SHADOW versions 1.7 and 1.8. Scripts can be extended via plugins that pass packet data to (and output from) most libpcap-based tools.
A single compilation of source, binaries, scripts and whitepapers on intrusion prevention systems. The aim is to quickly establish a working IPS within minutes.
Network-IDS that detects and stops DoS/DDoS attacks by using real-time Cisco NetFlow data.
An advanced passive OS/network fingerprinting utility for use in IDS environments, honeypots environments, firewalls and servers.
Distributed hybrid IDS framework, that collects and aggregates event reports from available security systems, and analyses them on a central system.
An open source project demonstrating the value in correlating information between Intrusion Detection Systems and vulnerability assessment and management platforms.
Open-source GPL rootkit scanner for Unix-like systems. Scans for rootkits, trojans, backdoors and local exploits.
An open source host-based real-time intrusion detection system for Linux and Mac OS X based systems.
Consists of a daemon and a suite of cgi programs which provide a web administration interface to an EDM/BOSCH Solution16 Alarm Panel.
An open source lightweight network intrusion detection system for UNIX and Windows.
Perl-based log analysis tool that summarizes network security events from any native snort database format.
A configurable web-base administration console written in PHP which can remotely manage, control, and monitor multiple Snort based Intrusion Detection System sensors.
A pluggable framework for intrusion analysis built upon the Naval Surface Warfare Center, Dahlgren Division's SHADOW versions 1.7 and 1.8. Scripts can be extended via plugins that pass packet data to (and output from) most libpcap-based tools.
A file integrity checker that supports regular expressions. Licensed with GPL.
Open-source GPL rootkit scanner for Unix-like systems. Scans for rootkits, trojans, backdoors and local exploits.
An open source host-based real-time intrusion detection system for Linux and Mac OS X based systems.
A configurable web-base administration console written in PHP which can remotely manage, control, and monitor multiple Snort based Intrusion Detection System sensors.
Monitors log files and bans failure-prone addresses. Updates firewall rules to reject the IP address or execute user defined commands.
Distributed hybrid IDS framework, that collects and aggregates event reports from available security systems, and analyses them on a central system.
An advanced passive OS/network fingerprinting utility for use in IDS environments, honeypots environments, firewalls and servers.
An open source lightweight network intrusion detection system for UNIX and Windows.
Consists of a daemon and a suite of cgi programs which provide a web administration interface to an EDM/BOSCH Solution16 Alarm Panel.
An open source project demonstrating the value in correlating information between Intrusion Detection Systems and vulnerability assessment and management platforms.
Firestorm is a high-performance GPL-licensed network intrusion detection system (NIDS). Features include being fully pluggable, easily configurable, and an extremely scalable signature engine.
Network-IDS that detects and stops DoS/DDoS attacks by using real-time Cisco NetFlow data.
Provides open source application to check for presence of rootkits installed on Linux/Unix machines. Links to security related sites.
Perl-based log analysis tool that summarizes network security events from any native snort database format.
Powerful PHP-based data analysis tool for network security events captured by many common IDS tools, including snort and tcpdump.
A single compilation of source, binaries, scripts and whitepapers on intrusion prevention systems. The aim is to quickly establish a working IPS within minutes.
