Open Source Products and Tools Intrusion Detection Systems Security

Provides open source application to check for presence of rootkits installed on Linux/Unix machines. Links to security related sites.

    Top: Computers: Security: Intrusion Detection Systems: Products and Tools: Open Source

See Also:
Editor's Picks:

Snort* - A free lightweight network intrusion detection system for UNIX and Windows.

  • Panoptis - Network-IDS that detects and stops DoS/DDoS attacks by using real-time intrusion detection systems Cisco NetFlow data.
  • LAk Intrusion Prevention System - A single compilation of source, binaries, scripts and open source whitepapers on intrusion prevention systems. The aim open source is to quickly establish a working IPS within open source minutes.
  • Chkrootkit - Provides open source application to check for presence of rootkits installed on Linux/Unix machines. Links to security related sites.
  • Shadow Intrusion and Network Analysis - Shadow is an intrusion-detection system from the Naval products and tools Surface Warfare Center, shows promise in detecting previously products and tools unknown attacks for which no known detection signatures products and tools exist.
  • Advanced Intrusion Detection Environment - AIDE is a file integrity checker that supports regular expressions. Licensed with GPL.
  • QuIDScor IDS/VA correlation - QuIDScor is an Open Source project demonstrating the value in correlating information between Intrusion Detection Systems (such as Snort) and vulnerability assessment and management platforms such as QualysGuard.
  • Fail2Ban - fail2ban is a POSIX/Linux tool used to ban open source IP open source addresses that generate too many password failures. open source ssh, open source iptables, ipfwadm and ipfw are currently open source supported.
  • Honeyd - Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet or for network monitoring. For *BSD, GNU/Linux, and Solaris.
  • ACID (Analysis Console for Intrusion Databases) - Powerful PHP-based data analysis tool for network security events captured by many common IDS tools, including snort and tcpdump.
  • Streamline - An open source stream-based operating system I/O subsystem intrusion detection systems that minimizes copying and context switching and moves intrusion detection systems I/O processing to the most suitable resource. News, intrusion detection systems downloads, documentation and forum.
  • SnortSMS Project - A configurable web-base administration console written in PHP which can remotely manage, control, and monitor multiple Snort based Intrusion Detection System sensors.
  • Systrace (Interactive Policy Generation for System Calls) - Systrace enforces system call policies for applications by open source interactively products and tools constraining the application\\'s access to the system open source (*bsd and products and tools Linux). Systrace is able to open source monitor daemons on products and tools remote machines and generate warnings open source at a central location.
  • sLink project - sLink consists of a daemon and a suite intrusion detection systems open source of cgi programs which provide a web administration intrusion detection systems open source interface to an EDM/BOSCH Solution16 Alarm Panel.
  • The Osiris Scripts - A tripwire-like utility which uses MD5 to check files for products and tools modifications.
  • LIDS Project - Secure Linux System - LIDS is an enhancement for the Linux kernel products and tools written by Xie Huagang and Philippe Biondi. It products and tools implements several security features that are not in products and tools the Linux kernel natively. Some of these include: products and tools mandatory access controls (MAC), a port scan detector, products and tools file p
  • Passive OS Fingerprinting (pOf) - An advanced passive OS/network fingerprinting utility for use intrusion detection systems open source in IDS environments, honeypots environments, firewalls and servers.
  • Firestorm Network Intrusion Detection System - Firestorm is a high-performance GPL-licensed network intrusion detection products and tools products and tools system (NIDS). Features include being fully pluggable, products and tools products and tools easily configurable, and an extremely scalable signature engine.
  • Rootkit Hunter - Open-source GPL rootkit scanner for Unix-like systems. products and tools open source Scans for rootkits, trojans, backdoors and local exploits. products and tools open source Tests include scanning of plaintext and binary products and tools open source files for MD5 hash comparisons, default rootkit files, products and tools open source binary permissions, suspect LKM/KLD m
  • PreludeIDS Technologies - Distributed hybrid IDS framework, that collects and aggregates event reports intrusion detection systems from available security systems, and analyses them on a central intrusion detection systems system.
  • Snortattack - An intrusion protection system in the form of products and tools intrusion detection systems a bash shell script that is designed to products and tools intrusion detection systems make the installation of Snort in inline mode products and tools intrusion detection systems on Fedora or Debian as easy as possible.
  • IDABench - IDABench is a pluggable framework for intrusion analysis built upon products and tools the Naval Surface Warfare Center, Dahlgren Division\\'s SHADOW versions 1.7 products and tools and 1.8. Scripts can be extended via plugins that products and tools pass packet data to (and output from) most libpcap-based tools
  • Snortalog - Perl-based log analysis tool that summarizes network security products and tools intrusion detection systems events from any native snort database format.

   MySQL - Cache Direct