I-AM-DOH

IAMDOH is a tool designed to increase the reliability of an IDS by reducing the number of false positives. It uses existing reliable tools like Nmap, Nessus, and Amap to validate IDS alerts based on the following criteria and techniques: OS identification, service identification, port scanning, vulnerability scanning, online CVE and bug interpretation, and server importance weighting. It only works with Snort at the moment.