Projects / Prelude NIDS

Prelude NIDS

Prelude NIDS is the network-based sensor program part of the Prelude Hybrid IDS suite. It provides network monitoring with fast pattern matching (Boyer-Moore) to detect attacks against a network. It includes advanced mechanisms such as a generic signature engine which is able to understand any ruleset as long as there is a dedicated parser, protocol and detection analysis plugins featuring Telnet, RPC, HTTP, and FTP decoding and preprocessors for cross-platform polymorphic shellcodes detection, ARP misuse detection, and scanning detection. It supports IP fragmentation and TCP segmentation to track connections and detect stateful events.

Tags
Licenses
Operating Systems

Recent releases

  •  09 Dec 2003 15:44

    Release Notes: The program no longer confuses the user with an error message when listening in stealth mode. A bug that could impact matching of some rules that use an absolute offset was fixed. The missing COPYING.OpenSSL file was added.

    •  22 Oct 2003 16:22

      Release Notes: A long-standing TCP reassembly assertion failure that was due to partly acked packet was fixed.

      •  06 Oct 2003 00:46

        Release Notes: This release adds a workaround for a 100% CPU usage bug which occurred on OpenBSD due to buggy thread handling, adds missing classification and reference.config ruleset files, fixes capturing on some OpenBSD devices, and merges the modified libpcap with libpcap 0.7.2.

        •  24 Sep 2003 02:54

          Release Notes: This release adds missing Snort 2.0.x rulesets files.

          •  22 Sep 2003 22:36

            Release Notes: Snort 2.0.x ruleset compatibility (distance, within, flow, byte_test, byte_jump implementation). This release works under Solaris 8. A possible race condition with asynchronous timer handling, many TCP stream reassembly bugs, and many other bugs have been fixed.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.