WormTrack is a network IDS that allows detection of scanning worms on a LAN by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network without having privileged access on a switch to set up a dedicated monitor port. It does not require constant updating of the rules engine to address new threats.
|Tags||Security Linux IDS Networking|
|Operating Systems||Linux Unix FreeBSD Mac OS X|
Release Notes: Proof of concept.