RSS 12 projects tagged "IDS"

Download Website Updated 25 May 2009 Realeyes IDS

Screenshot
Pop 61.82
Vit 1.49

The Realeyes IDS captures and analyzes full sessions. When an incident is reported, the graphical user interface will display both halves of the session to determine what occurred. The GUI also provides management of application users, sensors, and a database. Realeyes is a replacement for the RenaissanceCore software.

No download No website Updated 22 May 2012 LibHTP

Screenshot
Pop 28.71
Vit 39.42

LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. That can mean many things, but the only scenario in which LibHTP has been tested so far is the one when you need to parse a duplex HTTP stream that you have obtained by passively intercepting HTTP traffic. Just feed the raw TCP stream to LibHTP and it will do the rest.

Download Website Updated 09 Apr 2010 TinyIDS

Screenshot
Pop 48.00
Vit 1.00

TinyIDS is a distributed intrusion detection system (IDS) for Unix systems. It is based on the client/server architecture and has been developed with security in mind. The client, tinyids, collects information from the local system by running its collector backends. The collected information may include anything, from file contents to file metadata or even the output of system commands. The client passes all this data through a hashing algorithm and a unique checksum (hash) is calculated. This hash is then sent to one or more TinyIDS servers (tinyidsd), where it is compared with a hash that had previously been stored in the databases of those remote servers for this specific client. A response indicating the result of the hash comparison is finally sent back to the client. Management of the remotely stored hash is possible through the client's command line interface. Communication between the client and the server can be encrypted using RSA public key infrastructure (PKI).

Download No website Updated 27 Apr 2010 NSIA

Screenshot
Pop 39.94
Vit 38.12

NSIA (Network System Integrity Analysis) is a Web application monitoring system that scans sites for potentially unwanted context such as defacements, unauthorized changes, errors, information leaks, profanity, and compliance issues. It operates as an IDS (Intrusion Detection System) for Web sites.

Download Website Updated 25 Mar 2014 Suricata

Screenshot
Pop 922.74
Vit 53.03

Suricata is an Intrusion Detection and Prevention (IDS/IPS) engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support, file extraction capabilities, and many more features. It's capable of loading existing Snort rules and signatures, and supports many frontends through Barnyard2.

Download No website Updated 11 Nov 2011 WormTrack

Screenshot
Pop 30.46
Vit 1.00

WormTrack is a network IDS that allows detection of scanning worms on a LAN by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network without having privileged access on a switch to set up a dedicated monitor port. It does not require constant updating of the rules engine to address new threats.

Download No website Updated 24 Jan 2012 Hawk IDS/IPS

Screenshot
Pop 22.52
Vit 28.58

Hawk IDS/IPS is a lightweight log analyzer which was designed to be fast and efficient. It scans log files on the fly and bans IPs which make too many password failures. It adds iptables rules to reject the IP addresses. You can define the logfiles. Hawk provides a unique Web interface and flexibility, and supports sshd, dovecot, courier, pure-ftpd, proftpd, cPanel, and DirectAdmin.

No download Website Updated 06 Jul 2012 redBorder IPS

Screenshot
Pop 27.17
Vit 25.53

redBorder IPS is a high performance intrusion prevention system based on Snort running on top of a clustered pf_ring with specific enhancements. A Web management interface is provided to control a large number of such devices, including snort and device configuration, rule management, SNMP monitoring, user roles, and multi-domain support.

Download No website Updated 19 Aug 2013 LoginIDS

Screenshot
Pop 36.70
Vit 25.04

LoginIDS provides functions to analyze log files from different services in order to detect unusual login behavior. The normal user behavior is learned by analyzing log files and saved in a database. Logins are analyzed by time, service, source, and destination address. If a user's login is new or considered unlikely by LoginIDS, an alert is generated. Alerts can be handled by external scripts and viewed using the log file management system Splunk and the LoginIDS App.

No download No website Updated 15 Apr 2013 Nova: Network Anti-Reconnaissance Tool

Screenshot
Pop 93.61
Vit 1.96

Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.

Screenshot

Project Spotlight

InvestiGateIX

A Debian GNU/Linux and Apache Solr-based live system.

Screenshot

Project Spotlight

RESTClient

A Java Swing application to test RESTful Web services.