ACID (Analysis Console for Intrusion Databases)
Powerful PHP-based data analysis tool for network security events captured by many common IDS tools, including snort and tcpdump.
Advanced Intrusion Detection Environment
AIDE is a file integrity checker that supports regular expressions. Licensed with GPL.
Chkrootkit
Provides open source application to check for presence of rootkits installed on Linux/Unix machines. Links to security related sites.
Fail2Ban
fail2ban is a POSIX/Linux tool used to ban IP addresses that generate too many password failures. ssh, iptables, ipfwadm and ipfw are currently supported.
Fairly Fast Packet Filter
The Fairly Fast Packet Filter (FFPF) is a network monitoring framework for Linux. FFPF achieves high throughput by pushing computationally intensive tasks to the kernel or even network processors and by minimising packet copying.
Firestorm Network Intrusion Detection System
Firestorm is a high-performance GPL-licensed network intrusion detection system (NIDS). Features include being fully pluggable, easily configurable, and an extremely scalable signature engine.
Honeyd
Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet or for network monitoring. For *BSD, GNU/Linux, and Solaris.
IDABench
IDABench is a pluggable framework for intrusion analysis built upon the Naval Surface Warfare Center, Dahlgren Division's SHADOW versions 1.7 and 1.8. Scripts can be extended via plugins that pass packet data to (and output from) most libpcap-based tools.
Idsa
Experimental intrusion detection system and reference monitor designed to run at application level. For Linux. GPL/LGPL.
LAk Intrusion Prevention System
A single compilation of source, binaries, scripts and whitepapers on intrusion prevention systems. The aim is to quickly establish a working IPS within minutes.
Results: 1 2 3 Next
