Search Results for "intrusion and detection and system"

... behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors.

ProxySQL is an open source, high performance, high availability, database protocol-aware proxy for MySQL. It was created due to a lack of high performance open source proxies, and is able to scale millions of connections across hundreds of thousands of backend servers, all while getting the freedom of being open source. ProxySQL provides end-to-end MySQL connection handling, real-time statistics and database traffic inspection. It's got failover detection, rich query rule definitions...

..., including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances.

Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering...

Netdeep Secure is a Linux distribution with focus on network security. Is a Next Generation Open Source Firewall, which provides virtually all perimeter security features that your company may need. It offers Web content filters, ensuring better performance of the network, allowing users to use the service efficiently and securely, providing a deep control of the use of the Web access service, blocking access to unwanted websites, Virus, Spam, Applications and intrusion attempts. Its...

[antispam] MailCleaner is an anti-spam / anti-virus filter SMTP gateway with user and admin web interfaces, quarantine, multi-domains, multi-templates, multi-languages. Using Bayes, RBLs, Spamassassin, MailScanner, ClamAV. Based on Debian. Enterprise ready. MailCleaner is an anti spam gateway installed between your mail infrastructure and the Internet. It includes a complete GNU/Linux OS and a graphical web interface for user and administrative access. It comes in the form of virtual machine...

... 2.24, which is led by "Claudio" and "Marcelo - Brazil", running only on floppy disks, and being 2.30.1 the last version with this support . The following versions, as well having automatic detection of network cards, only run on large capacity media, such as hard disk (HD). Versions in Development: * 2.33.x: Uses kernel 2.4.x and is developed by Marcinho Samurai. * 3.x: Uses kernel 4.x and is developed by WoshMan

... as the response body. * Real-time detection (File Guard). * Response body filter (Web Filter). * Powerful access control and firewall policies. * Easy to setup; your PHP scripts do not require modifications. * Works with any PHP applications, even those encoded with ionCube and ZendGuard. * Management administration console. * One-click updates. * Centralized logging. * And many more...

.../ http://artikelschreiber.net/ http://sebastianenger.com/ http://unaique.de/ http://unaique.org/ Added Setup Instructions for Wordpress Content Management System. Added Facebook Bot Support for "Facebot/1.0". Add this code to your website to prevent unauthorized stealing of your valuable content & block malicious bots from crawling your site.

Securepoint Antivirus eCAP adapter for Squid 3.1 and above.

Java-based Open Source WAF (Web Application Firewall) to include inside a web application in order to protect it against attacks like Cross-Site Request Forgery (CSRF), Parameter Manipulation and more.

The Kernel Intrusion Detection System-KIDS, is a Network IDS, where the main part, packets grab/string match, is running at kernelspace, with a hook of Netfilter Framework. The project is not ready for use, then incomplete pieces of code may be found.

A command line tool that allows you to (live) analyze netfilter (iptables) log files. It provides a nice output and has features like displaying hostnames, duplicate detection... More info (+ screenshots) can be found in the pdf inside the tarball.

HLBR is an IPS (Intrusion Prevention System) that can filter packets in the OSI layer 2. Detection of malicious traffic is done by rules. It can even be used as bridge to honeypots. The HLBR is a firewall element and can use regular expressions. Warning: this project was discontinued and should not be used in production networks. There are several bugs.

This is an NIDS/HIDS, Network plus Host based Intrusion Detection System. Este é um NIDS / HIDS, Sistema de Detecção de Invasões Baseado em Redes e em Máquinas.

inundator is a tool used to anonymously inundate intrusion detection logs with false positives to obfuscate a real attack, leaving the IDS analyst feeling completely inundated.

BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.

PACtory is a highly customizable way for handling proxy configuration settings with a dynamically created .pac-File, also known as "Windows Proxy Auto Detection" or "wpad.dat"-File, which is generated on the fly while the client is requesting it.

Nebula automatically generates intrusion signatures from attack traces. It runs as a daemon accepting attack submissions from honeypots.

Siganture Translator is a Java application which can translate signatures between different IDS's and Common Intrusion Detection Signatures Standard (CIDSS).

This is a Host based Intrusion Detection system, it consists of 4 components viz.Port scan detector,Policy Enforcer,Network Statistics,and Vulnerability detector. The backend programs are written in C, the front end is made using Qt Designer and Glade.

IpTables Extension and Kernel Modul ipt_PORTNETSCAN English Detection of PORTSCAN's, NETSCAN's and COMBINEDSCAN's using quotas. Deutsch: PORTSCAN, NETSCAN und COMBINEDSCAN Erkennung auf Basis von IpTables_Regeln. Für die Erkennung können verschieden

Gardol monitors system log files to detect denial of service and other attacks and blocks attacking sites with Linux iptables. Attack detection rules may be programmed in Perl.

IceIDS is heuristic Network Intrusion Detection System (NIDS) based on calculating Student's distributions of network traffic.

syndetector is a software which can detect and drop packet when a synflood attack is detected ! Based on a simple detection system (by the use of iptables and libipq) and on a simple use It is realy easy to setup this software.