Search Results for "sensor"

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs).

...Vern and the project’s leadership team renamed Bro to Zeek in late 2018 to celebrate its expansion and continued development. Zeek is not an active security device, like a firewall or intrusion prevention system. Rather, Zeek sits on a “sensor,” a hardware, software, virtual, or cloud platform that quietly and unobtrusively observes network traffic. Zeek interprets what it sees and creates compact, high-fidelity transaction logs, file content, and fully customized output, suitable for manual review on disk or in a more analyst-friendly tool like a security and information event management (SIEM) system.

Thousands of companies trust Deepfence to secure their most critical cloud workloads and applications with a unified platform. Experience rapid threat detection and remediation, while significantly reducing non-critical security alerts by 90%. Deepfence ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk of exploit. It uncovers vulnerable software components, exposed secrets, and deviations from good security practices. ThreatMapper uses a...

Homebridge plugin provides FFmpeg-based camera support. This plugin is supported under both Homebridge and HOOBS. It is highly recommended that you use either Homebridge Config UI X or the HOOBS UI to install and configure this plugin. Other users have been sharing configurations that work for them on our GitHub site. You may want to check that to see if anyone else has gotten your model of camera working already, or share a configuration setup that works for you. The FFmpeg output command...

This tool simulates network traffic typical of an Industrial Control System (ICS) environment. It generates synthetic Modbus/TCP packets to help test monitoring and intrusion detection systems. Quick Start To use this tool, run the simulator: bash # Run for 30 seconds and save to traffic.log python lab_runner.py ics-sim --duration 30 --output traffic.log

DogoIDS is an open-source active-probing-based network intrusion detection system (AP-NIDS) for wireless multihop networks (MANETs, Wireless Mesh Networks, Sensor Networks, etc). At this stage, DogoIDS only support the IEEE 802.11s standard for Wireless Mesh Networks. DogoIDS is now under construction in a very early stage and mainly for research purposes. However, we aim to release a stable version ready for production soon. *** IMPORTANT *** We uploaded the very first experimental implementation of DogoIDS (still alpha), so expect to find bugs. ...

TRMSim-WSN (Trust and Reputation Models Simulator for Wireless Sensor Networks) is a Java-based simulator aimed to test Trust and Reputation models for WSNs. It provides several Trust and Reputation models and new ones can be easily added.

A highly configurable sensor management system that provides the ability to remotely manage Snort [Barnyard] based Intrusion Detection Systems, push configuration files, monitor sensor health, and view Snort alerts all from a clean simple web interface.

HoneyBow sensor, a malware collect tool based on the high interaction honeypot. Released under the name of mwcollect.org, can be integrated with nepenthes sensor and the mwcollect alliance’s GOTEK architecture.

Simple Perl script for parsing Cisco IEV IDS sensor data and generating an actionable IDS report

TACS (Trust Ant Colony System) is a Trust model for P2P, Ad-hoc and Wireless Sensor networks (also valid for multi-agent systems) based on the bio-inspired algorithm ACS (Ant Colony System).

A framework for information security management. It has the centralized server for managing the IDS sensors, log consolidation and correlation, report generation etc. Also it has customized IDS sensor based on snort.

A framework for requesting packet traces via a SIMs context tool menu. Utilizing Perl as a wrapper for ssh and scp to access a PCAP datastore on a remote sensor. The remote sensor is a hardened server running a packetlogger(snort/tcpdump/dumpcap).

sntm is a Qt based GUI snort monitor. Currently, it is capable of monitoring multiple snort sensors in a centralized monitor screen. Each snort sensor creates a SSL encrypted communication thread to connect to the moniter server.

Rule MANagaer for Snort A PHP addon for snort to manage the rulesets on multiple sensors from a central Snort MySQL db. Main Features: Ruleset merging by group from snort CVS. Automatic sensor update from central DB

Firestorm is an extremely high performance network intrusion detection system (NIDS). At the moment it just a sensor but plans are to include real support for analysis, reporting, remote console and on-the-fly sensor configuration. It is fully pluggab

Prelude is an Hybrid Intrusion Detection system. It is composed of differents sensors and of a Manager. Currently distributed is an NIDS sensor. the Manager is for reporting attacks in an user readable form. Prelude is completly modulable and distributed.