Search Results for "ids ips"

SELKS is a free and open source Debian-based IDS/IPS/Network Security Monitoring platform released under GPLv3 from Stamus Networks. SELKS can be installed via docker-compose on any Linux or Windows OS. Once installed it is ready to use out of the box solution. SELKS ISOs are also available for air-gapped environments or bare metal or VM installation. SELKS is a showcase of what Suricata IDS/IPS/NSM can do and the network protocol monitoring logs and alerts it produces. ...

Rhythm Host Intrusion Prevention System is a log file monitor IDS/IPS for Windows. RHIPS can alert you via email when it matches detection criteria or execute a custom command. For alerting and response specify the number of instances before alerting or taking action. If specifying a command action another command can be run later on a timed basis. Port to IP address correlation allows for the connecting IP address to be identified and action taken against it.

WAFEP is designed to assess the attack vector support of web application firewalls and application IDS/IPS modules. It operates through an "attacker website" with links, forms, browser controls and other request initiators which send a collection of malicious payloads through the WAF to a target application, which in turn, checks which payloads were blocked and which passed successfully. The WAFEP application serves as both the "attacker" website and the "target" website, and thus, should ideally be used in twin instances - one BEHIND the WAF (the defender/target website), and another before the WAF (the attacker website). ...

N.S.M Lite is a simple and easy way to manage your signatures for your Snort based IDS/IPS implementation, which can improve IDS/IPS signature development for accurate detection of malicious malware. Additionally, N.S.M can be used a learning tool to help you understand the complex nature of Intrusion Detection and/or Prevention (IDP) signatures for the Snort platform.

Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.

The goal of this project is to create a conversion utility to translate custom Snort rules into a format that can be used on Cisco IDS/IPS device.

A complex log parser that allows for the scripting of actions, updating databases, on-the-fly configuration and much more. Aggregate logs from disparate systems (i.e. Apache, IPS/IDS and various sensors) and take action on events through external scripts

Network Threat Simulation Tool (NTST) will be able to effectively simulate any network security threat including worms, Trojans, spywares, & exploits. It will help in testing the effectiveness of network security devices like IDS/IPS/Firewall.