Search Results for "ntrusion detection/prevention system (ids/ips"

... behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors.

Kong is a next generation cloud-native API platform for multi-cloud and hybrid organizations. When building for the web, mobile, or Internet of Things, you’ll need a common functionality to run your software, and Kong is that solution. Kong acts as a gateway, connecting microservices requests and APIs natively while also providing load balancing, logging, monitoring, authentication, rate-limiting, and so much more through plugins. Kong is highly extensible as well as platform agnostic,...

Endian Firewall Community (EFW) is a "turn-key" linux security distribution that makes your system a full featured security appliance with Unified Threat Management (UTM) functionalities. The software has been designed for the best usability: very easy to install, use and manage and still greatly flexible. The feature suite includes stateful packet inspection firewall, application-level proxies for various protocols (HTTP, FTP, POP3, SMTP) with antivirus support, virus and spam-filtering...

... in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. In the virtual world, NST can be used as a network security analysis, validation and monitoring tool on enterprise virtual servers hosting virtual machines.

The architecture of the system is integrated by different Fingerprinting mechanisms. The system is designed from a core that avoids the detection of sdhash and Memory analysis Built-in security, allows anonymous browsing by filtering requests external identification, Exit Tor Nodes and using the TOR Fingerprinting structure The system is designed to navigate without being detected or registered by any search engine or online platform denying all types of response to servers...

N.S.M Lite is a simple and easy way to manage your signatures for your Snort based IDS/IPS implementation, which can improve IDS/IPS signature development for accurate detection of malicious malware. Additionally, N.S.M can be used a learning tool to help you understand the complex nature of Intrusion Detection and/or Prevention (IDP) signatures for the Snort platform.

DogoIDS is an open-source active-probing-based network intrusion detection system (AP-NIDS) for wireless multihop networks (MANETs, Wireless Mesh Networks, Sensor Networks, etc). At this stage, DogoIDS only support the IEEE 802.11s standard for Wireless Mesh Networks. DogoIDS is now under construction in a very early stage and mainly for research purposes. However, we aim to release a stable version ready for production soon. *** IMPORTANT *** We uploaded the very first experimental...

NetDash is a network dashboard and intrusion detection system. NetDash passively collects network traffic and then stores key information to be analyzed for unwanted network activity. NetDash captures all traffic passed over the network and stores that traffic in a PCAP file that can be downloaded and analyzed with other tools such as Wireshark. NetDash processes each PCAP file and stores relevant information about each packet captured in a MySQL database. Loaded NetDash plugins display...

Jidgen is an easy-to-use, but powerful Java-based id generator. It uses templates for automated id generation and optional collision detection to avoid duplicate ids.

The Kernel Intrusion Detection System-KIDS, is a Network IDS, where the main part, packets grab/string match, is running at kernelspace, with a hook of Netfilter Framework. The project is not ready for use, then incomplete pieces of code may be found.

HLBR is an IPS (Intrusion Prevention System) that can filter packets in the OSI layer 2. Detection of malicious traffic is done by rules. It can even be used as bridge to honeypots. The HLBR is a firewall element and can use regular expressions. Warning: this project was discontinued and should not be used in production networks. There are several bugs.

This is an NIDS/HIDS, Network plus Host based Intrusion Detection System. Este é um NIDS / HIDS, Sistema de Detecção de Invasões Baseado em Redes e em Máquinas.

inundator is a tool used to anonymously inundate intrusion detection logs with false positives to obfuscate a real attack, leaving the IDS analyst feeling completely inundated.

Simple Intrusion Detection System which monitors failed access (SSH and Dovecot) attempts. If hack attempt is detected above the configurable threshold level then a number of actions are taken to block the IP and alert administrators of the attempts.

ROOK is multi-session based Intrusion Detection System (IDS). ROOK can recognize correlations between sessions (TCP, UDP and ICMP sessions) to detect network security events.

SURFnet IDS, a Distributed Intrusion Detection System (D-IDS). The goal is to provide an early warning system which lets system administrators correlate known and unknown exploits to attacks directed towards their networks.

Labrador is a Host-based Intrusion Detection System (HIDS) and Integrity Checker written entirely in Perl. It aims to be a complete, free, multiplatform, and open-source solution for detecting modifications and tamperings in files.

WARNING: Project moved to http://github.com/plashchynski/viewssld viewssld is a free and open source non-terminating SSLv2/SSLv3/TLS traffic decryption daemon for Snort and other Network Intrusion Detection Systems (IDS).

serverM is an extremely flexible signature-based host-based intrusion detection system (HIDS). Running as a Perl daemon, it uses little CPU, and is capable of detecting a wide range of intrusions. Signature language is powerful and alarm options varied.

Linux Kernel Immune System (KIS). KIS is a immune-inspired Intrusion Prevention System (IPS) developed as part of the Linux kernel. It's a hybrid of anomaly and signature based approaches.

Secwatch is an intrusion detection system using log analysis to detect service scan and other brute-force attempts on a server or other computer using system logs and will create temporary firewall rules to block offending IPs

PyIDS is an intrusion detection system whose aim is to provide concise information to administrators about some parts of the system i.e filesystem checksums, unknown connections to the machine, access control lists of special files, log revision...

Development of Linux kernel extensions which enable intrusion detection and prevention functionalities based on NSA's SELinux (http://www.nsa.gov/selinux/).

PADS is a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts.

M-ICE is a modular hostbased intrusion detection framework. It is used as middleware to close the gap between IDS research and IDS development. M-ICE consists of various parts that can be connected together by using network-or interprocess-communication