This is the fork of the SHADOW IDS produced in 2003. It has been updated to work on modern (SystemD, OpenRC) GNU suites. The original developers added the plugable architecture. It has been tweaked for TSHARK. It requires a CGI web server.
It will run tcpdump 24x7x???. It will render initial analysis, and searchability.
# idabench Version 1.0.1
idabench is public domain software and may be freely used and #
distributed with or without modification. #
Features
- Traffic Capture
- Forensic Review
- Deep Packet Inspection
- Anomaly Detection
Categories
SecurityFollow IDABench
You Might Also Like
Rate This Project
Login To Rate This Project
User Reviews
-
I have been running this since its release in 2003. It is resilient, robust, and scalable. It needs some work. It renders a full or partial view of any wire. If your tcpdump is IPV6 capable, so is IDABench. If you have another capture tool that is not included, send us a plug-in. If you find a problem, vulnerability, or other breakage... Thank you. We want to make this better.