(Page 11 of 12)   < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >

Category: Intrusion Detection » Network

JIDS - Joint Intrusion Detection System
Added 2001-10-22
by Lawrence Livermore National Lab
Joint Intrusion Detection System - JIDS is a project that combines the best features from NSM (Network Security Monitor) and ASIM (Automated Security Incident Measure). Although differences exist between the three systems, they have substantially the same capabilities. JIDS can detect three Network Layer attacks: SATAN scans, TCP SYN attacks, and IP port scanning. JIDS has both command line and X user interfaces. Configuration is accomplished by editing files with a Unix editor. JIDS is only available to US DOD employees or contractors.

NADIR - Network Anomaly Detection and Intrusion Reporter
Added 2001-10-22
by Los Alamos National Labratory
Network Anomaly Detection and Intrusion Reporter - NADIR is a rules-based expert system that automatically detects intrusion attempts and other security anomalies on its large supercomputer network. Large computing networks generate huge logs of security relevant activity. Analysis and correlation of significant incidents is impossible using manual techniques. NADIR is an application designed to automate the detection of security incidents. A client-server model is used, with Unix-based workstations running Sybase. This technology is currently being applied for fraud detection in electronic tax return filing for the IRS. It is also successfully being applied in the commercial sector to aid in credit card fraud detection.

Added 2001-10-22
by Aaron Rhodes
This module allows Python functions to process packets captured with the libpcap library (used by tcpdump and many other packages.) It currently runs on Linux.

IP Logger
Added 2001-10-22
by Odin
iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. Adding support for other protocols should be relatively easy. iplog contains a built-in packet filter, allowing for logging or excluding packets that fit a given set of criteria.

IDS Alert Script for FW-1
Added 2001-10-22
by Lance Spitzner, lance@spitzner.net
Flexible network based IDS script for CheckPoint Firewall-1 installations. Build Intrusion Detection into your firewall. Features include: Automated alerting, logging, and archiving Automated blocking of attacking source Automated identification and email remote site Installation and test script Fully configurable Ver 1.3 Optimized for performance, over 50% speed increase.

Added 2001-10-22
by Los Altos Technologies
Gabriel is a free SATAN scan detector.

Added 2001-10-22
by John C. Hennessy
Netbusd is a unix clone of netbuster for windows95. It logs netbus attempts to the syslog messages file.

Added 2001-10-22
by CyberMedia Software Private Limited
CyberSensor enables spying on any WIN32 API call. You can install any number of prehandlers and posthandlers for the API call. It enables spying on a specific process, its children or allows you to put a system wide hook. Features: Network based Machine Activity Monitor (NMAM) will be able to spy remotely on all the machines in the network. This can be used for monitoring user activity. The activities which can be monitored include Registry, File System, Internet, E-mails, Security, etc; API Library for writing your own spys; Framework for adding new monitors to NMAM; No configuration requirements on individual machines in the network; Centralized User Interface for the entire network. By Cybermedia Software Private Limited (CSPL). diskmon.zip Mon Aug 16 17:25:10 1999 8K This is a Gui/device driver program that watches all hard disk activity.

Hummer Project IDS
Added 2001-10-22
by Project Hummer, hummer@csds.uidaho.edu
The HummingBird System developed for Dr. Deborah Frincke is an Intrusion Detection System for large networks. The System collects activity logs from local systems and forwards them to managing systems. In this way a single system administrator could collect misused data about a large network of computers. The project seeks to augment the current system, in order to allow for a peer-to-peer management system, an auto-configuration system, and improve build and control devices from the web page. The peer management system designed will allow HummingBird Managers to communicate across the web. Currently, this does not happen. Managers may only communicate with subordinates within a given network. The new system will allow managers to communicate with other managers and make decisions based on information gathered from other peers across the network. The configuration system will be web based and allow a manager to configure its subordinates automatically.

Added 2001-10-22
by Eric Molitor, eric@molitor.org
OverCR is intended to be a GPL replacement for Big Brother System and Network Monitoring (A non-free program).

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus