(Page 8 of 12)   < Prev  2 3 4 5 6 7 8 9 10 11 12  Next >

Category: Intrusion Detection » Network

Firestorm IDS
Added 2001-10-22
by Gianni Tedesco, scaramanga@barrysworld.com
Firestorm is a very lightweight and flexible base for a heirarchical NIDS. It aims to be very fast and support many open protocols and formats. It will also support SQL integration, and all the other features a commercial system would offer.

Sentinel Security Toolkit
Added 2001-10-22
by Zurk
Sentinel is a fast file scanner similar to Tripwire or Viper with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database. Disclaimer: this is not a security toolkit. It is a single purpose file/drive scanning program. Available versions are for linux (tested on all current Slackware and RedHat releases), with Irix versions soon to be added on.

Added 2001-10-22
by Frank Denis
IPtrap listens to several TCP ports to simulate fake services (X11, Netbios, DNS, etc) . When a remote client connects to one of these ports, his IP address gets immediately firewalled and an alert is logged. It runs with iptables and ipchains, but any external script can also be launched. IPv6 is supported.

Added 2001-10-22
by Yoann Vandoorselaere
Prelude is a Network Intrusion Detection system. It is composed of the Prelude and Prelude Report programs. The first is for packet capture and data analysis, the second, for reporting attacks in a user readable form. Other important and current features of Prelude are an IP defragmentation stack and detection plugins with persistant state.

Added 2001-10-22
by FoxThree
TraceDet is a Traceroute Detector for Windows NT. Basically, it detects and logs if somebody trace routes to your host. The idea is that when somebody traces to your host, you receive IP packets with TTL value equal to 1. So, TraceDet looks out for such packets. Requires WinPCAP Drivers.

Added 2001-10-22
by pilot
arirang is a powerful webserver security scanner with support for: -Operating System Detect -flexible scan rule databases -scan list file -http port -wide network(ip range) scan -wide network webserver type scan -patch information. -http request injection. -virtual host scan -fast scan, and -included last (~2001/05/25) WWW Vulnerabilities able to check (700 over check)

Tamandua Network Intrusion Detection
Added 2001-10-22
by Tamandua Laboratories
Main features: Distributed sensors; Centralized console; Multi-layered signatures; Session-based network analysis; Multi-threaded packet capture; De-Fragmented packets analysis; Human readable signatures; Packet save session database; Convert your personal snort signs; Easy-to-install, Easy-to-use.

Added 2001-10-22
by FoxThree
Archaeopteryx is a Passive mode OS Identification Tool. It is based off Siphon v.666 by SubTerrain. It has a great GUI and a highly configurable OS signature file. It uses POSIX threads for multi-threading (pthreads for Win32). Also requires WinPCAP Drivers. We plan to support this tool actively! So, please send all new OS signatures to us

Motorola Intrusion Vision (MIV)
Added 2001-10-22
by Motorola
Motorola Intrusion Vision (MIV) is a visualization and data management tool used with commercial and public domain intrusion detection systems. Alerts are analyzed in near-real time by the MIV Event Manager, graded by severity and categorized by type. The result is an intuitive graphical display leading to faster recognition of attacks and enabling a more timely response for better protection of your network.

Snort Report
Added 2001-10-22
by David Gullett
Snort Report is an add-on module for the Snort Intrusion Detection System. It provides real-time reporting from the MySQL database generated by Snort.

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus