Bro is a powerful network analysis framework that is much different from the typical IDS you may know.


Bro's domain-specific scripting language enables site-specific monitoring policies.

... more

- "EasyIDS is an easy to install intrusion detection system configured for Snort. Based upon Patrick Harper's Snort installation guide and modeled after the trixbox installation cd, EasyIDS is designed for the network security beginner with... more

Inundator is a multi-threaded, queue-driven, anonymous intrusion detection false positives generator with support for multiple targets.

Signature-based intrusion detection systems use a set of attack descriptions to analyze event streams, looking for evidence of malicious behavior. If the signatures are expressed in a well-defined language, it is possible to analyze the attack... more

NSMnow, as the name suggests, is all about building an Network Security Monitoring (NSM) framework ... Now! By Now! we mean fast and easy without the messy patching and configuration of each tool needed to get the system up and running. What we... more

32-bit · 64-bit · BSD · CentOS · Client · Debian · Fedora · FreeBSD · Gentoo · GPL · IDS · IPS · Linux · Open Source · OpenBSD · Server · Ubuntu · Unix

Testing an IDS can be a tedious task, it can even become a nightmare... Especially if you test it manually!

Pytbull is automatic and complete.

Pytbull is shipped with about 300 tests grouped in 11 testing modules:

... more

32-bit · 64-bit · Debian · IDS · IPS · Linux · Open Source · Ubuntu · Fedora · CentOS · BSD · Unix

Rule2Alert parses snort rules and generates packets on the fly that would alert the IDS. It can either write the packets to a pcap or send the packets directly to the IDS.

Rule2Alert utilizes Scapy to craft each individual packet. Based on... more

32-bit · 64-bit · Open Source · GPL · IDS · IPS · Linux · Debian · BSD · Ubuntu · Unix · Windows

Smooth-Sec is a ready to-go IDS/IPS (Intrusion Detection/Prevention System) linux distribution based on the multi threaded Suricata IDS/IPS engine and Snorby, the top notch web application for network security monitoring. Smooth-Sec is built on... more

Sneeze is a Snort false-positive generator written in perl. It will read normal Snort rules files, parse them, and generate packets that will hope- fully trigger those same rules. Sneeze can be configured to use specific network devices, source... more

32-bit · 64-bit · BSD · Debian · Linux · Open Source · Ubuntu · Unix · IDS · IPS

SnIPS: Snort Intrusion Analysis using Proof Strengthening
Snort is a widely used network-based intrustion detection system (IDS). It works by comparing a network packet with a set of pre-defined signatures (Snort rules) which specify... more


Subscribe to IDS