The Security Onion LiveCD is based on Xubuntu 9.04 and contains Snort 2.8.4.1, Snort 3.0.0b3 (Beta), sguil, idswakeup, nmap, metasploit, scapy, hping, fragroute, fragrouter, netcat, paketto, tcpreplay, and many other security tools. What can it be used for? * The Security Onion LiveCD can ...

*IDSWrapper* is a first step toward a universal and easily *extendible* API for host/network-based _Intrusion Detection Systems_ (IDS)s. It can virtually *encapsulate* any type of IDS with a little effort of writing Java implementation classes. It provides an abstract (also graphical) interfac...

Simulador de um IDS para Redes de Sensores Sem Fio. Tal IDS provê colaboração entre os monitores de forma que haja maior precisão na detecção dos nós maliciosos. A colaboração é realizada através de uma arquitetura baseada em DHT. Além disso, o protocolo de roteamento é influenciado de forma que os ...

pyHIDS is a little HIDS (with e-mail alerts) written in Python for my personnal needs. [http://cedric.bonhomme.free.fr/wiki/doku.php/pyhids Usefull informations].

hi man

IDS project

http://freeips-project.googlecode.com/svn/wiki/images/logo.png FreeIPS is a multi-threaded IPS written from scratch and currently capable of:<br> * IP fragment reassembly * TCP session management * Typical for "flow" support * Inline support * Uses IPDIVERT * Can drop...

DILCA is a distributed logical correlation and reaction architecture featuring collection and correlation of IDMEF formatted log events (Intrusion Detection Message Exchange Format - RFC 4765) through a multi-step signature based system.<br> ILCE (IDMEF Logical Correlation Engine) is the core of th...

Rule2Alert parses snort rules and generates packets on the fly that would alert the IDS. It can either write the packets to a pcap or send the packets directly to the IDS. Rule2Alert utilizes <a href="http://www.secdev.org/projects/scapy/">Scapy</a> to craft each individual packet. Based on the...

It detects protocols dynamically based on signatures of the protocols. Protocol detection may involve and will generally involve deep packet inspections of the packets coming to and going out of the system.