An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations.
Read moreTag: intrusion detection
Security Onion – platform built by defenders for defenders
Security Onion includes network visibility, host visibility, intrusion detection honeypots, log management, and case management.
Read moreSuricata – high performance Network IDS, IPS and Network Security Monitoring engine
Suricata is a threat detection engine, combining intrusion detection, intrusion prevention, network security monitoring and PCAP processing.
Read moreSnort – intrusion prevention system
Snort is an open source network intrusion prevention and detection system utilizing a rule-driven language.
Read moreZeek – powerful network analysis framework
Zeek (formerly known as Bro) is a powerful free and open source framework for network traffic analysis and security monitoring.
Read moreMaltrail – malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists.
Read moreWazuh – platform used for threat prevention, detection, and response
Wazuh is a platform used for threat prevention, detection, and response.
Read moreSagan – multi-threads, high performance log analysis engine
Sagan is billed as the advanced Suricata/Snort like log analysis engine.
Read moreTripwire – security and data integrity tool
Open Source Tripwire is a free software security and data integrity tool useful for monitoring and alerting on specific file change(s).
Read moreLogwatch – powerful and versatile log parser and analyzer
Logwatch is a customizable log analysis system. Logwatch parses through your system’s logs and creates a report analyzing specific areas.
Read moreAIDE – Advanced Intrusion Detection Environment
AIDE (Advanced Intrusion Detection Environment is a file and directory integrity checker.
Read moreSamhain – host-based intrusion detection system
The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis.
Read moreRootkit Hunter – security tool
rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits.
Read morechkrootkit – locally checks for signs of a rootkit
chkrootkit is a tool to locally check for signs of a rootkit.
Read moreKismet – networking software
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It works with wireless cards which supports raw monitoring.
Read more