An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations.
Read more
Tag: intrusion detection
Security Onion – platform built by defenders for defenders
Security Onion includes network visibility, host visibility, intrusion detection honeypots, log management, and case management.
Read more
Suricata – high performance Network IDS, IPS and Network Security Monitoring engine
Suricata is a threat detection engine, combining intrusion detection, intrusion prevention, network security monitoring and PCAP processing.
Read more
Snort – intrusion prevention system
Snort is an open source network intrusion prevention and detection system utilizing a rule-driven language.
Read more
Zeek – powerful network analysis framework
Zeek (formerly known as Bro) is a powerful free and open source framework for network traffic analysis and security monitoring.
Read more
Maltrail – malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists.
Read more
Wazuh – platform used for threat prevention, detection, and response
Wazuh is a platform used for threat prevention, detection, and response.
Read more
Sagan – multi-threads, high performance log analysis engine
Sagan is billed as the advanced Suricata/Snort like log analysis engine.
Read more
Tripwire – security and data integrity tool
Open Source Tripwire is a free software security and data integrity tool useful for monitoring and alerting on specific file change(s).
Read more
Logwatch – powerful and versatile log parser and analyzer
Logwatch is a customizable log analysis system. Logwatch parses through your system’s logs and creates a report analyzing specific areas.
Read more
AIDE – Advanced Intrusion Detection Environment
AIDE (Advanced Intrusion Detection Environment is a file and directory integrity checker.
Read more
Samhain – host-based intrusion detection system
The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis.
Read more
Rootkit Hunter – security tool
rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits.
Read more
chkrootkit – locally checks for signs of a rootkit
chkrootkit is a tool to locally check for signs of a rootkit.
Read more
Kismet – networking software
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. It works with wireless cards which supports raw monitoring.
Read more