Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Monday, October 13, 2008

Intrusion Detection System & Intrusion Prevention System

Tools and Utilities to Monitor Your Network For Suspicious or Malicious Activity
Free Intrusion Detection Systems
Source
Snort for Linux Snort is an open source network intrusion detection system, capable of
performing real-time traffic analysis and packet logging on IP
networks. It can perform protocol analysis, content searching/matching
and can be used to detect a variety of attacks and probes, such as
buffer overflows, stealth port scans, CGI attacks, SMB probes, OS
fingerprinting attempts, and much more.

Snort for Windows Snort is an open source network intrusion detection system, capable of
performing real-time traffic analysis and packet logging on IP
networks. It can perform protocol analysis, content searching/matching
and can be used to detect a variety of attacks and probes, such as
buffer overflows, stealth port scans, CGI attacks, SMB probes, OS
fingerprinting attempts, and much more.


Prevx Home Home computer users remain vulnerable to each new (‘Zero Day’)
cyber-attack during the critical period between the launch of a new
attack and a “signature” update becoming available. Spyware tools only
detect and clean up installed malware AFTER the infection has happened.
Often threats are missed entirely by traditional security tools. Prevx
Home STOPS ‘Zero Day’, Spyware and hack attacks and STOPS malicious
software from installing on your PC.


SnoopNetCop Standard SnoopNetCop
Standard is a program that can detect possible packet sniffing attack
on your network. LAN cards has two oprating modes, 'normal mode' and
'promiscuous mode'.


AIDE (Advanced Intrusion Detection Environment)
AIDE (Advanced Intrusion Detection Environment) is a free replacement
for Tripwire. It does the same things as the semi-free Tripwire and
more.


Prelude Prelude is a new innovative Hybrid Intrusion Detection system designed to be very modular, distributed, rock solid and fast.


Foundstone Attacker A TCP/UDP port listener.


Foundstone Carbonite A Linux Kernel Module to aid in RootKit detection.


Foundstone Filewatch A file change monitor. Used with BlackICE Defender.

More Intrusion Detection System Software

No comments: