Views: 4,830 While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific […]
IDS
Smooth-Sec – IDS/IPS (Intrusion Detection/Prevention System) In A Box
Views: 9,067 We haven’t written about Smooth-Sec for a while since we first heard about it at v1 in March 2011. For those who are not familiar, Smooth-Sec is a fully-ready IDS & IPS (Intrusion Detection & Prevention System) Linux distribution based on Debian 7 (wheezy), available for 32 and 64 bit architecture. The distribution […]
Graphical Web Interface for OSSEC WUI AnaLogi v1.1
Views: 6,440 ‘Analytical Log Interface’ was built to sit on top of OSSEC (built on OSSEC 2.6) and requires 0 modifications to OSSEC or the database schema that ships with OSSEC. AnaLogi requires a Webserver sporting PHP and MySQL. Written for inhouse analysis work, released under GPL to give something back – it’s intended to […]
Smooth-Sec – All In One Pre-Configured IDS/IPS System
Views: 11,922 Smooth-Sec is a ready to-go IDS/IPS (Intrusion Detection/Prevention System) Linux distribution based on the multi threaded Suricata IDS/IPS engine and Snorby, the top notch web application for network security monitoring. Smooth-Sec is built on Ubuntu 10.04 LTS using the TurnKey Core base as development platform. Functionality is the key point that allows a […]
Suricata – Open Source Next Generation Intrusion Detection and Prevention Engine
Views: 9,890 The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. Basically it’s a is a multi-threaded intrusion detection/prevention engine engine available from the […]