| Directory > Computers > Security > Intrusion Detection Systems > Products and Tools > Open Source Rootkit Hunter
Open-source GPL rootkit scanner for Unix-like systems. Scans for rootkits, trojans, backdoors and
local exploits. Tests include scanning of plaintext and binary files for MD5 hash comparisons,
default rootkit files, binary permissions, suspect LKM/KLD module strings, hidden files and more.
http://www.rootkit.nl
Reviews Rating: Not yet Rated
Whois Check
Passive OS Fingerprinting (pOf)
An advanced passive OS/network fingerprinting utility for use in IDS environments, honeypots
environments, firewalls and servers.
http://lcamtuf.coredump.cx/p0f.shtml
Reviews Rating: Not yet Rated
Whois Check
Firestorm Network Intrusion Detection System
Firestorm is a high-performance GPL-licensed network intrusion detection system (NIDS). Features
include being fully pluggable, easily configurable, and an extremely scalable signature engine.
http://www.scaramanga.co.uk/firestorm
Reviews Rating: Not yet Rated
Whois Check
QuIDScor IDS/VA correlation
QuIDScor is an Open Source project demonstrating the value in correlating information between
Intrusion Detection Systems (such as Snort) and vulnerability assesment and management platforms
such as QualysGuard.
http://quidscor.sourceforge.net
Reviews Rating: Not yet Rated
Whois Check
sLink project
sLink consists of a daemon and a suite of cgi programs which provide a web administration interface
to an EDM/BOSCH Solution16 Alarm Panel.
http://slink.sourceforge.net
Reviews Rating: Not yet Rated
Whois Check
Shadow Intrusion and Network Analysis
Shadow is an intrusion-detection system from the Naval Surface Warfare Center, shows promise in
detecting previously unknown attacks for which no known detection signatures exist.
http://www.ists.dartmouth.edu/IRIA/projects/d_shadow.htm
Reviews Rating: Not yet Rated
Whois Check
Systrace (Interactive Policy Generation for System Calls)
Systrace enforces system call policies for applications by interactively constraining the
application's access to the system (*bsd and linux). Systrace is able to monitor daemons on remote
machines and generate warnings at a central location.
http://www.citi.umich.edu/u/provos/systrace
Reviews Rating: Not yet Rated
Whois Check
Snortalog
Perl-based log analysis tool that summarizes network security events from any native snort database
format.
http://jeremy.chartier.free.fr/snortalog/
Reviews Rating: Not yet Rated
Whois Check
Prelude hybride opensource IDS
Prelude is a new innovative hybrid Intrusion Detection system designed to be very modular,
distributed, rock solid and fast.
http://www.prelude-ids.org
Reviews Rating: Not yet Rated
Whois Check
Panoptis
Network-IDS that detects and stops DoS/DDoS attacks by using real-time Cisco NetFlow data.
http://panoptis.sourceforge.net
Reviews Rating: Not yet Rated
Whois Check
The Osiris Scripts
A tripwire-like utility which uses MD5 to check files for modifications.
http://www.shmoo.com/osiris
Reviews Rating: Not yet Rated
Whois Check
Open-Source IDS
A complete intrusion detection system created with well known open-source tools. Implemented using
a custom RedHat 7.2 distribution and available for download as a stand-alone ISO image.
http://www.ids.belbone.be
Reviews Rating: Not yet Rated
Whois Check
myNetWatchman.com
Intrusion Reporting and Response. Users forward firewall logs that are aggregated and analysed to
identify incidents that are reported to the responsible party.
http://www.mynetwatchman.com/
Reviews Rating: Not yet Rated
Whois Check
LIDS Project - Secure Linux System
LIDS is an enhancement for the Linux kernel written by Xie Huagang and Philippe Biondi. It
implements several security features that are not in the Linux kernel natively. Some of these
include: mandatory access controls (MAC), a port scan detector, file protection (even from root),
and process protection.
http://www.lids.org
Reviews Rating: Not yet Rated
Whois Check
LAk Intrusion Prevention System
A single compilation of source, binaries, scripts and whitepapers on intrusion prevention systems.
The aim is to quickly establish a working IPS within minutes.
http://lak-ips.sourceforge.net/
Reviews Rating: Not yet Rated
Whois Check
Intrusion detection script for Check Point FireWall-1
This article discusses several simple options to implement intrusion detection for Checkpoint
Firewall.
http://www.enteract.com/~lspitz/intrusion.html
Reviews Rating: Not yet Rated
Whois Check
Idsa
Experimental intrusion detection system and reference monitor designed to run at application level.
For Linux. GPL/LGPL.
http://jade.cs.uct.ac.za/idsa/
Reviews Rating: Not yet Rated
Whois Check
Honeyd
Small daemon that creates virtual hosts on a network (honeypot). Can be used as a virtual honeynet
or for network monitoring. For *BSD, GNU/Linux, and Solaris.
http://www.citi.umich.edu/u/provos/honeyd/
Reviews Rating: Not yet Rated
Whois Check
Chkrootkit
Provides open source application to check for presence of rootkits installed on Linux/Unix
machines. Links to security related sites.
http://www.chkrootkit.org/
Reviews Rating: Not yet Rated
Whois Check
Advanced Intrusion Detection Environment
AIDE is a file integrity checker that supports regular expressions. Licensed with GPL.
http://www.cs.tut.fi/~rammer/aide.html
Reviews Rating: Not yet Rated
Whois Check
ACID (Analysis Console for Intrusion Databases)
Powerful PHP-based data analysis tool for network security events captured by many common IDS
tools, including snort and tcpdump.
http://www.andrew.cmu.edu/~rdanyliw/snort/snortacid.html
Reviews Rating: Not yet Rated
Whois Check
Snort
A free lightweight network intrusion detection system for UNIX and Windows.
http://www.snort.org/
Reviews Rating: Not yet Rated
Whois Check
|
