Newbies What Next ? News Forums Calendar
Home | YouTube | Register | News | Forums | Portal Pages | MyLinks | New | Hot | Link Us


 Category Gateway
More Options

LinuxLinks News
 · 9 Excellent Open Source Configuration Management Applications
 · A Beginner’s Introduction to Linux
 · Simon Tatham’s Portable Puzzle Collection – Games for the Brain
 · Captain Holetooth – Explorative 2D Platform Game for Kids
 · Taisei – A Classy, Frenetic Shoot’em Up Game in the Style of The Touhou Project
 · YouTube Channel
 · Minilens – Fun Open Source Puzzle Platform Game
 · Wizznic! – Highly Addictive Open Source Puzzle Game
 · Success! Beelink S1 Running Linux – Courtesy of the Open Source Community
 · Beelink S1 Mini PC and Linux – Comedy Gold


Latest Links

Top : Software : Networking : Security : Intrusion Detection

9 Excellent Open Source Configuration Management Applications
This software automates the configuration of machines to a particular state. Like any other tools, they are designed to solve specific problems in certain ways. The goal is to get a system from whatever state it is in, into the desired state. Configuration management software are the tools of choice for many system administrators and devops professionals.

(Read more)
Final Term
Final Term is a new breed of terminal emulator. Features include semantic text menus, smart command completion, GUI terminal controls and more. Read more


  • Bait and Switch Honeypot System
    A multifaceted attempt to take honeypots out of the shadows of the network security model and to make them an active participant in system defense. To do this, we are creating a system that reacts to hostile intrusion attempts by redirecting all hostile traffic to a honeypot that is partially mirroring your production system.
  • Beeswarm
    Beeswarm is an active IDS project that provides easy configuration, deployment and management of honeypots and clients. The system operates by luring the hacker into the honeypots by setting up a deception infrastructure where deployed drones communicate with honeypots and intentionally leak credentials while doing so.
  • Bro
    Bro is a Network Intrusion Detection System (NIDS) that passively monitors network traffic and looks for suspicious activity. Read more
  • check-ps
    check-ps detects rootkits by detecting falsified output and similar anolomies. The ps check should work on anything with /proc, the (currently incomplete) netstat check is more linux specific.
  • chkboot
    chkboot is a tool to help detect changes to an unencrypted /boot partition.
  • devialog
    devialog is a behavior/anomaly-based syslog intrusion detection system which detects unknown attacks via anomalies in syslog. It can generate signatures for ease of management, act upon anomalies in a predefined fashion or perform as a standard log parser.
  • EasyIDS
    EasyIDS is an easy-to-install intrusion detection system based upon Snort. EasyIDS is designed for the network security beginner. EasyIDS includes CentOS Linux, Snort, MySQL, BASE, ntop, oinkmaster, and more.
  • FCheck
    FCheck is an open source Perl script providing intrusion detection and policy enforcement of Windows 95/98/NT/3.x and Unix server administration through the use of comparative system snapshots.
  • File System Saint
    File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use.
  • Firestorm
    Firestorm is a very lightweight and flexible base for a heirarchical NIDS. It aims to be very fast, support many open protocols and formats.
  • fwsnort
    fwsnort parses the rules files included in the snort intrusion detection system and builds an equivalent iptables ruleset for as many rules as possible.
  • HLBR - The invisible IPS
    HLBR is an IPS (Intrusion Prevention System) that works directly at the layer 2 of the OSI model (so it's invisible at the layer 3 - IP). It is an alternative to anyone that needs to integrate an IPS with their firewall system. It is able to analyse the contents of passing packets and block attacks.
  • ICU
    Integrity Checking Utility is a Perl program used for executing AIDE filesystem integrity checks on remote hosts from an ICU server and sending reports via email.
  • IDABench
    IDABench is a pluggable framework for intrusion analysis built upon the Naval Surface Warfare Center, Dahlgren Division's SHADOW versions 1.7 and 1.8. IDABench is not intended to be an intrusion detection system, although it can be used as such.
  • ImSafe
    ImSafe is a host-based intrusion detection tool for Linux. It is performing anomaly detection at the process level and tries to detect various type of attacks. What is great about ImSafe is that the system doesn't know anything about the attacks and thus can detect unknown, unpublished attacks or any other form of malicious use of the monitored application.It performs quite well when monitoring usual services like a FTP server, telnet daemon, etc.
  • krd
    krd is a rootkit detection utility which scan /proc/kcore for interesting data. Suspicious programs (sk, adore, etc.), worms/backdoors/viruses are detected even if running silently in your kernel. For instance, the ASCII string OSF indicates the ELF infector GMON.A is present.
  • LaBrea
    LaBrea takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet. The program answers connection attempts in such a way that the machine at the other end gets "stuck", sometimes for a very long time.
  • Login Anomaly Detection System
    Login Anomaly Detection System detects anomalies in logins and logouts and is able to perform various actions in response.
  • Nabou Advanced Host Intrusion Detection System
    Nabou Advanced Host Intrusion Detection System stores the properties for each file in a dbm database and will warn you if something has been changed on a file. The most important thing to check for, is the MD5-checksum.
  • Nebula Intrusion Signature Generator
    Nebula is a data analysis tool that automatically generates intrusion signatures from attack traces. It runs as a daemon that processes data submitted from honeypots. New signatures are published as Snort rules and can be used to defend a network from future intrusion attempts.
  • Nift
    Nift is a graphical front-end (written in gtk+) for footprinting tools and methods already freely avaliable.
  • nipper
    nipper processes network device configuration files, performs a security audit and outputs a security report with recommendations and a configuration report. nipper currently supports Cisco IOS, PIX, ASA, FWSM, NMP, CatOS and Juniper NetScreen devices. Read more
  • OpenFPC
    OpenFPC is a set of tools that combine to provide a lightweight full-packet network traffic recorder & buffering system. It's design goal is to allow non-expert users to deploy a distributed network traffic recorder on COTS hardware while integrating into existing alert and log management tools.
    OSSEC HIDS is an Open source Host-based intrusion detection system. It performs log analysis, integrity checking, rootkit detection, time-based alerting and active response. All this information is correlated and analyzed by a single engine, creating a very powerfull detection tool. Read more
  • pyHIDS
    pyHIDS is a simple HIDS (host-based intrusion detection system) for verifying the integrity of a system. It uses an RSA signature to check the integrity of its database. Alerts are written in the logs of the system and can be sent via email to a list of users.
  • Razorback
    Razorback is a framework for an intelligence driven security solution. It consists of a Dispatcher at the core of the system, surrounded by Nuggets of varying types.
  • Realeyes IDS
    The Realeyes IDS captures and analyzes full sessions. When an incident is reported, the graphical user interface will display both halves of the session to determine what occurred. The GUI also provides management of application users, sensors, and a database. Realeyes is a replacement for the RenaissanceCore software.
  • Remote Access Session
    Remote Access Session is a security tool to analyze the integrity of systems. The program tries to gain access to a system using the most advanced techniques of remote intrusion.
  • Ruminate IDS
    Ruminate is a platform for analyzing data transferred through the network. Ruminate focuses on scalability, flexibility, and the ability to perform arbitrary actions on objects transferred through the network.
  • sectool
    sectool is a security tool for RPM based distributions. It can be used for security auditing and intrusion detection. Its goal is to catch mistakes caused by admins or point out things that they were not aware of. It checks system configuration and suspicious settings. It's easily extensible with language independent tests.
  • Sguil
    Sguil (pronounced sgweel) is an analyst console for network security monitoring. Read more
  • Snort Report
    Snort Report is an add-on module for the Snort Intrusion Detection System. It provides realtime reporting from the MySQL database generated by Snort. It requires a platform with MySQL 3.23, PHP 4.0, and Snort 1.8. It has been tested on Redhat 6.2, 7.0, 7.1, and OpenBSD 2.9.
  • snort_inline
    snort_inline is basically a modified version of Snort that accepts packets from iptables and IPFW via libipq instead of libpcap. Read more
  • Suricata
    Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors.
  • sXid
    sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders.
  • Tcpreplay
    tcpreplay is a suite of tools to edit and replay captured network traffic. Read more
  • Tripwire
    (commercial) Tripwire is a system integrity checker and a utility that compares properties of designated files and directories against information stored in a previously generated database. Read more
  • ViperDB
    ViperDB is a file checker somewhat similar to Tripwire, but based on different assumptions. It only reports if a change is found and therefore can be run every couple of minutes.
  • VXE
    VXE (Virtual eXecuting Environment) is an Intrusion Prevention System (IPS). It protects UNIX servers from intruders, hacker attacks from network and so on. It protects software subsystems, such as: SMTP, POP, HTTP and any other subsystem, already installed at the server.
  • WormTrack
    WormTrack is a network IDS that allows detection of scanning worms on a LAN by monitoring anomalous ARP traffic.
  • Zeppoo
    Zeppoo makes it possible to detect if a rootkit is installed on your system. It also makes it possible to detect hidden tasks, modules, syscalls, some corrupted symbols, and also hidden connections.

Matching Content

Share this Page
Bookmark and Share
Submit this page to popular social networks such as Digg, Twitter, StumbleUpon and more.

My LinuxLinks
  • Bookmarked links
  • Emailed Newsletter
  • Your own profile

  • Top Applications
    100 Essential Apps
    All Group Tests

    Top Free Software
    5 Office Suites
    3 Lean Desktops
    7 Document Processors
    4 Distraction Free Tools
    9 Project Management
    4 Business Solutions
    9 Groupware Apps
    14 File Managers
    10 Databases
    21 Backup Tools
    21 Productivity Tools
    5 Note Taking Apps
    9 Terminal Emulators
    21 Financial Tools
    5 Bitcoin Clients
    21 Text Editors
    21 Video Emulators
    21 Home Emulators
    42 Graphics Apps
    6 CAD Apps
    42 Scientific Apps
    10 Web Browsers
    42 Email Apps
    12 Instant Messaging
    10 IRC Clients
    7 Twitter Clients
    12 News Aggregators
    11 VoIP Apps
    42 Best Games
    9 Steam Games
    42 Audio Apps
    5 Music Streaming
    42 Video Apps
    5 YouTube Tools
    80 Security Apps
    9 System Monitoring
    8 Geometry Apps
    Free Console Apps
    14 Multimedia
    4 Audio Grabbers
    9 Internet Apps
    3 HTTP Clients
    5 File Managers
    8 Compilers
    9 IDEs
    9 Debuggers
    7 Revision Control Apps
    6 Doc Generators
    Free Web Software
    21 Web CMS
    14 Wiki Engines
    8 Blog Apps
    6 eCommerce Apps
    5 Human Resource Apps
    10 ERP
    10 CRM
    6 Data Warehouse Apps
    8 Business Intelligence
    6 Point-of-Sale

    Other Articles
    Migrating from Windows
    Back up your data
    20 Free Linux Books
    24 Beginner Books
    12 Shell Scripting Books

    Web Calendar
    Linux Licenses

    Advertise at


    Add Link | Modify Link | About | FAQ | Guide | Privacy | Awards | Contact |
    Portal Version 0.7. Intel Blade.
    Comments to the webmaster are welcome.
    Copyright 2009 All rights reserved.