|
Suricata (software)
Suricata is an open-source based intrusion detection system (IDS) and intrusion prevention system An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically rep ... (IPS). It was developed by the Open Information Security Foundation (OISF). A beta version was released in December 2009, with the first standard release following in July 2010. Free intrusion detection systems * OSSEC HIDS * Prelude Hybrid IDS * Sagan * Snort * Zeek NIDS See also * Aanval References External links * Open Information Security Foundation* {{DEFAULTSORT:Suricata (Software) Computer security software Free security software Free network-related software Intrusion detection systems Linux security software Unix security-related software ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
GitHub
GitHub, Inc. () is an Internet hosting service for software development and version control using Git. It provides the distributed version control of Git plus access control, bug tracking, software feature requests, task management, continuous integration, and wikis for every project. Headquartered in California, it has been a subsidiary of Microsoft since 2018. It is commonly used to host open source software development projects. As of June 2022, GitHub reported having over 83 million developers and more than 200 million repositories, including at least 28 million public repositories. It is the largest source code host . History GitHub.com Development of the GitHub.com platform began on October 19, 2007. The site was launched in April 2008 by Tom Preston-Werner, Chris Wanstrath, P. J. Hyett and Scott Chacon after it had been made available for a few months prior as a beta release. GitHub has an annual keynote called GitHub Universe. Org ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Slashdot
''Slashdot'' (sometimes abbreviated as ''/.'') is a social news website that originally advertised itself as "News for Nerds. Stuff that Matters". It features news stories concerning science, technology, and politics that are submitted and evaluated by site users and editors. Each story has a comments section attached to it where users can add online comments. The website was founded in 1997 by Hope College students Rob Malda, also known as "CmdrTaco", and classmate Jeff Bates, also known as "Hemos". In 2012, they sold it to DHI Group, Inc. (i.e., Dice Holdings International, which created the Dice.com website for tech job seekers). In January 2016, BIZX acquired both slashdot.org and SourceForge. In December 2019, BIZX rebranded to Slashdot Media. Summaries of stories and hyperlinks to news articles are submitted by Slashdot's own users, and each story becomes the topic of a threaded discussion among users. Discussion is moderated by a user-based moderation system. Randomly ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Intrusion Detection Systems
An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms. IDS types range in scope from single computers to large networks. The most common classifications are network intrusion detection systems (NIDS) and host-based intrusion detection systems (HIDS). A system that monitors important operating system files is an example of an HIDS, while a system that analyzes incoming network traffic is an example of an NIDS. It is also possible to classify IDS by detection approach. The most well-known variants are signature-based detection (recogniz ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Free Network-related Software
Free may refer to: Concept * Freedom, having the ability to do something, without having to obey anyone/anything * Freethought, a position that beliefs should be formed only on the basis of logic, reason, and empiricism * Emancipate, to procure political rights, as for a disenfranchised group * Free will, control exercised by rational agents over their actions and decisions * Free of charge, also known as gratis. See Gratis vs libre. Computing * Free (programming), a function that releases dynamically allocated memory for reuse * Free format, a file format which can be used without restrictions * Free software, software usable and distributable with few restrictions and no payment * Freeware, a broader class of software available at no cost Mathematics * Free object ** Free abelian group ** Free algebra ** Free group ** Free module ** Free semigroup * Free variable People * Free (surname) * Free (rapper) (born 1968), or Free Marie, American rapper and media perso ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer Security Software
Computer security software or cybersecurity software is any computer program designed to influence information security. This is often taken in the context of defending computer systems or data, yet can incorporate programs designed specifically for subverting computer systems due to their significant overlap, and the adage that the best defense is a good offense. The defense of computers against intrusion and unauthorized use of resources is called ''computer security''. Similarly, the defense of computer networks is called ''network security''. The subversion of computers or their unauthorized use is referred to using the terms ''cyberwarfare'', ''cybercrime'', or '' security hacking'' (later shortened to ''hacking'' for further references in this article due to issues with '' hacker'', ''hacker culture'' and differences in white/grey/black 'hat' color identification). Types Below, various software implementations of Cybersecurity patterns and groups outlining ways a host s ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Aanval
Aanval is a commercial SIEM product designed specifically for use with Snort, Suricata, and Syslog data. Aanval has been in active development since 2003 and remains one of the longest running Snort capable SIEM products in the industry. Aanval is Dutch for "attack". History Aanval was created by Loyal Moses in 2003 but was not publicly made available until March 2004 where it was released under the private commercial license C1-RA1008. Throughout the lifecycle of the software it has also been referred to as OpenAanval or ComAanval in addition to Aanval. Aanval's had provided AJAX style security event monitoring and reporting from a web-browser. Since Aanval's creation, it has developed into an intrusion detection, correlation and threat management console with a specific focus on normalizing Snort, Suricata, and Syslog data. Several information security related books have been published that include details and references to Aanval, including "Linux Server Security, Second ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Zeek
Zeek is a free and open-source software network analysis framework. Vern Paxson began development work on Zeek in 1995 at Lawrence Berkeley National Lab. Zeek is a network security monitor (NSM) but can also be used as a network intrusion detection system (NIDS). The Zeek project releases the software under the BSD license. Output Zeek's purpose is to inspect network traffic and generate a variety of logs describing the activity it sees. A complete list of log files is available at the project documentation site. Log example The following is an example of one entry in JSON format from the conn.log: Threat hunting One of Zeek's primary use cases involves cyber threat hunting. Name The principal author, Paxson, originally named the software "Bro" as a warning regarding George Orwell's Big Brother from the novel ''Nineteen Eighty-Four''. In 2018 the project leadership team decided to rename the software. At LBNL in the 1990s, the developers ran their sensors as a pseudo-user ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Snort (software)
Snort is a free open source network intrusion detection system (IDS) and intrusion prevention system (IPS) created in 1998 by Martin Roesch, founder and former CTO of Sourcefire. Snort is now developed by Cisco, which purchased Sourcefire in 2013. In 2009, Snort entered InfoWorld's Open Source Hall of Fame as one of the "greatest ieces ofopen source software of all time". Uses Snort's open-source network-based intrusion detection/prevention system (IDS/IPS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching and matching. The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, semantic URL attacks, buffer overflows, server message block probes, and stealth port scans. Snort can be configured in three main modes: 1. sniffer, 2. packet logger, and 3. network intrusion detection. Sniffer Mod ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Sagan (software)
Sagan is an open source (GNU/GPLv2) multi-threaded, high performance, real-time log analysis & correlation engine developed by Quadrant Information Security that runs on Unix operating systems. It is written in C and uses a multi-threaded architecture to deliver high performance log & event analysis. Sagan's structure and rules work similarly to the Sourcefire Snort IDS/IPS engine. This allows Sagan to be compatible with Snort or Suricata rule management softwares and give Sagan the ability to correlate with Snort IDS/IPS data. Sagan supports different output formats for reporting and analysis, log normalization, script execution on event detection, GeoIP detection/alerting and time sensitive alerting. See also * Host-based intrusion detection system comparison Comparison of host-based intrusion detection system components and systems. Free and open-source software As per the Unix philosophy a good HIDS is composed of multiple packages each focusing on a specific a ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Prelude Hybrid IDS
Prelude SIEM is a Security information and event management (SIEM). It is a tool for driving IT security. Prelude SIEM collects and centralizes information about the company's IT security to offer a single point of view to manage it. Thanks to its logs and flows analyzer, Prelude SIEM create alerts about intrusions and security threats in the network in real-time. Prelude SIEM provides multiple tools to do forensic reporting on Big Data and Smart Data to identify weak signals and Advanced Persistent Threat (APT). Finally, Prelude SIEM embeds all tools for the exploitation phase to make work easier for operators and help them with risk management. While a malicious user (or software) may be able to evade the detection of a single IDS (NIDS, HIDS, etc.), it becomes exponentially more difficult to get around the defenses when there are multiple protection mechanisms. Prelude SIEM comes with a large set of sensors, each of them monitoring different kinds of events. Prelude SIEM permi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OSSEC
OSSEC (Open Source HIDS SECurity) is a free, open-source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response. It provides intrusion detection for most operating systems, including Linux, OpenBSD, FreeBSD, OS X, Solaris and Windows. OSSEC has a centralized, cross-platform architecture allowing multiple systems to be easily monitored and managed. OSSEC has a log analysis engine that is able to correlate and analyze logs from multiple devices and formats. History In June 2008, the OSSEC project and all the copyrights owned by Daniel B. Cid, the project leader, were acquired by Third Brigade, Inc. They promised to continue to contribute to the open source community and to extend commercial support and training to the OSSEC open source community. In May 2009, Trend Micro acquired Third Brigade and the OSSEC project, with promises to keep it open source an ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
