Firestorm

Category: C & C++ - Network Applications

Firestorm is an extremely high performance network intrusion detection system (NIDS). It is fully pluggable and hence extremely flexible. A Network Intrusion Detection System is a system which can identify suspicious patterns in network traffic. If a firewall is a doorman, a NIDS is an undercover KGB agent. He silently gathers intelligence and can spot an enemy even if the door security has already let them in (maybe the enemy can make fake identification documents). Features: - Protocol anomaly detection - Full application layer decodes - Fully pluggable - High performance OS Specific capture module for Linux - Capture from libpcap files (normal AND redhat extended) - Packet decode engine fully supports encapsulation - Decode plugins included for many protocols (see below) - Comprehensive snort rule support - Wu-Manber setwise string matching - Easy to configure; just one config file - Can run chroot and with lowered privs (when started as root) - Can run as a realtime process (when started as root) - Preprocessors to allow supplementary modes of detection (eg: anomaly) - Full IP defragmentation (passes fragroute evasion tests) - TCP stateful inspection with window tracking - Intelligent TCP stream reassembly - HTTP URL normalization - EXTREMELY fast and scalable signature engine - Configurable token-bucket rate-limiting of any alerts - GNOME2 based analyst console user interface - Enhanced logging format for ease of analysis - ELOG indexing for lightning fast sorting and filtering of alerts Date: 03 April, 2012


Network Intrusion Detection - Network Security - Networking Tool - Network - Intrusion - Detection

Homepage: http://www.scaramanga.co.uk/

Developer: scaramanga.co.uk

License: Freeware

Operating System: All

Add a Comment

all are required fields

     
What do you think of this resource?

Select Your Rate:

Votes:0

 

Related Scripts Download

This script is an example of how an existing POP-mail account can be used to provide authentication to a python application.

developer Developer: code.activestate.com
license License: Freeware
operating systems Operating System: All


Skulls is a Multi-Network WebCache in PHP used from p2p clients to bootstrap.

developer Developer: SourceForge.net
license License: Freeware
operating systems Operating System: All


This module enables users on the windows platform to transfer files to remote hosts.

developer Developer: code.activestate.com
license License: Freeware
operating systems Operating System: All


This script allows you to download multiple directories from remote FTP servers and copy these to local machines under multiple threads.

developer Developer: code.activestate.com
license License: Freeware
operating systems Operating System: All


This script fills the need to have a scheduled directory synch occur via FTP.

developer Developer: code.activestate.com
license License: Freeware
operating systems Operating System: All


This is a caching and scaling proxy for images that are accessible via homepage It is designed for the use in weblogs where you want to refer to images on foreign hosts without the need of manual mirroring or scaling.

developer Developer: benjamin-schweizer.de
license License: Freeware
operating systems Operating System: All


The Symbion SSL Proxy listens on a TCP port, accepts SSL connections, and forwards them to an other (local or remote) TCP port, or UNIX domain socket.

developer Developer: SourceForge.net
license License: Freeware
operating systems Operating System: All


This script allows you to lookup country by IP address.

developer Developer: SourceForge.net
license License: Freeware
operating systems Operating System: All


RIBS is an incremental backup system written in PHP which utilizes some common *nix programs (specifically rsync, ssh and cp).

developer Developer: SourceForge.net
license License: Freeware
operating systems Operating System: All