OSSEC - Host-based Intrusion Detection System

  •        1604

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

http://www.ossec.net/

Tags
Implementation
License
Platform

   




Related Projects

ossec-hids - An Open Source Host-based Intrusion Detection System


An Open Source Host-based Intrusion Detection System

Bro - Network Security Monitor


Bro is a powerful network analysis framework that is much different from the typical intrusion detection system you may know. Bro provides a comprehensive platform for more general network traffic analysis as well.

ClearOS - Linux based Operating System


ClearOS is a powerful network and gateway server designed for small organizations and distributed environments. The open source revolution in the software industry has made it possible to provide ClearOS at no cost. Among other features, antivirus, antispam, VPN and content filtering are built right into the software -- no need for expensive third party add-ons. With ClearOS, you can avoid costly vendor lock-in and proprietary formats; instead, you can embrace open standards and protocols.

ossec-hids


OSSEC-HIDS / A Host-based Intrusion Detection System for Linux / BSD / Windows / Mac OS X

Suricata IDS - Network threat detection engine


The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats.



OpenWIPS-ng - Wireless Intrusion Prevention System


OpenWIPS-ng is an open source and modular Wireless IPS (Intrusion Prevention System). It is composed of three parts: Sensor(s): "Dumb" devices that capture wireless traffic and sends it to the server for analysis. Also responds to attacks. Server: Aggregates the data from all sensors, analyzes it and responds to attacks. It also logs and alerts in case of an attack. Interface: GUI manages the server and displays information about the threats on your wireless network(s).

Snort - Network Intrusion Prevention and Detection System


Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Snort can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

ossec-hids


OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together in a simple, powerful and open source solution.Visit our website for the latest information. [www.ossec.net](http://www.ossec.net)

Acra - Database protection suite with selective encryption and intrusion detection


Acra helps you to easily secure your databases in distributed, microservice-rich environments. It allows you to selectively encrypt sensitive records with strong multi-layer cryptography, detect potential intrusions and SQL injections and cryptographically compartment data stored in large sharded schemes. It's security model guarantees that compromising the database or your application does not leak sensitive data, or keys to decrypt it.

Intrusion Detection and Prevention System


Intrusion Detection and Prevention System based on abnormal entity method of detection.

osquery - SQL powered operating system instrumentation, monitoring, and analytics.


osquery is an operating system instrumentation framework for OS X/macOS, Windows, and Linux. The tools make low-level operating system analytics and monitoring both performant and intuitive.There are many additional continuous build jobs that perform dynamic and static analysis, test the package build process, rebuild dependencies from source, assure deterministic build on macOS and Linux, fuzz test the virtual tables, and build on several other platforms not included above. Code safety, testing rigor, data integrity, and a friendly development community are our primary goals.

Sguil - The Analyst Console for Network Security Monitoring


Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis.

ids - CIS551 Spring 2012 : Intrusion Detection System


CIS551 Spring 2012 : Intrusion Detection System

railsids - Intrusion Detection System for Ruby on Rails


Intrusion Detection System for Ruby on Rails

libnids - Implementation of E-component of Network Intrusion Detection System


Implementation of E-component of Network Intrusion Detection System

aids - Proof of concept Android Intrusion Detection System.


Proof of concept Android Intrusion Detection System.

Tutu - Simple Intrusion Detection System (IDS)


Simple Intrusion Detection System (IDS)

HTTPBlock - The poor man's web intrusion detection system.


The poor man's web intrusion detection system.

kismet - the famous wireless network detector, sniffer, and intrusion detection system


the famous wireless network detector, sniffer, and intrusion detection system

mod_fortress - Apache application-level firewall and intrusion detection system


Apache application-level firewall and intrusion detection system