OpenSource NIDS

From: Andreas Krennmair (ak@tcp-ip.at)
Date: 03/29/02


Date: Fri, 29 Mar 2002 15:14:46 +0100
From: Andreas Krennmair <ak@tcp-ip.at>
To: focus-ids@securityfocus.com

Hello,
A short question: are there any OpenSource NIDS (preferably signature
based) other than Snort available? I need this for a project, where we
want to combine a signature based NIDS with a NIDS with strict anomaly
model (as described in Phrack 56) and Snort doesn't really suit, since
it's quite huge and extremely hard to modify so that it works in the way
we want.

TIA,
Andreas Krennmair

-- 
 > Was habt Ihr denn gegen Windows XP?
Topfmagnete, solide Shredder sowie @FREE_UNICES.
   -- Alexander Schreiber in <slrnaa2ue3.9cc.als@thangorodrim.de>



Relevant Pages

  • Re: OpenSource NIDS
    ... there are a number of other open source NIDS available. ... snort is production quality. ... > want to combine a signature based NIDS with a NIDS with strict anomaly ... There are input plugins, output ...
    (Focus-IDS)
  • Re: OpenSource NIDS
    ... > want to combine a signature based NIDS with a NIDS with strict anomaly ... > model and Snort doesn't really suit, ... Snort: Open Source Network IDS - http://www.snort.org ...
    (Focus-IDS)
  • Re: OpenSource NIDS
    ... where we want to combine a signature based NIDS with a NIDS ... >with strict anomaly model and Snort ... >modify so that it works in the way we want. ...
    (Focus-IDS)
  • Re: OpenSource NIDS
    ... alas, I've found Snort meets virtually all of my needs... ... are there any OpenSource NIDS (preferably signature ...
    (Focus-IDS)
  • RE: "False positive" database idea
    ... snort config, I would love to be able to search such a database to see if I ... if someone really wants to use the bugzilla http API to automate their ... NIDS configuration, they deserve whatever Chad's scenario brings upon ... > Intrusion Prevention and Traffic Shaping Technology to: ...
    (Focus-IDS)