Snort 3.3.4.0 💾

Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users. Snort can be deployed inline to stop these packets, as well. Snort has three primary uses: As a packet sniffer like tcpdump, as a packet logger — which is useful for network traffic debugging, or it can be used as a full-blown network intrusion pr

major bugfix: Appid: notify binder on service change. Appid: replaced hsessions vector of raw pointers into vector of smart pointers. Ftp_telnet: refactoring ftp-data. Latency, dce, stream_ip: max pegs incorrectly declared sum. Telnet: avoid flush when cr or lf is between commands.

GNU GPLv3 ids logger traffic ips network security analysis tcp udp cpp c


Cyber Probe 2.5.2

Cyberprobe is a network attack monitoring software stack. It collects data packets for inspection, logging and analysis. It can be integrated with snort to record the actual intrusion source. While Cybermon is highly configurable protocol decoder and analysis tool, which can also automate responses such as dynamic connection resets, firewalling or forged DNS replies.

fwsnort - translate Snort rules into iptables rules 1.6.5

fwsnort translates SNORT rules into iptables rules on Linux systems and generates a corresponding iptables policy in iptables-save format. This ruleset allows network traffic that matches Snort signatures (i.e. attacks and other suspicious network behavior) to be logged and/or dropped by iptables directly without putting an interface into promiscuous mode or queuing packets from kernel to user space. Note that fwsnort can also build an iptables policy that combines the string match extension wit