Akagi201/libnids.md

Last active August 29, 2015 14:00

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/Akagi201/11240876.js"></script>
Save Akagi201/11240876 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

What

libnids是网络入侵检测系统(IDS)的E-component的一个实现(NIDS E-component library).
他模拟了linux 2.0.x的IP stack.
libnids提供IP重组, TCP stream assembly和TCP端口扫描检测.
libnids的最有价值的特性是可靠性.
许多测试表明libnids能尽可能地预测受保护的linux主机的行为.
libnids是运行时高度可配置的, 并且提供一个方便的接口.
使用libnids可以方便的访问一个TCP流的数据, 无论攻击者多么巧妙的掩盖.
libnids被Rafal Wojtczuk设计.

Refs

http://libnids.sourceforge.net/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment