| HTML clipboard | | | | executing event-oriented analyzers that compare the |
| Tools and Utilities to Monitor Your Network For | | | | activity with patterns deemed troublesome. Its analysis |
| Suspicious or Malicious Activity | | | | includes detection of specific attacks (including those |
| Snort for Windows | | | | defined by signatures, but also those defined in terms |
| Snort is an open source network intrusion detection | | | | of events) and unusual activities (e.g., certain hosts |
| system, capable of performing real-time traffic analysis | | | | connecting to certain services, or patterns of failed |
| and packet logging on IP networks. It can perform | | | | connection attempts). |
| protocol analysis, content searching/matching and can | | | | Prelude |
| be used to detect a variety of attacks and probes, | | | | Prelude is an "agent less", universal, security information |
| such as buffer overflows, stealth port scans, CGI | | | | management (SIM) system, released under the terms |
| attacks, SMB probes, OS fingerprinting attempts, and | | | | of the GNU General Public License. Prelude collects, |
| much more. | | | | normalizes, sorts, aggregates, correlates and reports all |
| Sax2 | | | | security-related events independently of the product |
| Ax3soft Sax2 is a professional intrusion detection and | | | | brand or license giving rise to such events by |
| prevention system (IDS) used to detect intrusion and | | | | normalizing them to a single format called the "Intrusion |
| attacks, analyze and manage your network which | | | | Detection Message Exchange Format" |
| excels at real-time packet capture, 24/7 network | | | | AirSnare |
| monitor, advanced protocol analysis and automatic | | | | AirSnare is another tool to add to your Wireless |
| expert detection. | | | | Intrusion Detection Toolbox. AirSnare will alert you to |
| Bro | | | | unfriendly MAC addresses on your network and will |
| Bro is an open-source, Unix-based Network Intrusion | | | | also alert you to DHCP requests taking place. If |
| Detection System (NIDS) that passively monitors | | | | AirSnare detects an unfriendly MAC address you |
| network traffic and looks for suspicious activity. Bro | | | | have the option of tracking the MAC address's |
| detects intrusions by first parsing network traffic to | | | | access to IP addresses and ports or by launching |
| extract its application-level semantics and then | | | | Ethereal upon a detection. |