Intrusion detection tool

INTRUSION DETECTION TOOL

  1. Security onion
  2. OSSEC
  3. OpenWips-ng
  4. Suricata
  5. Bro IDS
1.Security Onion:

Security Onion is an Ubuntu-based Linux distribution for network monitoring and intrusion detection.

The image can be distributed as sensors within the network to monitor multiple VLANs and subnets, and works well in VMware and virtual environments.

This configuration can be used as an IDS only. It isn't currently supported to be run as an IPS.

There is the option to run this both as a network and host intrusion-detection deployment, and to utilize services such as Squil, Bro IDS and OSSEC to perform the IDS functions of the service.

As great as Security Onion is, however, it still needs more assistance with development, which will most likely happen in time.

2.OSSEC:

OSSEC is an open source host intrusion-detection system (HIDS) that does more than detect intrusions.

Like most open source IDS offerings, there are multiple additional modules that can be used with the core functionality of IDS.

In addition to network intrusion-detection, the OSSEC client has the ability to perform file integrity monitoring and root kit detection with real-time alerts, all of which are centrally managed with the ability to create different policies, depending on a company's needs.

The OSSEC client runs locally on most operating systems, including Linux versions, Mac OSX and Windows.

It also offers commercial support via Trend Micro's Global Support Team. This is a very mature offering.

3.OpenWIPS-NG:

OpenWIPS-NG is a free wireless IDS/IPS that relies on a server, sensors and interfaces.

It runs on commodity hardware. Created by the author of Aircrack-NG, this system uses many of the functions and services already built into Aircrack-NG for scanning, detection and intrusion prevention.

OpenWIPS-NG is modular and allows an administrator to download plug-ins for additional features.

The documentation isn't as detailed as some systems', but it allows for companies to perform WIPS on a tight budget.

4.Suricata:

Out of all the IDS/IPS systems that are currently available, Suricata competes most directly with Snort.

This system has an architecture that is similar to Snort's, relies on signatures like Snort.

If Snort isn't an option in your organization, this is the closest free tool available to run on an enterprise network.

5.Bro IDS:

Bro IDS is similar to Security Onion in that it uses more than IDS rules to determine where attacks are coming from.

Bro IDS uses a combination of tools.

At one point it used Snort-based signatures converted into Bro signatures.

This is no longer the case, and it is now possible to write custom signatures for the Bro IDS.

This system is highly documented and has been around for over 15 years.

Python Programming ↓ 👆
Java Programming ↓ 👆
JAVA EasyExamNotes.com covered following topics in these notes.
JAVA Programs
Principles of Programming Languages ↓ 👆
Principles of Programming Languages
EasyExamNotes.com covered following topics in these notes.

Practicals:
Previous years solved papers:
A list of Video lectures References:
  1. Sebesta,”Concept of programming Language”, Pearson Edu 
  2. Louden, “Programming Languages: Principles & Practices” , Cengage Learning 
  3. Tucker, “Programming Languages: Principles and paradigms “, Tata McGraw –Hill. 
  4. E Horowitz, "Programming Languages", 2nd Edition, Addison Wesley

    Computer Organization and Architecture ↓ 👆

    Computer Organization and Architecture 

    EasyExamNotes.com covered following topics in these notes.

    1. Structure of desktop computers
    2. Logic gates
    3. Register organization
    4. Bus structure
    5. Addressing modes
    6. Register transfer language
    7. Direct mapping numericals
    8. Register in Assembly Language Programming
    9. Arrays in Assembly Language Programming

    References:

    1. William stalling ,“Computer Architecture and Organization” PHI
    2. Morris Mano , “Computer System Organization ”PHI

    Computer Network ↓ 👆
    Computer Network

    EasyExamNotes.com covered following topics in these notes.
    1. Data Link Layer
    2. Framing
    3. Byte count framing method
    4. Flag bytes with byte stuffing framing method
    5. Flag bits with bit stuffing framing method
    6. Physical layer coding violations framing method
    7. Error control in data link layer
    8. Stop and Wait scheme
    9. Sliding Window Protocol
    10. One bit sliding window protocol
    11. A protocol Using Go-Back-N
    12. Selective repeat protocol
    13. Application layer
    References:
    1. Andrew S. Tanenbaum, David J. Wetherall, “Computer Networks” Pearson Education.
    2. Douglas E Comer, “Internetworking with TCP/IP Principles, Protocols, And Architecture",Pearson Education
    3. KavehPahlavan, Prashant Krishnamurthy, “Networking Fundamentals”, Wiley Publication.
    4. Ying-Dar Lin, Ren-Hung Hwang, Fred Baker, “Computer Networks: An Open Source Approach”, McGraw Hill.