Snort

Snort is a network-based intrusion detection and prevention system written in C. Snort sniffs network packets on the wire, analyzes packet contents against known attack signatures, and logs any suspicious activities and potential intrusion […]

 

Shorewall

Shorewall is an open-source Linux firewall configuration tool written in Perl. As a user-friendly command-line front-end for iptables/tc utilities, Shorewall stores firewall policies in high-level, easy-to-understand plain-text configuration files. The built-in Shorewall compiler then […]

 

Bro

Bro is an open-source network monitoring and intrusion detection system written in C++. Bro collects live packets via the libpcap interface, analyzes packet contents, generates events from the analysis, and performs various actions based […]

 

Tinc

Tinc is open-source VPN software written in C. Tinc allows users to create a server-less, full-mesh VPN topology, where every participating user communicates with each other directly over a VPN, which is more latency-efficient […]

 

fail2ban

fail2ban is a Python-based intrusion prevention software that can protect various services on Linux. It works by analyzing system and application log files (e.g., /var/log/auth.log, /var/log/apache/error_log) and taking actions if any abnormal activities are […]