Suricata is an open-source intrusion detection and prevention system (IDS/IPS) developed by the Open Information Security Foundation (OISF). It features a modularized and multi-threaded architecture consisting of packet capture, decode, stream assembly, detection, and event/alert logging modules, flexibly deployed across multiple threads. Suricata comes with native support for hardware acceleration (e.g., CUDA GPU, PF_RING, Endace, Tilera) and in-line mode (NFQueue for Linux, ipfw for BSD). Other features include IPv6 support, automatic protocol detection, Lua scripting, TLS/SSL analysis, integration with other reporting tools such as Logstash.
Subscribe to Xmodulo List
Do you want to receive posts about Linux applications and software recommended by Xmodulo List? Enter your email address below, and we will deliver our recommendations straight to your email box, for free. Delivery powered by Google Feedburner.