|
Libnids is an implementation of an E-component of Network Intrusion
Detection System. It emulates the IP stack of Linux 2.0.x. Libnids
offers IP defragmentation, TCP stream assembly and TCP port scan
detection.
The most valuable feature of libnids is reliability. A number of
tests were conducted, which proved that libnids
predicts behaviour of protected Linux hosts as closely as possible.
Libnids is highly configurable in run-time and offers a convenient
interface. Currently it compiles on Linux glibc systems, *BSD, Solaris and WIN32!.
Using libnids, one has got a convinient access to data carried by a
TCP stream, no matter how artfully obscured by an attacker. You may
have a look at a sample application.
Libnids is designed by Rafal
Wojtczuk.
[ Original Site ]
| 
