maltrail
Suricata
Our great sponsors
| maltrail | Suricata | |
|---|---|---|
| 1 | 10 | |
| 4,521 | 2,520 | |
| - | 3.3% | |
| 10.0 | 9.9 | |
| 7 days ago | 2 days ago | |
| Python | C | |
| MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
maltrail
-
How do you run self-hosted software?
last docker discovery : maltrail (https://github.com/stamparm/maltrail , about to be moved from VM to docker)
Suricata
-
Best ways/sources to get hands-on experience at home?
Suricata
-
Home server setup
Active measures may include an intrusion detection system / intrusion prevention systems (IDS/IPS) such as open-source Suricata on the firewall, and installing file system integrity monitoring, such as the open-source Wazuh on the exposed server. These are combined in one open-source solution, Security Onion
- What are Attackers after on IoT Devices?
-
Zinc - A lightweight alternative to elasticsearch in Go
I'm really enjoying playing with Zinc. We've been playing with it in house here with Meer (https://github.com/quadrantsec/meer) and ingesting several gigs of Suricata (https://suricata.io) and Sagan (https://github.com/quadrantsec/sagan) logs.
-
Is it possible to use a linux device as a network-wide antivirus (scans network traffic and stops/cleans virus on the fly)? If so, how can I do this?
Maybe suricata is what you're looking for: https://suricata.io/
-
I GOT AN OFFER AS A SECURITY ANALYST BEFORE I CAN EVEN GET SECURITY+ CERTIFIED
Never heard of Wazuh and Suricata Suricata until today. I'm gonna have to play with those things when I get a chance.
-
Intrusion detection software?
WAZUH (fork of OSSEC would be my first choice when it comes to Linux based HIDS (host based), and Snort or Suricata if you are looking for NIDS (network based). As well as Lynis for ensuring the setup of the host is as you intended.
You may take a look at this: https://suricata.io/
-
Looking for a method of blocking TLS 1.0 client traffic at the PFSense firewall.
Suricata can detect TLS version; https://github.com/OISF/suricata/blob/master/src/detect-tls-version.c
-
UDM Pro without being the router / firewall
Suricata: https://suricata-ids.org/
What are some alternatives?
Wazuh - Wazuh - The Open Source Security Platform
Fail2Ban - Daemon to ban hosts that cause multiple authentication errors
pfSense - Main repository for pfSense
crowdsec - CrowdSec - the open-source and participative IPS able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global CTI database to protect the user network.
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Snort - Snort++
OSQuery - SQL powered operating system instrumentation, monitoring, and analytics.
docker-zeek - Run zeek with zeekctl in docker
rpi-appliance-monitor - Device to monitor appliances that vibrate, such as clothes dryers or garage door openers
hosts - 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
MalConfScan - Volatility plugin for extracts configuration data of known malware