ssldump
Suricata
Our great sponsors
ssldump | Suricata | |
---|---|---|
2 | 23 | |
226 | 4,058 | |
- | 6.0% | |
7.5 | 9.9 | |
6 days ago | about 8 hours ago | |
C | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssldump
-
Tracing HTTP Requests with Tcpflow
I recall seeing a thread somewhere saying tcpflow would not add this capability and they point people to ssldump [1][2] and even that has some limitations.
[1] - https://github.com/adulau/ssldump
[2] - https://linux.die.net/man/1/ssldump
- Ssldump v1.3 – Many bugs fixed including memory leaks and a new JSON export
Suricata
- Aho-Corasick Algorithm
-
Suricata VS zeek - a user suggested alternative
2 projects | 2 Jan 2024
-
Who does check linux distros of malware - open source
Linux has (free) tools to improve security and detect/remove malware: Lynis,Chkrootkit,Rkhunter,ClamAV,Vuls,LMD,radare2,Yara,ntopng,maltrail,Snort,Suricata...
-
Risks of hosting a website out of my house
Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the exposed server are also good approaches to protecting yourself.
-
SIEM or IDPS for Homelab on rPi 3b
You could try running Suricata
-
Detecting Hackers in the network
Check out https://suricata.io/
-
Where can I get hands on practice for cybersecurity as a beginner over internet for free?
Suricata: https://suricata.io/ IDS/IPS
-
Server Hardening
Active Measures - Includes (IDS/IPS) such as open-source Suricata or Snort on pfSense, and File Integrity Monitoring (FIM), such as the commercial Tripwire and dated, open-source Tripwire, or the open-source Wazuh installed on servers. These can be combined into a Security Information and Event Management (SIEM) system like the open-source solution, Security Onion. Wazuh itself has evolved into a SIEM.
-
Help with server build
Active measures may include an intrusion detection system / intrusion prevention systems (IDS/IPS) such as open-source Suricata on the firewall, and installing file system integrity monitoring, such as the open-source Wazuh on the exposed server. These are combined in one open-source solution, Security Onion
- Need Help - Network Monitor & Security
What are some alternatives?
ecapture - Capture SSL/TLS text content without a CA certificate using eBPF. This tool is compatible with Linux/Android x86_64/aarch64.
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
haproxy - HAProxy Load Balancer's development branch (mirror of git.haproxy.org)
Fail2Ban - Daemon to ban hosts that cause multiple authentication errors
lsquic - LiteSpeed QUIC and HTTP/3 Library
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
wolfssl - The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
SoftEther - Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.
pfSense - Main repository for pfSense
tls-scan - An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
maltrail - Malicious traffic detection system