10 lines
660 B
Plaintext
10 lines
660 B
Plaintext
Libnids is an implementation of an E-component of Network Intrusion Detection
|
|
System. It emulates the IP stack of Linux 2.0.x. Libnids offers IP
|
|
defragmentation, TCP stream assembly and TCP port scan detection. The most
|
|
valuable feature of libnids is reliability. A number of tests were conducted,
|
|
which proved that libnids predicts behaviour of protected Linux hosts as
|
|
closely as possible. Libnids is highly configurable in run-time and offers a
|
|
convenient interface. Currently it compiles on Linux, *BSD and Solaris.
|
|
Using libnids, one has got a convenient access to data carried by a TCP
|
|
stream, no matter how artfully obscured by an attacker.
|