Open Source Software Related to Deep Packet Inspection and Processing
39 views
Skip to first unread message
liusz
Oct 5, 2009, 11:47:11 AM10/5/09
to tcpip_cn
Open Source Software Related to Deep Packet Inspection and Processing
https://www.dpacket.org/group-posts/open-source-software-general-discussion/open-source-software-related-deep-packet-inspect
Open Source Software Related to Deep Packet Inspection and Processing
Posted November 29th, 2007 by Kyle dPacket Classification: Technology,
ApplicationsKeywords: packet capture, open source network monitoring,
Open Source, network monitoring, network analyzer, ips, intrusion
prevention, Intrusion Detection, ids, idp, flow probe, flow analyzer,
anti-virus
This is a list of open source software that may be of interest to the
dPacket.org community (http://www.dpacket.org). The list is maintained
by the Open Source Software General Discussion Group at dPacket.org.
Our intention is to continually update this list, and to modify its
contents and layout to best serve the community. Your feedback is
appreciated. This is obviously a work in progress (and just
starting). :) Please use my personal contact form for feedback. Would
you be interested to help to manage this group? If so, please let me
know.
Anti-virus
ClamAV
http://www.clamav.net
Bivio Networks
Bivio Networks has opened an Application Library (www.bivio.net/
products/al/ ) which provides government agencies, network service
providers, enterprises, and systems integrators deploying network
security, monitoring and analysis solutions access to open source
networking applications on the Bivio Networks 7000 DPI Application
Platform. Applications include: SNORT®, YAF, SiLK, Bro, Arpwatch,
nProbe, nTop, Squid, Barnyard, SANCP, and TCPdump,
www.bivio.net/products/al/
Flow-based Tools (Collection, Analysis, Probes)
Argus
http://www.qosient.com/argus/
Autonomous Metadata Producer (AKA: AMP, beFlow, Trickler)
http://www.nsa.gov/techtrans/techt00043.cfm
fprobe
http://fprobe.sourceforge.net
NAF
http://tools.netsa.cert.org/naf/
Nprobe, Ntop
http://www.ntop.org
RAVE
http://tools.netsa.cert.org/rave/
SiLK
http://tools.netsa.cert.org/silk/
YAF
http://tools.netsa.cert.org/yaf/
Intrusion Detection/Prevention
BotHunter
http://www.bothunter.com
Bro IDS
http://www.bro-ids.org/Overview.html
DiStack: A Framework for Distributed Anomoly-based Attack Detection
http://www.tm.uka.de/distack
Prelude Hybrid IDS Project
http://www.prelude-ids.org/
Shoki
http://shoki.sourceforge.net/
Snort IDS/IPS
http://www.snort.org
Packet Capture and Anaylsis
Daemonlogger
http://www.snort.org/users/roesch/Site/Daemonlogger/Daemonlogger.html
flex: The Fast Lexical Analyzer
http://flex.sourceforge.net/
Gulp: Lossless Gigabit Capture
http://staff.washington.edu/corey/gulp
Libpcap and Tcpdump
http://www.tcpdump.org/
M-Lab
http://www.measurementlab.net
NNSquad Network Measurement Agent
http://www.nnsquad.org/agent
Pcapdiff
http://www.eff.org/testyourisp/pcapdiff/
Time Machine: High Volume Traffic Recording
http://www.net.t-labs.tu-berlin.de/research/tm/
Tstat: TCP Statistic and Analysis Tool
http://www.tstat.polito.it
Wireshark (previously Ethereal)
http://www.wireshark.org
Testing Tools
Tcpreplay
http://tcpreplay.synfin.net/
Tomahawk
http://tomahawk.sourceforge.net/
https://www.dpacket.org/group-posts/open-source-software-general-discussion/open-source-software-related-deep-packet-inspect
Open Source Software Related to Deep Packet Inspection and Processing
Posted November 29th, 2007 by Kyle dPacket Classification: Technology,
ApplicationsKeywords: packet capture, open source network monitoring,
Open Source, network monitoring, network analyzer, ips, intrusion
prevention, Intrusion Detection, ids, idp, flow probe, flow analyzer,
anti-virus
This is a list of open source software that may be of interest to the
dPacket.org community (http://www.dpacket.org). The list is maintained
by the Open Source Software General Discussion Group at dPacket.org.
Our intention is to continually update this list, and to modify its
contents and layout to best serve the community. Your feedback is
appreciated. This is obviously a work in progress (and just
starting). :) Please use my personal contact form for feedback. Would
you be interested to help to manage this group? If so, please let me
know.
Anti-virus
ClamAV
http://www.clamav.net
Bivio Networks
Bivio Networks has opened an Application Library (www.bivio.net/
products/al/ ) which provides government agencies, network service
providers, enterprises, and systems integrators deploying network
security, monitoring and analysis solutions access to open source
networking applications on the Bivio Networks 7000 DPI Application
Platform. Applications include: SNORT®, YAF, SiLK, Bro, Arpwatch,
nProbe, nTop, Squid, Barnyard, SANCP, and TCPdump,
www.bivio.net/products/al/
Flow-based Tools (Collection, Analysis, Probes)
Argus
http://www.qosient.com/argus/
Autonomous Metadata Producer (AKA: AMP, beFlow, Trickler)
http://www.nsa.gov/techtrans/techt00043.cfm
fprobe
http://fprobe.sourceforge.net
NAF
http://tools.netsa.cert.org/naf/
Nprobe, Ntop
http://www.ntop.org
RAVE
http://tools.netsa.cert.org/rave/
SiLK
http://tools.netsa.cert.org/silk/
YAF
http://tools.netsa.cert.org/yaf/
Intrusion Detection/Prevention
BotHunter
http://www.bothunter.com
Bro IDS
http://www.bro-ids.org/Overview.html
DiStack: A Framework for Distributed Anomoly-based Attack Detection
http://www.tm.uka.de/distack
Prelude Hybrid IDS Project
http://www.prelude-ids.org/
Shoki
http://shoki.sourceforge.net/
Snort IDS/IPS
http://www.snort.org
Packet Capture and Anaylsis
Daemonlogger
http://www.snort.org/users/roesch/Site/Daemonlogger/Daemonlogger.html
flex: The Fast Lexical Analyzer
http://flex.sourceforge.net/
Gulp: Lossless Gigabit Capture
http://staff.washington.edu/corey/gulp
Libpcap and Tcpdump
http://www.tcpdump.org/
M-Lab
http://www.measurementlab.net
NNSquad Network Measurement Agent
http://www.nnsquad.org/agent
Pcapdiff
http://www.eff.org/testyourisp/pcapdiff/
Time Machine: High Volume Traffic Recording
http://www.net.t-labs.tu-berlin.de/research/tm/
Tstat: TCP Statistic and Analysis Tool
http://www.tstat.polito.it
Wireshark (previously Ethereal)
http://www.wireshark.org
Testing Tools
Tcpreplay
http://tcpreplay.synfin.net/
Tomahawk
http://tomahawk.sourceforge.net/
Reply all
Reply to author
Forward
0 new messages