Realeyes IDS: The open source IDS solution for you!

There are some impressive open source solutions coming out in the security industry. We had talked about the Bro Intrusion Detection System. Today, we are discussing about The Realeyes IDS.

The Realeyes IDS captures and analyzes full sessions from live traffic or pcap files. The graphical user interface displays both sides of the captured sessions to determine what occurred. The GUI also provides management of application users, sensors, and the database. It is based on the Realeyes analysis engine, a C library of functions that can be used to build applications for performing sophisticated analysis of large data streams.

Realeyes IDS Features:

Scalable: The Realeyes IDS may include multiple sensors, distributed over a wide geographical area, reporting to a central database, which may be accessed by analysts who are also geographically separated. However, it may also be installed on a single laptop for temporary, focused monitoring.
Standalone applications: The Realeyes IDS is not a web application and therefore does not require a web server. It does use the PostgreSQL database for storing definitions and intrusion data. All configuration, initialization, and management for the database is provided by the application. The IDS sensor and user interface are standalone applications that use SSL encryption to communicate with the database.
Enterprise support: When used in an enterprise environment, the Realeyes IDS provides the following levels of access to data:
- Administration
- Regular analyst
- Analyst with rule definition priveleges
- Analyst with read only access
Also, each sensor is defined with site and point of contact information, which may be easily displayed from the user interface.
Trends analysis: The Realeyes IDS provides the capability of saving actual intrusions to be analyzed for trends.
Statistics collection: The Realeyes IDS sensors accumulate statistics of session data. It is possible to designate specific hosts or ports for detailed statistics collection.
Reports: The Realeyes IDS provides built-in reports on all collected data, including:
- Open incidents
- Closed incidents
- Statistics
- Site and point of contact information
Data stream reassembly and analysis of TCP/UDP sessions.
Expanded rule definition capabilities.

Download the Realeyes IDS here.

Related External Links

September 17, 2009 -- Snort: The Open Source network Intrusion Prevention and Detection System
February 7, 2010 -- WinFail2Ban – Host based intusion detection/prevention system!
January 27, 2010 -- UPDATE: GreenSQL FW v1.2.2!
January 14, 2010 -- DecaffeinatID: A Multipurpose Application for Windows!
January 12, 2010 -- List of Windows Directory Monitoring Softwares!
October 25, 2009 -- AirSnare – wireless intrusion detection system
October 21, 2009 -- Update : GreenSQL-FW 1.1.0
October 2, 2009 -- Nebula – Generate Intrusion detection / prevention Signature
September 6, 2009 -- NetGrok – Visualize computer networks in real-time

Tagged as: analyse pcap, analyze pcap, intrusion detection system, Open source IDS, Open source Intrusion Detection System, Realeyes IDS

Black: @sanyal, I do not know why is it not downloading the version 0.8 for you! We have this link from SF which will...
sanyal: Hi, The download link goes to sourceforge.net 0.7 version. Needs to point to 0.8
hideaki: There’s also xt_pknock which seems to capable of much more.
stacksmasher: Any word on a quick tutorial for this tool?
ne01982: No, I had written the supplied OEM code, But the site says that is a wrong OEM code. Thanks for your time
ne01982: Hi, M8s, I´m affraid, this code doesnt work. Thanks anyway. Regards
rcarter: “You have submitted an unknown OEM Code or no code at all.”

Realeyes IDS: The open source IDS solution for you!

Realeyes IDS Features:

Related External Links

Related Posts

Twitter

Tag Cloud

Archives

Meta

Recently Updated Posts

Recently Updated Pages

Feed Count:

Site Search:

Categories

Recent Comments

Most Viewed Pages