First page Back Continue Last page Overview Graphics
Shadow
Turns tcpdump from packet-sniffer to basic NIDS
Collects tcpdump data in hourly files
Analyzes each hour’s data for anomalies
Formats anomalous data in HTML for browsing
Comes with scripts to assist in examining data
Intrusion detection system based on tcpdump
Unix-based
Freeware available from www.nswc.navy.mil/ISSEC/CID
Notes: