|
|
|
Description:
IDABench is a framework of Perl scripts that allows the analyst to query packet captures with a number of open source analysis tools. It's a complementary tool to IDS/IPS to quickly allow queries into captured packets to investigate alerts, incidents or research. IDABench is NOT intended to be an intrusion detection system, although it can be used as such. One of the primary design goals was to provide intrusion analysts easy access to the tools & utilities that they already are familiar with through a convenient web interface. CGI scripts are extended via simple plugins that pass packet data to (and output from) libpcap-based tools such as tcpdump, tethereal, ngrep, etc.
Read the Complete Paper You don't have permission to post replies. Please login or register. |
