Security Open Source Software Arrangement

The strata guard intrusion detection and defense software encapsulates the snort and provides a graphical interface.

Strata guard has high performance requirements on the dependent hardware, mainly to ensure sufficient network forwarding performance while detecting all network traffic. For the free version of strata guard, we can use the following hardware to customize a hardware platform for the intrusion detection and defense system:

Processor: AMD 4400 +
Memory: DDR2 667 2 GB
Hard Disk: SATA 80 GB
NIC: strata guard requires two NICs when working in standard mode and three NICs when working in Gateway mode. We recommend that you use intel
Pro/1000mt desktop Gigabit Nic.
Motherboard: choose to have multiple PCI-E interface, integrated sound card, graphics card, or even Gigabit Ethernet NIC motherboard, this can save us a lot of money and some unnecessary trouble.

Openvas Open Vulnerability Assessment System

Openvas is an Open Vulnerability Assessment system. It can also be said that it is a network scanner containing related tools. Its core component is a server that includes a set of Network Vulnerability Testing programs that can detect security issues in remote systems and applications.

You need an automatic test method and make sure that you are running the most appropriate latest test. Openvas includes a central server and a graphical front-end. This server allows users to run several different network vulnerability tests (written in the Nessus Attack Script Language), and openvas can be updated frequently. All codes of openvas comply with GPL specifications.

 

Ossim open-source security information management system

Ossim is an open-source security information management system (OS). It is a very popular and complete open-source security architecture system. By integrating open-source products, the OS provides a basic platform for security monitoring. The purpose is to provide a centralized and organized, A framework system that can better monitor and display data.

Based on the Debian encapsulation, ossim integrates many tools such as snort, Nessus, ntop, Nagios, and ossec. By using ossim, it is easy to build an intrusion detection system and intrusion defense system, security scanning system. You only need to focus on the specific settings of a tool, instead of spending a lot of energy on the interconnection configuration of various tools.

 

Modsecurity open-source Web Application Firewall

Modsecurity is an open-source engine for intrusion detection and prevention. It is mainly used for Web applications, so it can also be called waf ). It can be run as a module or a separate application of the Apache Web server. Modsecurity aims to enhance the security of web applications and protect Web applications from known and unknown attacks.

WAF system deployment can add an External Security Layer for web applications to detect or prevent attacks. Targeting a series of attacks, modsecurity provides powerful protection for web applications and monitors and analyzes HTTP traffic in real time. These attacks only have little or no impact on the system infrastructure.

 

W3af Web security audit tool

W3af is a Web application attack and check framework. This project has more than 130 plug-ins, including SQL injection, cross-site scripting (XSS), local and remote files. The goal of this project is to establish a framework to find and develop Web Application Security Vulnerabilities, which are easy to use and expand. The core code and plug-in of w3af are completely written in Python. There are more than 130 plug-ins in the project. These plug-ins can detect SQL injection, cross-site scripting, local and remote file inclusion, and other vulnerabilities.

 

Nagios is a monitoring system that monitors system running status and network information. Nagios can monitor specified local or remote hosts and services, and provide exception notifications.

Nagios can run on Linux/Unix platforms and provides an optional browser-based Web interface for system administrators to view network status, various system problems, and logs.