Shoki free download, Shoki download on software download

Network intrusion detection system for your Mac Shoki is a free, open source network intrusion detection system for conducting traffic analysis.The fundamental design goals of shoki are:· Simplicity. The components of shoki are designed to be as straightforward (and therefore as easy to understand) as possible· Modularity. The functionalities provided by the various components of shoki are intended to be as decoupled from each other as practically possible NOTE: Shoki is licensed and distributed under the terms of the BSD License. Here are some key features of "Shoki": · Signature matching using libpcap-style filter expressions · Support for searches using POSIX extended regular expressions · Optional support for searches using Perl-compatible regular expressions · Dynamic rule-based signature generation · Correlation of data from multiple sources · Sending alerts to IM clients via the Jabber protocol · Visualisation of packet data via OpenGL · Anomaly scoring based on questionable math · Correlation of events to local assets (and known vulnerabilities) · Remote OS identification via passive fingerprinting · RFC 815-style fragment reassembly · Configurable scan detection · Configurable threshold-based signature detection · Analysis of entropy in IP packet fields Requirements: · libpcap · flex · zlib What's New in This Release: · lexer bugfix: Added pcap_close() before exiting · doctrine logic bugfix: fixed bug in doctrine verifier · doctrine logic tweak: added canonicalise_pcap() · search logic bugfix: fixed bug handling NULLs (0x00) in hex searches · TCP option handling bugfix: fixed bug in TCP option processing on sparc64 (and other platforms where unaligned access fails) · ac bugfix: fixed memory allocation error in ac(1) · feature add: added preliminary IDMEF output support · feature add: added test for dumpfile rewriting · scripting tweak: changed semantics in some scripts in handling lists of filenames

Shoki Related Software