Suricata IDS/IPS/NSM stable packages
http://www.openinfosecfoundation.org/
http://suricata-ids.org/

Suricata IDS/IPS/NSM - Suricata is a high performance Intrusion Detection and Prevention System and Network Security Monitoring engine.

Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.

Full features list -
http://suricata-ids.org/features/all-features/

This Engine supports:

- Multi-Threading - provides for extremely fast and flexible operation on multicore systems.
- Multi Tenancy - Per vlan/Per interface
- Uses Rust for most protocol detection/parsing
- TLS/SSL certificate matching/logging/extraction
- IEEE 802.1ad (QinQ) and IEEE 802.1Q (VLAN) support
- All JSON output/logging capability
- IDS runmode
- IPS runmode
- IDPS runmode
- NSM runmode

Tunnel decoding:
- Teredo
- IP-IP
- IP6-IP4
- IP4-IP6
- GRE
- VXLAN
- Geneve

Protocol parsers:
Support for packet decoding of
IPv4, IPv6, TCP, UDP, SCTP, ICMPv4, ICMPv6, GRE
Ethernet, PPP, PPPoE, Raw, SLL, VLAN, QINQ, MPLS, ERSPAN, VXLAN, Geneve

App layer decoding of:
HTTP, HTTP/2, SSL, TLS, SMB, DCERPC, SMTP, FTP, SSH, DNS, Modbus, ENIP/CIP, DNP3, NFS, NTP, DHCP, TFTP, KRB5, IKEv2, SIP, SNMP, RDP, RFB, MQTT

- File Extraction HTTP/SMTP/FTP/NFS/SMB - over 4000 file types recognized and extracted from live traffic.
- File MD5/SHA1/SHA256 matching
- JA3/JA3S/HASSH
- Gzip Decompression
- Fast IP Matching
- Datasets matching
- Rustlang enabled protocol detection
- Lua scripting

User information

Launchpad Id:
oisf
Email:
Log in for email information.

Member since:
2012-01-10
Signed Ubuntu Code of Conduct:
Yes
OpenPGP keys:
0A9761D6107E87E3572C97ED181B0654F0A97561, CD510C59C19535868CFF0E6044AE3ED02C2851D6
SSH keys:
root@LTS-64-1
root@LTS-64-1
root@ubuntu32
root@ubuntu64LTS
Languages:
English
Time zone:
UTC (UTC+0000)
Karma:
1770 Karma help