Open Source IPS: Suricata

Suricata is a free and open source, mature, fast and robust network threat detection engine. The Suricata engine is capable of real time intrusion detection IDS, inline intrusion prevention IPS, network security monitoring NSM and offline pcap processing. Suricata inspects the network traffic usi...

Network-based DNS logging in Go: GoPassiveDNS

A network-capture based DNS logger, inspired by passivedns. It uses gopacket to deal with libpcap and packet processing. It outputs JSON logs. It is intended to deal with high volume query capture in environments with anywhewre from one to hundreds of DNS resolvers. Why not use PassiveDNS from...