Libnids-1.19-for-win32 联合开发网

Pudn.com > 下载中心 > Windows编程 > Libnids-1.19-for-win32

Libnids-1.19-for-win32

所属分类：Windows编程
开发工具：Visual C++
文件大小：283KB
下载次数：411
上传日期：2006-12-14 13:19:02
上传者：yubai-eyou

说明： windows平台下的libnids,最新版本libnids 1.19 for win32,内有VC++工程.可以根据需要修改源码,也可以利用库文件方便地重组TCP等,进行协议还原,构造自己的网络入侵检测系统.
(windows platform under the libnids. libnids latest version 1.19 for win32, VC works there. may need to modify the source codes, it can also be used to facilitate the reorganization of documents such as TCP, conduct an agreement reduction, construction of network intrusion detection system.)

文件列表:

Libnids-1.19 (0, 2006-12-14)
Libnids-1.19\CHANGES (5085, 2004-09-16)
Libnids-1.19\config.guess (40240, 2004-09-16)
Libnids-1.19\config.sub (28496, 2004-09-16)
Libnids-1.19\configure (151089, 2004-09-16)
Libnids-1.19\configure.in (6257, 2004-09-16)
Libnids-1.19\COPYING (18321, 2004-09-16)
Libnids-1.19\CREDITS (4244, 2004-09-16)
Libnids-1.19\install-sh (5010, 2004-09-16)
Libnids-1.19\Makefile.in (447, 2004-09-16)
Libnids-1.19\MISC (3491, 2004-09-16)
Libnids-1.19\mkinstalldirs (681, 2004-09-16)
Libnids-1.19\doc (0, 2006-12-14)
Libnids-1.19\doc\API.html (25532, 2004-09-16)
Libnids-1.19\doc\API.txt (22251, 2004-09-16)
Libnids-1.19\doc\bugtraq_post (4679, 2004-09-16)
Libnids-1.19\doc\LINUX (1138, 2004-09-16)
Libnids-1.19\doc\NEW_LIBPCAP (205, 2004-09-16)
Libnids-1.19\doc\PATCH (889, 2004-09-16)
Libnids-1.19\doc\PERFORMANCE (2905, 2004-09-16)
Libnids-1.19\doc\TESTS (5495, 2004-09-16)
Libnids-1.19\samples (0, 2006-12-14)
Libnids-1.19\samples\Makefile.in (795, 2004-09-16)
Libnids-1.19\samples\nids_next.c (951, 2004-09-16)
Libnids-1.19\samples\overflows.c (6162, 2004-09-16)
Libnids-1.19\samples\printall.c (3809, 2004-09-16)
Libnids-1.19\samples\sniff.c (2444, 2004-09-16)
Libnids-1.19\src (0, 2006-12-14)
Libnids-1.19\src\allpromisc.c (933, 2004-09-16)
Libnids-1.19\src\checksum.c (6214, 2004-09-16)
Libnids-1.19\src\checksum.h (288, 2004-09-16)
Libnids-1.19\src\config.h.in (1111, 2004-09-16)
Libnids-1.19\src\hash.c (1694, 2004-09-16)
Libnids-1.19\src\hash.h (71, 2004-09-16)
Libnids-1.19\src\ip_fragment.c (19408, 2004-09-16)
Libnids-1.19\src\ip_fragment.h (364, 2004-09-16)
Libnids-1.19\src\ip_options.c (6642, 2004-09-16)
Libnids-1.19\src\killtcp.c (3323, 2004-09-16)
... ...

==================== libnids-1.19 ==================== 1. What is libnids ? ------------------------ Libnids is a library that provides a functionality of one of NIDS (Network Intrusion Detection System) components, namely E-component. It means that libnids code watches all local network traffic, cooks received datagrams a bit (quite a bit ;)), and provides convenient information on them to analyzing modules of NIDS. Libnids performs: a) assembly of TCP segments into TCP streams b) IP defragmentation c) TCP port scan detection More technical info can be found in MISC file. So, if you intend to develop a custom NIDS, you don't have to build low-level network code. If you decide to use libnids, you have got E-component ready - you can focus on implementing other parts of NIDS. 2. Why is libnids valuable ? ---------------------------- On January ***, Thomas H. Ptacek and Timothy N. Newsham published an excellent paper entitled "Eluding Network Intrusion Detection". It's a must-read for all security concerned people, available from http://www.robertgraham.com/mirror/Ptacek-Newsham-Evasion-***.html In this paper one can find description of variety of attack against NIDS. During libnids development a lot of effort was made to make libnids immune to these attacks. During tests libnids performed TCP assembly and IP defragmentation in exactly the same way as Linux 2.0.36 hosts (targets of test packets). For details, see file TESTS; here let's just mention two things: a) libnids passed all tests implemented in fragrouter by Dug Song (see http://www.anzen.com/research/nidsbench/ ). In fact, fragrouter's tests were fairly simple when compared with other, custom ones. b) libnids IP defragmenting module contains slightly modified Linux 2.0.36 kernel source files ip_fragment.c and ip_options.c. It means that libnids IP defragmentation is as reliable as one implemented in Linux 2.0.36. Libnids is easy to use and highly configurable - see API file for details. 3. On what platform does it run ? --------------------------------- Currently libnids will compile on Linux, Solaris, any *BSD. WIN32 port is available at http://www.datanerds.net/~mike/libnids.html 4. Who is allowed to use it ? ----------------------------- Libnids is licensed under GPL. See the file COPYING for details. 5. Contact info ? ----------------- The primary libnids site is http://libnids.sourceforge.net/ Please send bug reports, comments, or questions about this software to .

近期下载者：

相关文件：

评论：[我要评论] [举报此文件]

收藏者：