Software Index
Popular Trends
Trending Topics
Linux Software Security Tools  


download download home home   report broken
important software information
company name:
license: Freeware
minimum requirements: No special requirements.
functional limitations:
checkps description

Devialog is a behavior/anomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog.

Present log-based IDS:

Nearly all present log-based intrusion detection systems operate using a pre-defined known signature base, usually painstakingly created by hand. They can work well if the creator knows exactly all error and informational messages the software on a system(s) will write to syslog. Most overworked administrators wish there was an easier way to handle system logfiles in a sane, time-saving fashion. Present log-based intrusion detection systems have difficulty in detecting new attacks.

How devialog Differs:

devialog makes syslog parsing far less of a chore than it previously has been. It is functionally the inverse of standard log monitoring software. devialog, by default, reports on what is not know in its signature base, i.e. anomalous. This type of intrusion detection system is considered behavior-based, or anomaly detection. Reporting can be in the form of an email for each anomalous log, or an email for all the logs sent within a pre-defined time window. devialog can also execute commands, or simply write all anomalies to a file for periodical review.

Signature Creation:

For log-based anomaly detection to operate effectively, one must create an extremely large signature base. With an included utility, devialogsig, the signatures are created automatically. Future signature additions are ver simple, like a copy from the alert email.. syslog anomaly detection - devialog, a knowledge/anomaly/signature-based syslog intrusion detection system. Publisher of checkps, Author of checkps Devialog is a behavioranomaly-based syslog intrusion detection system which detectsattacks via anomalies in syslog. Present log-based IDS: Nearly all present log-based intrusion detection sy

Email - Software - System - Systems - Write - Intrusion - Signature - Detection - Present - Commands - Created - Syslog - Based - Behavior - Operate - Defined - Checkps - Publisher Of Checkps - Author Of Checkps 1 3 2 1 - Devialog - Anomaly - Anomalous - Anomalies
Similar software
CrossFTP Server (Popularity: ) : CrossFTP Server is a professional FTP Server for multiple platforms. It is a high-performance, extremely configurable, and most of all a secure FTP server. CrossFTP Server has an easy-to-use GUI for user to configure the server's behavior.. . Publisher of ...
Coinflip (Popularity: ) : Coinflip provides a cryptographically secure server/client program and protocol for choosing random bits.

Coinflip is a client/server based program that can generate random bits for 2 people over the internet. The 2 people don't have to trust each other in order ...

User reviews

Write a review:
1 2 3 4 5 6 7 8 9 10
1=poor 10=excellent
Write review*
Your name*
  (Comments are moderated, and will not appear on this site until the editor has approved them)

Rate me
supported os's
downloads 14
size in Kb 20
user rating 0/10
our rating 0 Stars
share info
Recommend checkps
Report spyware
New Software
Popular Software
Latest Reviews