Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine.
Suricata implements a complete signature language to match on known threats, policy violations and malicious behaviour. Suricata will also detect many anomalies in the traffic it inspects.
Suricata will automatically detect protocols such as HTTP on any port and apply the proper detection and logging logic. Suricata can log HTTP requests, log and store TLS certificates, extract files from flows and store them to disk.
- http://suricata-ids.org/
- http://planet.suricata-ids.org/
- http://www.openinfosecfoundation.org/
- https://github.com/inliniac/suricata
- http://jasonish-suricata.readthedocs.org/en/latest/index.html