Polyvaccine is a Polymorphic Detection Engine Polyvaccine is a detection software that enables protection to HTTP
or SIP servers from unknown binary attacks, such as polymorphic exploit
attacks, and DDoS at application layer.
Polyvaccine is supports the next platforms:
Linux x86_32(deprecated) x86_64
Freebsd x86_64 (beta)
Polyvaccine have the next main characteristics:
Don't need signature updates.
The main three task(detection, protection, filtering) could be placed distributed on several nodes
The architecture is fully distributed (using dbus as main orb).
The integration with other subsystems such as logger, firewalls and so on is easy just by using simple python scripts.
Don't have support for Sql-injection, just any type of binary attacks.
Don't try to replace the functions of a NIDS.
The management task are negligible.
Help :: http://code.google.com/p/polyvaccine/w/list
Download Here :: Polyvaccine-0.5.tar.gz
Source :: http://code.google.com/p/polyvaccine/
0 comments :
Post a Comment