News

TinyIDS Initial Public Announcement

Added by George Notaras over 4 years ago

I am very pleased to announce the general availability of TinyIDS. This is the first public announcement of the project.

What is TinyIDS

TinyIDS is a distributed Intrusion Detection System (IDS) for Unix systems.

It is based on the client/server architecture and has been developed with security in mind. The client, tinyids, collects information from the local system by running its collector backends. The collected information may include anything, from file contents to file metadata or even the output of system commands. The client passes all this data through a hashing algorithm and a unique checksum (hash) is calculated. This hash is then sent to one or more TinyIDS servers (tinyidsd), where it is compared with a hash that had been previously stored in the databases of those remote servers for this specific client. A response indicating the result of the hash comparison is finally sent back to the client. Management of the remotely stored hash is possible through the client's command line interface. Communication between the client and the server can be encrypted using RSA public key infrastructure (PKI).

TinyIDS is written in Python and is released as open-source software under the terms of the Apache License version 2.

Project Status

After a series of alpha releases, version 0.1.6 seems like a good starting point for testing and experimentation. TinyIDS is still in its infancy. At this point, it should be considered alpha software aimed solely for testing. Although it is fully functional, there are still many key features to be implemented and several bugs that need fixing.

Development

TinyIDS evolved at a rapid pace during the last two weeks. A huge amount of free time and effort was invested into the project. Although this was just the beginning, further development will occur at a much slower pace.

TinyIDS welcomes and highly appreciates contributions and collaboration. The project is currently a one-man show, but we hope this changes in the future. Currently, much effort and time is being invested in fixing several issues with CodeTRAX.org, the facility that hosts TinyIDS, and the services it provides in order to promote collaboration.

A follow-up announcement about this matter and the ways in which you can contribute to TinyIDS will be published in the next weeks.

Starting Points

This announcement is released in the public domain. Feel free to re-publish it.

George Notaras

(1-1/1)

Also available in: Atom