Captures and analyzes full sessions.
The Realeyes analysis engine is a C library of functions that maintain state information and analysis results about streams of data. Applications may be built on it to search for complex patterns and then output information about the data or even transform it. It has been tested on several Linux distributions but should run on any Unix system.
The first application that has been developed using the library is a network Intrusion Detection System (IDS). It reassembles sessions (including both halves of a TCP session) from live or captured network traffic and analyzes them for patterns.
The detected records are transferred to a database interface and inserted into a PostgreSQL database. The database also maintains configuration information which can be sent to the IDS hosts for dynamic reconfiguration. The database interface can communicate with one or more hosts.
The user interface is a Java application using the Standard Widget Toolkit from the Eclipse project, which has been tested on several Linux distributions and Microsoft Windows. It is used to administer the application as well as to analyze detected network traffic and create reports for supporting a secure environment.
All Realeyes technologies are licensed under GPLv3 and are originally developed on the GNU/Linux v2.6 operating system.
In a hurry? Add it to your Download Basket!
What's New in This Release:
- This release adds many new user interface features and corrects some installation and runtime errors. See the Release Notes (http://realeyes.sourceforge.net/release.html) for more detail.