Systrace enforces system call policies for applications by interactively constraining the application's access to the system (*bsd and Linux). Systrace is able to monitor daemons on remote machines and generate warnings at a central location.

Network-IDS that detects and stops DoS/DDoS attacks by using real-time Cisco NetFlow data.

An intrusion protection system in the form of a bash shell script that is designed to make the installation of Snort in inline mode on Fedora or Debian as easy as possible.

Firestorm is a high-performance GPL-licensed network intrusion detection system (NIDS). Features include being fully pluggable, easily configurable, and an extremely scalable signature engine.

fail2ban is a POSIX/Linux tool used to ban IP addresses that generate too many password failures. ssh, iptables, ipfwadm and ipfw are currently supported.

QuIDScor is an Open Source project demonstrating the value in correlating information between Intrusion Detection Systems (such as Snort) and vulnerability assessment and management platforms such as QualysGuard.

A single compilation of source, binaries, scripts and whitepapers on intrusion prevention systems. The aim is to quickly establish a working IPS within minutes.

A configurable web-base administration console written in PHP which can remotely manage, control, and monitor multiple Snort based Intrusion Detection System sensors.

Perl-based log analysis tool that summarizes network security events from any native snort database format.

Shadow is an intrusion-detection system from the Naval Surface Warfare Center, shows promise in detecting previously unknown attacks for which no known detection signatures exist.