
Ask HN: Known Attacks for Network Intrusion Detection System - thickice
SANS.org paper on NIDS says the following &quot;performs an analysis for a passing traffic on the entire subnet. Works in a promiscuous mode, and matches the traffic that is passed on the subnets to the library of knows attacks&quot;<p>Is there any public list of such known attacks ? Also, are there any reliable open source software in Linux that can do NIDS ?
======
jlgaddis
Snort:
[https://en.wikipedia.org/wiki/Snort_(software)](https://en.wikipedia.org/wiki/Snort_\(software\))

Bro:
[https://en.wikipedia.org/wiki/Bro_(software)](https://en.wikipedia.org/wiki/Bro_\(software\))

There are "signatures" just like with anti-virus software.

