Forum Thread: IDS Written in Python

IDS Written in Python

Hello everyone , just finished writing an IDS with Standard User in python.
The program is written in python 3 and uses the Scapy v. 3.0.0 module.

What Is an IDS ?

IDS stands for Intrusion Detection System and they can work in many different ways to detect someone trying to 'Intruding' a system. There are two types of IDS's , host based and network based. This one is network based .

How Does It Work ?

Well IDS's detect an attack when it's happening in real time but they do not prevent the attacks , IDPS's do or IPS. Anyway , the way this one works is it captures packets crossing the network with scapy, then writes everything into a file call ALL.pcap , reads from ALL.pcap and writes a summary( to a file called ALLsum.txt after that the program opens a configuration file provided by user or a default file with each line having a protocol which looks a bit suspicious like SSH , SSL or whatever you put into the lines of the configuration file then match it with the protocol of each line of the ALLsum.txt and if it matches it will print out the possible threat and write it to a file called PossibleThreats.txt.This program will also run forever unless a count(-c) is not added , good thing is its in real time so whenever there is a packet crossing the network that matches a line , it will alert you.

Anyway thank you for reading , ill be posting as often as I can about what I know. Got some good projects in mind.

Here's the Link to the IDS:

You do not have to download the Default.txt it's just incase you dont provide a file it will look for that one , which contains mostly RA protocols.

5 Responses

just want to be clear and up front wirewise did all the work i just gave some ideas here and there. Way to go dude!

Thanks man.

Looks really Nice
I made similar thing but mine plots the ips on a world map if you want the code for it pm me

Thanks , yeah sounds good I'll let you know.

Share Your Thoughts

  • Hot
  • Active