Leave a comment

Free software to detect and prevent network intrusions

Free software to detect and prevent network intrusions
Sarayut Thaneerat | Dreamstime.com

As some of the recent data breaches at big companies can tell you, hacks, phishing (being goaded into clicking a link that gives a hacker access to your computer), viruses and malware can be absolutely devastating to a computer system. Sensitive information can fall into the wrong hands because of those tricks.

That's why it's important to have Intrusion Detection Systems (IDS) and Intrusion Prevention System (IPS) software installed on your computer to stop these problems before they start.

IDS and IPS software is very important to businesses, which have access to private information about customers, but it's also important to have on personal computers as well. Your personal computer is full of information about you that, in the wrong hands after a hack or a phishing scam, could lead to identity theft, or other financial and personal harm. In addition, viruses and malware can just ruin your computer or computers, which are expensive machines to replace.

Thankfully, free IDS and IPS software exists, and can be downloaded right now. Below is a list of some of our favorite IDS and IPS software you can get at no cost, and can start using to defend your personal, and maybe even small business computer, immediately. Pick whichever sounds most useful to you, or see which one we particularly recommend at the very bottom of the article, and start downloading right away to protect your computer from viruses and malware.

Snort

Snort is a program that can go on any kind of computer, from Windows to macOS to Linux, and it's an open-source network IDS. It operates in three modes: sniffer, packet logger and network intrusion detection. Sniffer is good for anyone to use, while packet logger and network intrusion detection are great for more tech- and computer-savvy folks.

snort

In sniffer mode, Snort can do real-time traffic analysis, seeing what your computer is sending out and receiving on its network at the exact moment it's sent or received, and display what packets it finds on your screen. Based on its built-in protocol analysis tools, and its content search and matching abilities, Snort will let you know if anything it finds is unusual or suspicious, which is what makes it great for anyone to use. Snort has some idea of what could enter your computer that might be dangerous. It'll let you know about it without you having to search for it, or having to worry about it.

If you know a bit about computer security yourself, and you don't want to be bothered by Snort displaying things to you, you can use packet logger mode, in which Snort copies and logs the packets it finds in your network on your computer disk, allowing you to look at them another time, at your own pace and interest. You can also try network intrusion detection mode to target a particular kind of attack that concerns you.

Snort can detect attacks or probes if they start to occur on your IP network, noticing any attempts to "fingerprint" your operating system (finding what makes your computer and network unique, and therefore hackable), as well as buffer overflows (too much data overwriting computer memory in other areas, causing programs to behave erratically or crash), and CGI attacks (sending links that look like legitimate sites, but aren't, and asking for information from you). In network intrusion detection mode, you can tell Snort certain traits to watch out for in its analysis, and give it an action to perform when it detects these things, like alerting you, or closing the fake website right away.

Having existing since 1998, Snort one of the most popular IDS programs out there, and can even be considered the default IDS program for most systems. It's great, basic protection for those who know nothing about computers, and those that know a lot. Snort won't exactly take the reigns if something is wrong in your system, but at least you'll be alerted if you keep to sniffer mode, and you can find a local tech repair company to help you out.

If you know enough to tell Snort what actions to take following a problem, it's a fantastic security program for you -- and it's absolutely free! If Snort appeals to you, you can download it here.

Suricata

suricata

Did you like how Snort sounded? Then you'll really love Suricata, which features all of the real-time IDS capabilities of Snort, but adds on IPS features that take it a step beyond. Suricata looks for intrusions much the way Snort does, but with its own set of rules, allowing it to take its own actions and detect a wide variety of complex threats. On top of detecting threats, Suricata also defends computers and networks it's downloaded to, using an "Emerging Threats" rule set to not just flag and respond to issues when they're found, but to keep them from getting on a computer or system in the first place.

For Suricata, a good defense is the best offense, and the software keeps itself updated to deal with new computer security threats all the time. This is furthered by the software's support and utilization of Multi-Threading, Automatic Protocol Detection, Gzip Decompression, Fast IPMatching and hardware acceleration.

Suricata is available for Linux, macOS and Windows, and offers annual training events for developers who are interested in the software. The software is free, but these training events cost some money, so that might be frustrating depending on your business model or personal investment capabilities. But Suricata offers protection on top of detection, and operates without much user input at all.

If you're a person who doesn't know computers or tech well, Suricata might be the perfect security software for you. Download Suricata to your computer here.

Bro IDS

Bro IDS, or just Bro, is named after Big Brother from George Orwell's novel "1984," due to the fact that the program logs everything it sees in a high-level network activity archive. In other words, Bro IDS, like Big Brother, watches everything you and your computer do, and records it.

bro eyes

Typically, IDS programs have particular signatures and patterns they're looking out for when they analyze network traffic and packets. Not so with Bro IDS. Its constant recording of activity, which it can do independently, or in conjunction with another IDS program like Snort, allows Bro IDS to see what typically takes place in the computer from day to day, and detects anomalies from disruptions to those patterns. This allows Bro IDS to detect a great number of hack attempts and malware activities, as it's not relying on having a particular pattern on file to identify something. Plus, these archives can be accessed later and evaluated by developers and tech experts, if necessary.

Many academic institutions, research labs, supercomputing centers, and open-science communities use Bro IDS to preserve their network securities, demonstrating its effectiveness of use. For those that want a slightly different take on IDS programs, or that have a lot of information to preserve, as research centers do, Bro IDS is a great piece of software to have. For those new to IDS and computer security, Bro IDS won't disappoint you, you just may not appreciate the different experience you're getting, and therefore may find a learning curve in using it. At least it's a free program that'll do the job! You can download it for your computer and network here.

Prelude OSS

Prelude OSS finds it origins in Prelude SIEM, an IDS program that, much like the others on this list, can alert a user to intrusions and security threats in real time. On top of that, Prelude SIEM has multiple sensors to make it more difficult for hackers and malware to escape undetected, and Prelude provides multiple tools to do forensic evaluations and reporting on data to find weak signals and threats, as well as makes these tools easy to use so users can have plans for risk management.

prelude

Prelude OSS does everything Prelude SIEM can do, but it's an open source version, meaning it's free, and users can access its code and alter it as they need to, or as they see fit.

Prelude OSS was designed for small IT infrastructures, tests, and educational purposes with the Prelude SIEM program, so it's perfect for personal computers, which don't have a lot of network maintenance. However, if you're looking for cheap security software for a business, Prelude OSS works better with small networks, and non-critical uses. That's something to keep in mind if your business has a lot of computers working most of the day, or if computing is absolutely essential to your business.

Prelude OSS is fast and solid, and it's great for small-scale usage. It's designed mostly to help users understand Prelude SIEM though, so while it will defend your computer from intrusions of hackers and viruses, it has some pretty serious limits to its efficacy you don't want to test, especially if you have a lot of data to protect on a network. But if you have just one computer to secure, or a very small number of them, go ahead and download Prelude OSS; it'll do its job well, and make reporting easy. You can get it on its website here.

Malware Defender

malware defender

Malware Defender, as its name implies, defends your computer from all sorts of malware; viruses, worms, Trojans, adware, spyware, keyloggers, and rootkits among them. It's an IPS software, meaning it's designed to prevent malware from getting into your computer in the first place, rather than just detect it once it's present.

However, Malware Defender also has an advanced rootkit detector, which provides many useful tools for detecting and removing already installed malware. Once installed, Malware Defender can be given special parameters of use, including making it more difficult for children that use a computer to download applications from the internet, preventing them from accidentally downloading a virus or malicious application. Plus, if you're tech savvy, you can add rules of your own to Malware Defender to give it more parameters to stop the spread of malware on your computer, personal or otherwise.

Malware Defender's only downside is it's so focused on malware, it doesn't deal much with hackers or phishing scams. Sure, it can stop hackers from putting malware on your computer, and therefore prevent crashes and corruptions of files. And maybe you can add some rules to it that stop some hacker attempts from working. But that requires a lot of coding and tech knowledge that you may not have.

If your only concern for computer security is malware, Malware Defender is the program for you. If you want programs that will offer a few more defenses, check out other programs on this list. But for the malware-minded, you can download Malware Defender here.

The verdict

While all of these programs are great at defending computers and networks, and all are absolutely free, one does stand out from the crowd as being the best program for the most people.

That program is Suricata. Thanks to its self-defined rules, and the fact that it was designed to improve upon existing IDS and IPS software, Suricata works for people who don't know tech and coding very well, as well as those that do. Perhaps other programs on our list are more customizable, but Suricata is solid, reliable, and easy for almost anyone to use. Therefore, it's our pick as the best free computer security software to download.

However, again, any of these would be great options depending on your preferences. The important thing is that your computer is safe from intruders. So get Suricata, or any of the other software listed here, and make sure you, and your data, are protected from hackers and malware today.

You know Mealybug? Their malware operation has evolved, and that's bad news for us

You have probably heard of Mealybug, a hacking outfit that has been around since 2014 and done some pretty significant damage.

Learn more about it, and how to keep it from harming you here.

Next Story
A free way to snip, tag and save any web image
Previous Downloads

A free way to snip, tag and save any web image

Free download removes programs that slow down your PC
Next Downloads

Free download removes programs that slow down your PC

View Comments ()