Intrusion detection system (IDS) have become a necessary addition to the security infrastructure of nearly every organization. Without them it is not possible such IDSes identify problems with security policies, document existing threats and deter individuals from violating security policies. Many IDPes can also respond to a detected threat by attempting to prevent it from succeeding.
Snort has long dominated this network intrusion and prevention field, but there are other vendors that offer similar functionality and are just as good at detection -- but at no cost.
1.Security Onion--Security Onion is an Ubuntu-based Linux distribution for network monitoring and intrusion detection.
2.OSSEC is an open source host intrusion-detection system (HIDS) that does more than detect intrusions.
3.OpenWIPS-NG is a free wireless IDS/IPS that relies on a server, sensors and interfaces
4.Suricata -- Out of all the IDS/IPS systems that are currently available, competes most directly with Snort.
5.Bro IDS is similar to Security Onion in that it uses more than IDS rules to determine where attacks are coming from.
The ability to combine standard network traffic data and machine-generated unstructured data gives network administrators a real-time view of network traffic. These tools save companies money and the embarrassment of network security breaches.
Network diagnostics toolsets have taken off. These tools analyze network and machine-generated data that seek entry into corporate networks from the internet and then produce actual and predictive reports on potentially dangerous malware-laden websites. The tools also report on internal network nodes and workstations that either have or are most likely to access these potentially toxic websites.