Prelude NIDS is the network-based sensor program part of the Prelude
Hybrid IDS suite. It provides network monitoring with fast pattern
matching (Boyer-Moore) to detect attacks against a network. It
includes advanced mechanisms such as a generic signature engine which
is able to understand any ruleset as long as there is a dedicated
parser, protocol and detection analysis plugins featuring Telnet, RPC,
HTTP, and FTP decoding and preprocessors for cross-platform
polymorphic shellcodes detection, ARP misuse detection, and scanning
detection. It supports IP fragmentation and TCP segmentation to track
connections and detect stateful events.
