/* features | requirements | platforms | download | contact */ |
Latest Stable Version: None
Latest Developers Version: 0.1.0
SIDEN is a distributed network discovery tool used for intrusion detection research purposes. The current SIDEN architecture allows you to simulate coordinated/distributed network probes by a group of attackers. Using it, you can simulate such probes against one target or many targets. The point of this is to generate the traffic caused by distributed network probes, so that we can analyze it in order to understand distributed network probes better. This will hopefully help us improve how Intrusion Detection Systems are written.
SIDEN uses a client/agent architecture. The client is called the "master". An agent represents an attacker. To use it, you have to install the master on one machine, and the agents on a few other machines. You can then tell the master that you want to scan a set of ports using agents A, B, and C. The master will then allocate ports to these agents, and command them to execute the scan. The agents perform the scans and return the results back to the master.
You can also view this project on Sourceforge.
Among SIDEN's features are as follows:
To install and run SIDEN, you need the following software:
master
|
agent
|
SIDEN has been tested successfully on the OpenBSD and FreeBSD platforms. If you try SIDEN and it works on any other platform, please contact me. Yes, it sounds interesting that I haven't even tested it out on the popular Linux platform. :-) There should be little reason why it won't work on other platforms (especially UNIX variants), since it's fully implemented in Perl.
Update: Tried the master on a Slackware 4.0 box running Linux 2.2.12 with Perl 5.005_03. Tried to get it to communicate with an agent on a FreeBSD 2.2.6 box with Perl 5.6. Results weren't good unforunately. Will try to hunt down the bug.
The current version of SIDEN is 0.1.0 (developers version). This is the first release ever, so expect bugs, problems, and unimplemented features. And, the fact that I'm writing SIDEN while learning Perl may contribute to even more problems! :) Comments and suggestions are okay, but flames can be sent to /dev/null.
Download the tarball here -
ftp://siden.sourceforge.net/pub/siden/siden-0.1.0.tar.gz
http://download.sourceforge.net/siden/siden-0.1.0.tar.gz
(MD5: b5f5da44d96230d8bf03326be0662dca)
SIDEN is developed by Lawrence Teo. I was previously researching on distributed
intrusion detection techniques for my Honours degree at the
School of Computer Science and Software
Engineering at Monash University in
Melbourne, Australia. I am now based in the Department of Software and Information
Systems at the University of North Carolina
at Charlotte.
You can contact me at
<l
Thanks to Sourceforge
for hosting SIDEN.