{"id":18223986,"url":"https://github.com/mrd33t/network_ids","last_synced_at":"2025-04-08T02:52:02.846Z","repository":{"id":260821912,"uuid":"882441551","full_name":"mrd33t/network_ids","owner":"mrd33t","description":"Network Intrusion Detection System (NIDS) implemented in Python. Monitors network traffic for potential security threats including port scans, ICMP floods, DNS amplification attacks, and ARP spoofing. Features configurable thresholds and detailed logging for enhanced network security analysis.","archived":false,"fork":false,"pushed_at":"2024-11-02T19:41:46.000Z","size":9,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-14T02:24:55.828Z","etag":null,"topics":["intrusion-detection","network-security","python","scapy"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mrd33t.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-02T19:34:16.000Z","updated_at":"2024-11-04T12:07:41.000Z","dependencies_parsed_at":"2024-11-02T20:24:38.473Z","dependency_job_id":"4ef50a28-55c6-471f-b45c-270c6a757f74","html_url":"https://github.com/mrd33t/network_ids","commit_stats":null,"previous_names":["mrd33t/network_ids"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrd33t%2Fnetwork_ids","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrd33t%2Fnetwork_ids/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrd33t%2Fnetwork_ids/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrd33t%2Fnetwork_ids/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mrd33t","download_url":"https://codeload.github.com/mrd33t/network_ids/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247767250,"owners_count":20992541,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["intrusion-detection","network-security","python","scapy"],"created_at":"2024-11-04T01:05:42.401Z","updated_at":"2025-04-08T02:52:02.819Z","avatar_url":"https://github.com/mrd33t.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Network Intrusion Detection System (NIDS)\n\nThis is a simple Network Intrusion Detection System (NIDS) implemented in Python using Scapy. It monitors network traffic and detects potential security threats such as port scans, ICMP floods, DNS amplification attacks, and ARP spoofing.\n\n## Features\n\n- TCP SYN flood detection\n- ICMP flood detection\n- DNS amplification attack detection\n- ARP spoofing detection\n- Configurable thresholds\n- Logging with rotation\n\n## Requirements\n\n- Python 3.6+\n- Root/Administrator privileges\n\n## Installation\n\n1. Clone this repository:\ngit clone https://github.com/mrd33t/network-ids.git\ncd network-ids\n2. Install the required packages:\nscapy==2.5.0\nnetifaces==0.11.0\n\n3. Choose the network interface you want to monitor when prompted.\n\n4. The script will start monitoring network traffic and log any suspicious activities.\n\n## Configuration\n\nYou can modify the `config.ini` file to adjust various settings:\n\n- `SYN_THRESHOLD`: Number of SYN packets from a single IP to trigger an alert\n- `ICMP_THRESHOLD`: Number of ICMP packets per minute to trigger an alert\n- `REPORT_INTERVAL`: Number of packets between status updates\n- `LOG_FILE`: Name of the log file\n- `MAX_LOG_SIZE`: Maximum size of the log file before rotation (in bytes)\n- `BACKUP_COUNT`: Number of backup log files to keep\n\n## Disclaimer\n\nThis tool is for educational and testing purposes only. Always obtain proper authorization before monitoring network traffic that doesn't belong to you.\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrd33t%2Fnetwork_ids","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmrd33t%2Fnetwork_ids","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrd33t%2Fnetwork_ids/lists"}