Moloch is a full packet capture system and network forensics platform designed for large scale network traffic recording and indexing. It functions as a distributed packet indexer that stores raw data in PCAP format for deep packet analysis and security investigations. The system distinguishes itself through a decentralized architecture that distributes capture and viewing components across multiple nodes to handle high volumes of network traffic. It utilizes a web-based management interface for browsing network sessions and provides a programmable API for exporting captured traffic and metad
Deployment checklist for securely deploying Docker
ipsets dynamically updated with firehol's update-ipsets.sh script
The main features of firehol/blocklist-ipsets are: Network Security, Security Auditing.
Open-source alternatives to firehol/blocklist-ipsets include: aol/moloch — Moloch is a full packet capture system and network forensics platform designed for large scale network traffic… aoncyberlabs/docker-secure-deployment-guidelines — Deployment checklist for securely deploying Docker. arpitn30/nipper-ng — Automatically exported from code.google.com/p/nipper-ng. arthepsy/ssh-audit — SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc). austin-taylor/flare. 0x676e67/vproxy — A high-performance HTTP/HTTPS/SOCKS5 proxy server.