Prelude

Prelude is a Hybrid Intrusion Detection System, which means
it is able to perform both host-based and network-based
intrusion detection. 

Prelude is made of several different elements : 

* prelude-manager : the manager is the central logging point.
  It receives alerts from sensors and logs them using one or
  several plugins (the default logging being to a text file,
  but logging to a database is also possible - and recommended). 

* prelude-nids : the Prelude Network Intrusion Detection System
  is a sensor, that may be installed on the same machine as the
  manager or not, which watches network traffic and looks for
  familiar patterns. This is functionally equivalent to (Snort
  (http://www.snort.org). 

* prelude-lml : the Prelude Log Monitoring Lackey monitors local
  logfiles and sends alerts to the manager if something suspicious
  is found. It is also a sensor. 

* libprelude : this library provides a number of features to sensors,
  including communication with the manager. 

* prelude-php-frontend : this is a PHP frontend that can be used to
  access the Prelude data in a database backend. Obviously, you need
  to have configured prelude-manager with DB support to use this module.

The Prelude homepage is located at:

	http://prelude-ids.org/

Cryptographic checksums are provided by the developers here:

	http://prelude-ids.org/download/releases/MD5SUM

Cryptographic signatures and checksums may be provided by 
the developers at the URL(s) above.  Wiretapped recommends
that users check these before use of the software/information.