Open Channel Foundation
Not Logged In |  | 
Open Channel Foundation


Quick Application Search:


Spitfire
Get this title!
¤ 
Get Spitfire
¤ 
Monitor new releases


Basic information
¤ 
Spitfire Forum
¤ 
FAQ
¤ 
Contributors
¤ 
Documentation


Additional resources
¤ 
Architecture
¤ 
Development & Operational Software Requirements
¤ 
Sample Screens
¤ 
So Why is it Called Spitfire?


Foundation :: Networking Applications :: Spitfire

Spitfire

Intrusion Detection Workstation

Spitfire logo Moderators:
Joe Whalley
Total downloads from Open Channel to date: 1702
source code available SOURCE CODE AVAILABLE

Spitfire was developed as a prototype operator workstation for Network Intrusion Detection System Operators. Early users of commercial network intrusion monitoring systems encountered several problems in detecting and responding to computer network intrusions:
  • They could not keep pace with the high alarm volume created by multiple sensors.
  • There was no means to easily recognize known intruders or view historical data of past intrusion attempts.
  • Incident reporting required manual entry of intrusion detection data into a standalone database.
  • Use of multiple commercial products required additional user training and workstations, and alarm data was not integrated.
Spitfires serves as a replacement/ supplement to the Cisco Net Ranger and/or ISS Realsecure GUI, using an Oracle database in a multi-user client/server system. Spitfire is written using Sybase's Powerbuilder.

Spitfire was developed by working with the operators at several agencies, including the 609th Information Warfare Squadron, the Naval Security Group and the Army Land Information Warfare Activity. By incorporating ideas from the end users, the tool evolved to provide the capabilities needed in day to day, real time operation, as well as providing a robust historical database of intrusion activity that could be queried to detect trends and patterns. Customized data loaders provide real-time alarm notification and loading into the Oracle database. New sensors can be incorporated by modifying the database loader. Operators can independently configure their workstation, and all users can access the entire database of new and stored alarms.



Copyright 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 by the Mitre Corporation
ALL RIGHTS RESERVED
   More software from The Mitre Corporation


Open Channel Software runs entirely on Open Source Software. We return value to the Software community in the form of services and original software. Most of our content is currently available as source code, with the copyright owned by the original author, All Rights Reserved. Everything else is Copyright ©2000 - 2017 Open Channel Software.
SSL
SSL


View our privacy statement.
Contact webmaster at openchannelsoftware dot org with questions.