Friday, May 9, 2008

Starting to Realeyes

I just put up the new website and the latest downloads for the Realeyes project at SourceForge. The downloads can be found from the Downloads page, which also explains system requirements, etc.

Realeyes is a project to analyze large streams of data, and specifically, to build a network Intrusion Detection System. I have worked with computer networks for over 20 years, including 4 years of maintaining a TCP/IP stack for IBM mainframes, and 5 years of network security analysis and tool development. The security analysis team I worked with has a great reputation in certain government circles, but finds it ever more challenging to keep up with the exponential growth of nefarious activity.

The work I was doing was to integrate the security tools to improve analyst efficiency, but I came to believe that we really needed to start from scratch. Unfortunately, there was no money in the budget for that, so yet another FOSS project was born. The original project is named RenaissanceCore, and it was uploaded to SourceForge in Sept., 2005. We finally released downloads that sort of worked in July, 2007, and again in August.

In Sept., I started a pilot project at a local college, and over the past several months focused exclusively on that. This has resulted in tremendous improvements in reliability and performance, which justify new downloads. The original name was a compromise of a compromise that was hastily chosen. And since I have been flying solo on the development since Sept., I decided that this would be the right time to change the name. Which I did. And I created a website with (IMHO) interesting and useful information about the project.

The latest downloads have been tested as well I can test them with my limited resources. But they should install cleanly and the system should run reliably, with very acceptable performance even though it is still in Beta.

I will be discussing the project, interesting security related discoveries, coding, and probably several other things in this blog. But for now, you can go to SourceForge to Realeyes.

Later . . . Jim
Posted by Jim Sansing at 5:29 PM
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)