Passive Real-time Asset Detection System

Search Passive Real-time Asset Detection System on Amazon.

This page in a nutshell: Brief overview of the PRADS tool.

PRADS - (Passive Real-time Asset Detection System)

Initially released in May of 2009 and rewritten in C in June of 2010 for Linux BSD and released under GPL v2, PRADS extends and replaces previously released detection tools such as PADS, p0f and arpwatch. As the name implies, it is a passive listener on a network interface gathering and recording information of hosts and services ^[2]. This can then be tied into an intrusion detection or prevention system for positive action or event correlation. PRADS includes basic report and import tools.

Notable features of this tool are simple syntax for usage, a simple logging format to enable use of findings to map network hosts and services, and to configure events as appropriate. PRADS is built with the intent of a lightweight footprint for optimal use on busy networks, fingerprinting multiple protocols including IPv6 and techniques for client and service identification.

This tool became default in OSSIM with the 4.0 release, replacing previous utilities arpwatch, P0f and PADS.

Install

• Source code is available on GitHub ^[3]
• Available in many default distribution package management systems. BSD^[4] Ubuntu

• Application dependencies: adduser, init-system-helpers, libc6, libcap0.8 & libpcre3

Usage

Usage syntax is available in man pages^[5] https://screenshots.debian.net/package/prads

This article "Passive Real-time Asset Detection System" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Passive Real-time Asset Detection System. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.