SANS.org paper on NIDS says the following "performs an analysis for a passing traffic on the entire subnet. Works in a promiscuous mode, and matches the traffic that is passed on the subnets to the library of knows attacks"
Is there any public list of such known attacks ? Also, are there any reliable open source software in Linux that can do NIDS ?
