Please note that the content of this book primarily consists of articles
available from Wikipedia or other free sources online. Prelude is an
"agentless", universal, security information management (SIM) system,
released under the terms of the GNU General Public License. Prelude
collects, normalizes, sorts, aggregates, correlates and reports all
security-related events independently of the product brand or license
giving rise to such events by normalizing them to a single format called
the "Intrusion Detection Message Exchange Format" (RFC 4765). While a
malicious user (or software) may be able to evade the detection of a
single IDS (NIDS, HIDS, etc.), it becomes exponentially more difficult
to get around the defenses when there are multiple protection
mechanisms. Prelude comes with a large set of sensors, each of them
monitoring different kind of events. Prelude permits alert collection to
WAN scale, whether its scope covers a city, a country, a continent or
the world.
