If you're worrying about hacker intrusions, computer worms and Trojans, or want to improve your computer's network security, or would like to have a professional invasion monitoring system of your own. In cases like these, KeyFocus' KFSensor may be just what you need.

KFSensor is a highly configurable and professional Intrusion Detection System (IDS) for Windows. It's able to act as a honeypot to attract and detect attacks from hackers, Trojans and viruses by simulating vulnerable system services (FIP, POP3, HTTP, SMTP, ...) and Trojans. Also, it's very easy to use and provides real-time monitoring service and detailed safety inspection reports.

On the one hand, KFSensor is able to detect the vulnerabilities of local computer by simulating hacking and Trojan intrusion behaviors, then gives detailed security reports. On the other hand, its intrusion monitoring function can monitor local computers in real time. Once it appears that your computer has been hacked or intruded, this program will immediately issue a system alarm, and at the same time, it makes comprehensive analysis to the attacker or intruder and generates a detailed analysis report too.

Key Features

Feature Detail
Signature attack identification KFSensor's rule base signature engine can identify known attack patterns, which greatly helps in analyzing the nature of a event. Rules can be imported from external sources in Snort format giving access to a huge amount of security knowledge.
Detects Windows networking attacks
  • KFSensor contains the world's only Windows networking/ NetBIOS / SMB / CIFS emulation honeypot. This unique feature enables it to detect the nature of attacks on file shares and Windows administrative services, currently the most prevalent and damaging on the Internet.
  • Firewalls can detect port scans, but not the nature of an attack. NIDS can identify certain attacks but not without the risk of compromising security. Only KFSensor can provide the maximum information on an attack, without risk of compromise.
Extendable architecture The already comprehensive emulation and reporting features of KFSensor can be further extended by writing your own scripts and database queries.
No false positives Firewalls and network based IDS are often overwhelmed by the amount of network traffic and often generate false alarms by misinterpreting legitimate network traffic. KFSensor's honeypot model has no legitimate uses, so all connections to them are suspect.
Low overheads KFSensor lies dormant until attacked, consuming very little processor time or network resources. Sensors can be installed on users’ machines without affecting their normal use, eliminating the need for additional hardware.
Full coverage All TCP, UDP and ICMP traffic is monitored for all ports.
Remote Administration Protect different locations in the corporate network with multiple KFSensor installations and manage the process from one location. KFSensor Enterprise Edition provides remote configuration and real time concatenation of events from a single administrator machine using top of the range encryption and authentication.
Simplicity The concepts behind KFSensor are easy to understand. Its configuration and operation is straightforward, requiring minimal training and maintenance.
Advanced server simulation KFSensor emulates real servers, such as FTP, SMB, POP3, HTTP, Telnet, SMTP and SOCKS to improve deception and gain more valuable information on a hacker's motives.
Real time detection Attacks are detected, analyzed and reported immediately allowing response to an attack while still in progress.
Detects unknown threats Unlike other products KFSensor does not rely on signatures of known attacks and can therefore detect new or 0 day threats, such as new worms, viruses and elite hackers. KFSensor is just as effective at detecting internal threats.
Security in-depth KFSensor complements other types of security products, such as firewalls, anti-virus and network based IDS systems, to provide an additional layer of protection.
Designed for a corporate environment KFSensor's secure design and its ability to work both inside a LAN and in front of a firewall make it suitable for organizations that demand the highest security requirements.

Edition Statement

AppNee provides the KFSensor Professional Edition full setup and unlocked files for Windows 32-bit & 64-bit.

Installation Notes

  1. Download and install KFSensor and restart Windows
  2. Copy the unlocked file to installation directory and overwrite (like: D:\Program Files\KeyFocus\KFSensor\bin)
  3. Done

Download URLs

License Version Download Size
Professional Edition v4.11.4 3.67 MB
(Homepage)