BENIDS is an experimental pcap-based NIDS for Linux. It uses its own XML rule file format which allows arbitrary, complex boolean matching conditions. BENIDS generates IDMEF alert messages and supports fragment and TCP stream reassembly.

This is experimental/educational software in a pre-alpha development phase. It is not yet suitable for general consumption/use. If you are looking for an IDS, I recommend snort.