The Kernel Intrusion Detection System-KIDS, is a Network IDS, where the main part, packets grab/string match, is running at kernelspace, with a hook of Netfilter Framework. The project is not ready for use, then incomplete pieces of code may be found.
This software is still in pre-alpha version (0.1b)! If you're a developer, please contribute!
It is written in POSIX C and can be compiled for any Linux, tested with kernel > 2.6
You may want to download a GNU tarball of the current snapshot.
You can read the KIDS Administrator Guide, but just in Portuguese.
You can too watch the demo movie: