Snort

Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system.Snort logs packets in either tcpdump(1) binary format or in Sno

Rating

3 votes

Favoured:

Listing Details

Vendor

Sourcefire

Website

Visit the Product Site

Pricing Model

Open Source

Modified

2016-09-19

Owner

Michele M Jordan

Add'l Info

Software

Created

2000-10-29

Recommend Report

Snort

Listing Details

Privacy Settings

Functional

Statistics

Marketing