Snort (software)
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort can also be combined with other open source projects such as SnortSnarf, ACID, and Basic Analysis and Security Engine (BASE) to provide a visual representation of intrusion data.
External links
- Snort homepage (http://www.snort.org/)
- The Bleeding Edge of Snort (http://www.bleedingsnort.org/) - Community maintained Snort rulesets
- TurboSnortRules.org (http://www.turbosnortrules.org/) - Test the performance of your Snort rules
- Basic Analysis and Security Engine (http://secureideas.sourceforge.net) - The Web-based GUI frontend for Snort