| Resources |
| » |
News |
| |
Get the latest news about our favorite pig |
| » |
Documentation |
| |
Information on how to setup the pig |
| » |
Downloads |
| |
Get the pig, and all addons that make the pig easier to use |
| » |
Mailing lists |
| |
Discussions about snort. |
| » |
User Groups |
| |
Like minded pig lovers getting together to discuss snort. |
| » |
Rules |
| |
All the information about rules you could ever want. |
|
|
|
|
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system.
| What Platforms does snort run on? |
|
Snort should work any place libpcap does, and is known to have been compiled successfully on the following platforms:
| i386 |
Sparc |
M68k/PPC |
Alpha |
Other |
|
| X |
X |
X |
X |
X |
Linux |
| X |
X |
X
|
|
|
OpenBSD |
| X |
|
|
X |
|
FreeBSD |
| X |
|
X |
|
|
NetBSD |
| X |
X |
|
|
|
Solaris |
| |
X |
|
|
|
SunOS 4.1.X |
| |
|
|
|
X |
HP-UX |
| |
|
|
|
X |
AIX |
| |
|
|
|
X |
IRIX |
| |
|
|
X |
|
Tru64 |
| |
|
X |
|
|
MacOS X Server |
|
X |
|
|
|
|
Win32 - (Win9x/NT/2000) |
- The site was developed and maintained by Brian Caswell. The original design was by Jim Forster
- The site is built on OpenBSD using Apache, and lots of perl.
- The snort.org news is available via XML/RSS syndication. This XML/RSS news syndication can be used for sites like MyNetscape, Geek Portal, and Slashdot's Slashboxes.
|
|
