|author||Niels Horn <email@example.com>||2010-09-20 19:23:25 -0400|
|committer||Robby Workman <firstname.lastname@example.org>||2010-09-21 22:09:42 -0500|
network/snort: Added (Intrusion Detection and Prevention System)
Signed-off-by: dsomero <email@example.com>
Diffstat (limited to 'network/snort/README')
1 files changed, 13 insertions, 0 deletions
diff --git a/network/snort/README b/network/snort/README
new file mode 100644
@@ -0,0 +1,13 @@
+Snort is an open source network intrusion detection and prevention system. It
+is capable of performing real-time traffic analysis, alerting, blocking and
+packet logging on IP networks. It utilizes a combination of protocol analysis
+and pattern matching in order to detect a anomalies, misuse and attacks.
+Snort uses a flexible rules language to describe activity that can be considered
+malicious or anomalous as well as an analysis engine that incorporates a modular
+plugin architecture. Snort is capable of detecting and responding in real-time,
+sending alerts, performing session sniping, logging packets, or dropping
+sessions/packets when deployed in-line.
+Snort has three primary functional modes. It can be used as a packet sniffer
+like tcpdump(1), a packet logger (useful for network traffic debugging, etc),
+or as a full blown network intrusion detection and prevention system.