path: root/network/snort/README
diff options
author Niels Horn <>2010-09-20 19:23:25 -0400
committer Robby Workman <>2010-09-21 22:09:42 -0500
commit75f2ad568a76b131b75575e8054e098dd819a01d (patch)
treef44be5b83ab07e8f3a888e14645d19a1f50b3085 /network/snort/README
parent68992763c25422917ed066d030ff8d7fb640358b (diff)
network/snort: Added (Intrusion Detection and Prevention System)
Signed-off-by: dsomero <>
Diffstat (limited to 'network/snort/README')
1 files changed, 13 insertions, 0 deletions
diff --git a/network/snort/README b/network/snort/README
new file mode 100644
index 0000000000..249f906b22
--- /dev/null
+++ b/network/snort/README
@@ -0,0 +1,13 @@
+Snort is an open source network intrusion detection and prevention system. It
+is capable of performing real-time traffic analysis, alerting, blocking and
+packet logging on IP networks. It utilizes a combination of protocol analysis
+and pattern matching in order to detect a anomalies, misuse and attacks.
+Snort uses a flexible rules language to describe activity that can be considered
+malicious or anomalous as well as an analysis engine that incorporates a modular
+plugin architecture. Snort is capable of detecting and responding in real-time,
+sending alerts, performing session sniping, logging packets, or dropping
+sessions/packets when deployed in-line.
+Snort has three primary functional modes. It can be used as a packet sniffer
+like tcpdump(1), a packet logger (useful for network traffic debugging, etc),
+or as a full blown network intrusion detection and prevention system.