blob: e34479229f09f2d4fb10f97923d6fcd536a18ebb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
Snort is an open source network intrusion detection and prevention
system. It is capable of performing real-time traffic analysis,
alerting, blocking and packet logging on IP networks. It utilizes
a combination of protocol analysis and pattern matching in order to
detect a anomalies, misuse and attacks.
Snort uses a flexible rules language to describe activity that can
be considered malicious or anomalous as well as an analysis engine
that incorporates a modular plugin architecture. Snort is capable
of detecting and responding in real-time, sending alerts, performing
session sniping, logging packets, or dropping sessions/packets when
deployed in-line.
Snort has three primary functional modes. It can be used as a packet
sniffer like tcpdump(1), a packet logger (useful for network traffic
debugging, etc), or as a full blown network intrusion detection and
prevention system.
For more information about running Snort on Slackware, please see
README.SLACKWARE.
|
