diff options
Diffstat (limited to 'network/snort/README')
-rw-r--r-- | network/snort/README | 21 |
1 files changed, 11 insertions, 10 deletions
diff --git a/network/snort/README b/network/snort/README index 6beb0ff2e3..e34479229f 100644 --- a/network/snort/README +++ b/network/snort/README @@ -1,14 +1,15 @@ -Snort is an open source network intrusion detection and prevention system. -It is capable of performing real-time traffic analysis, alerting, blocking -and packet logging on IP networks. It utilizes a combination of protocol -analysis and pattern matching in order to detect a anomalies, misuse and -attacks. +Snort is an open source network intrusion detection and prevention +system. It is capable of performing real-time traffic analysis, +alerting, blocking and packet logging on IP networks. It utilizes +a combination of protocol analysis and pattern matching in order to +detect a anomalies, misuse and attacks. -Snort uses a flexible rules language to describe activity that can be -considered malicious or anomalous as well as an analysis engine that -incorporates a modular plugin architecture. Snort is capable of detecting -and responding in real-time, sending alerts, performing session sniping, -logging packets, or dropping sessions/packets when deployed in-line. +Snort uses a flexible rules language to describe activity that can +be considered malicious or anomalous as well as an analysis engine +that incorporates a modular plugin architecture. Snort is capable +of detecting and responding in real-time, sending alerts, performing +session sniping, logging packets, or dropping sessions/packets when +deployed in-line. Snort has three primary functional modes. It can be used as a packet sniffer like tcpdump(1), a packet logger (useful for network traffic |