SNORT

From GCA ACT
Jump to navigationJump to search

Description

Snort is the foremost Open Source Intrusion Prevention System (IPS) in the world. Snort IPS uses a series of rules that help define malicious network activity and uses those rules to find packets that match against them and generates alerts for users.

Snort can be deployed inline to stop these packets, as well. Snort has three primary uses: As a packet sniffer like tcpdump, as a packet logger — which is useful for network traffic debugging, or it can be used as a full-blown network intrusion prevention system. Snort can be downloaded and configured for personal and business use alike.

More Information

URL: https://www.snort.org/

Maintenance Status: Active

Last Updated Date: < 1 year

Formats Available: See website.

Social Media Links: ThreatWise TV Episode 9: Snort Trends (youtube.com)

Contact Information: Snort-users Info Page

License Information: Unknown