Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

Snort 2.8.3.1 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News Snort 2.8.3.1 (Default branch)
# 1  
Old 01-07-2009
Snort 2.8.3.1 (Default branch)
Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rule based language to describe traffic that it should collect or pass, and a modular detection engine. Snort has a real-time alerting capability, with alert mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. License: GNU General Public License (GPL) Changes:
Many changes, fixes, and features have been engineered since then. Image

Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Cybersecurity

Snort HTTPS

Is it possible to rule out in alert all HTTPS traffic or rule out all the HTTPS trafic from the alerts on snort ? (3 Replies)
Discussion started by: drd0spt
3 Replies

2. Linux

snort port no

Hi, can anybody know snort port no in linux, (1 Reply)
Discussion started by: manoj.solaris
1 Replies

3. BSD

Snort on openbsd

Im trying to gather some info to set up snort on openbsd 3.2, has anyone out there managed to get it up and running ? My initial attempts seem to be quite below par (4 Replies)
Discussion started by: malcontent
4 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

kismet

KISMET(1)                                                   BSD General Commands Manual                                                  KISMET(1)

NAME

     kismet -- Wireless sniffing and monitoring

SYNOPSIS

     kismet [server-options] [--] [client-options]

     kismet_server [-nqs] [-t title] [-f config-file] [-c capture-source] [-C enable-capture-sources] [-l log-types] [-d dump-type]
     [-m max-packets-per-file] [-g gpshost:port] [-p listen-port] [-a allowed-hosts] [-N server-name]

     kismet_client [-qr] [-f config-file] [-s serverhost:port] [-g gui-type] [-c display-columns]

DESCRIPTION

     Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.  Kismet will work with any wireless card which
     supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, and 802.11g traffic.

     Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hid-
     den networks, and inferring the presence of nonbeaconing networks via data traffic.
     kismet supports logging to the wtapfile packet format (readable by tcpdump and ethereal) and saves detected network informat as plaintext,
     CSV, and XML.  kismet is capable of using any GPS supported by gpsd and logs and plots network data.

     kismet is divided into three basic programs, kismet_server kismet_client and gpsmap

USAGE

     kismet handles automatically starting kismet_server and kismet_client.
     kismet is installed as suid-root by default.  It will drop privs to the user specified in kismet.conf immediately after binding and configur-
     ing the capture source.

KISMET_SERVER
     kismet_server captures, dissects, and logs packets and GPS data.  It is capable of running in `headless' mode with no display.  Multiple
     clients (on multiple computers) can be connected to a single server.

     -I    Set the initial channel for a channel source (source:channel)

     -x    Forcibly enable the channel hopper

     -X    Forcibly disable the channel hopper

     -t    Set the title used for the %t field of the logfile template (Default: Kismet)

     -n    Disable all logging

     -f    Use an alternate config file

     -c    Override capture source lines (type,interface,name).  Refer to kismet.conf(5) for more information. Multiple capture source options can
           be specified for multiple sources.  All sources provided here are automatically enabled unless an enable list is also supplied.

     -C    Comma-separated list to override what capture sources are enabled.

     -l    Override logging types, comma separated (dump, cisco, weak, csv, xml, gps)

     -m    Override maximum packets logged per file

     -q    Override sound option and run in quiet mode

     -g    Override GPS host:port

     -p    Override port to listen on for clients

     -a    Override list of client IPs or network/mask blocks (comma separated) allowed to connect

     -s    Run in silent mode (no console status information)

     -N    Override server name for this instance of Kismet

     -v    Print version

     -h    Help

KISMET_CLIENT
     kismet_client is a ncurses and panels interface which connects to the server and displays detected networks, statistics, network details,
     etc.

     -f    Use an alternate config file

     -u    Use an alternate UI config file

     -q    Override sound option and run in quiet mode

     -s    Override server host:port

     -r    Attempt to automatically restablish the connection if the server terminates

     -g    Override UI type (curses, panel)

     -c    Override list of columns to display (comma seperated)

     -v    Print version

     -h    Help

GPSMAP

     gpsmap reads GPS and Network XML datafiles and plots networks on downloaded maps or user-supplied images (such as satellite photos).

SEE ALSO

     kismet_drone(1), gpsmap(1), kismet.conf(5), kismet_ui.conf(5), kismet_drone.conf(5)

Kismet                                                             June 11, 2019                                                            Kismet