Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

Snort 2.8.3.1 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News Snort 2.8.3.1 (Default branch)
# 1  
Old 01-07-2009
Snort 2.8.3.1 (Default branch)
Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rule based language to describe traffic that it should collect or pass, and a modular detection engine. Snort has a real-time alerting capability, with alert mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. License: GNU General Public License (GPL) Changes:
Many changes, fixes, and features have been engineered since then. Image

Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Cybersecurity

Snort HTTPS

Is it possible to rule out in alert all HTTPS traffic or rule out all the HTTPS trafic from the alerts on snort ? (3 Replies)
Discussion started by: drd0spt
3 Replies

2. Linux

snort port no

Hi, can anybody know snort port no in linux, (1 Reply)
Discussion started by: manoj.solaris
1 Replies

3. BSD

Snort on openbsd

Im trying to gather some info to set up snort on openbsd 3.2, has anyone out there managed to get it up and running ? My initial attempts seem to be quite below par (4 Replies)
Discussion started by: malcontent
4 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

sagan

SAGAN(8)						      System Manager's Manual							  SAGAN(8)

NAME

       sagan - Real-time System & Event Log Monitoring System

SYNOPSIS

       sagan [options]

DESCRIPTION

       This manual page documents briefly the sagan command.

       sagan  is  a  multi-threaded,  real  time system- and event-log monitoring system, but with a twist. Sagan uses a "Snort" like rule set for
       detecting malicious events happening on your network and/or computer systems.
       If Sagan detects a potentially bad event, that event can be stored to a Snort database (MySQL/PostgreSQL), send it to a SIEM tool like Pre-
       lude, or send an email.
       Sagan  is  meant to be used in a 'centralized' logging environment, but will work fine as part of a standalone Host IDS system for worksta-
       tions.

OPTIONS

       These programs follow the usual GNU command line syntax, with long options starting with  two  dashes  (`-').   A  summary  of  options	is
       included below.

       -h, --help
	      Show summary of options.

       -d, --debug
	      Enable debugging

       -D, --daemon
	      Make process a daemon (fork to the background)

       -U, --user
	      Run as user (defaults to 'sagan')

       -c, --chroot
	      Chroot to username 'sagan's home

       -f, --config
	      Sagan configuration file to load

       -p, --program
	      Run Sagan in syslog-ng's 'program' mode

AUTHOR

       sagan was written by Champ Clark III <champ@softwink.com>

       This manual page was written by Pierre Chifflier <pollux@debian.org>, for the Debian project (and may be used by others).

								 February 15, 2011							  SAGAN(8)