Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

Snort 2.8.3.1 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News Snort 2.8.3.1 (Default branch)
# 1  
Old 01-07-2009
Snort 2.8.3.1 (Default branch)
Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rule based language to describe traffic that it should collect or pass, and a modular detection engine. Snort has a real-time alerting capability, with alert mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. License: GNU General Public License (GPL) Changes:
Many changes, fixes, and features have been engineered since then. Image

Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Cybersecurity

Snort HTTPS

Is it possible to rule out in alert all HTTPS traffic or rule out all the HTTPS trafic from the alerts on snort ? (3 Replies)
Discussion started by: drd0spt
3 Replies

2. Linux

snort port no

Hi, can anybody know snort port no in linux, (1 Reply)
Discussion started by: manoj.solaris
1 Replies

3. BSD

Snort on openbsd

Im trying to gather some info to set up snort on openbsd 3.2, has anyone out there managed to get it up and running ? My initial attempts seem to be quite below par (4 Replies)
Discussion started by: malcontent
4 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

suricata

SURICATA(8)						      System Manager's Manual						       SURICATA(8)

NAME

       suricata - Next Generation Intrusion Detection and Prevention Tool

SYNOPSIS

       suricata [options]

DESCRIPTION

       suricata is a network Intrusion Detection System (IDS). It is based on rules (and is fully compatible with snort rules) to detect a variety
       of attacks / probes by searching packet content.

       This new Engine supports Multi-Threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and  SMB),  Gzip  Decompression,
       Fast IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU cards.

       It supports acquiring packets through NFQUEUE, PCAP (live or offline) etc.

OPTIONS

       -c config_file
	      Use configuration file config_file

       -i interface
	      Sniff packets on interface.

       -r file
	      Read  the tcpdump-formatted file tcpdump-file.  This will cause Suricata to read and process the file fed to it.	This is useful for
	      offline analysis.

       -q queue_id
	      Sniff packets sent by the kernel through NFQUEUE. This allows running Suricata in inline mode (IPS) for packets captured by iptables
	      using the NFQUEUE target.

       -s signatures
	      Path to the signatures file.

       -l log_dir
	      Path to the default log directory.

       -D     Run as daemon

       --init-errors-fatal
	      Enable fatal failure on signature init error.

SEE ALSO

       tcpdump(1), pcap(3).

AUTHOR

       suricata was written by the Open Information Security Foundation.

       This manual page was written by Pierre Chifflier <pollux@debian.org>, for the Debian project (and may be used by others).

								   February 2010						       SURICATA(8)