Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

Snort 2.8.3.1 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News Snort 2.8.3.1 (Default branch)
# 1  
Old 01-07-2009
Snort 2.8.3.1 (Default branch)
Snort is a lightweight network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rule based language to describe traffic that it should collect or pass, and a modular detection engine. Snort has a real-time alerting capability, with alert mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. License: GNU General Public License (GPL) Changes:
Many changes, fixes, and features have been engineered since then. Image

Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Cybersecurity

Snort HTTPS

Is it possible to rule out in alert all HTTPS traffic or rule out all the HTTPS trafic from the alerts on snort ? (3 Replies)
Discussion started by: drd0spt
3 Replies

2. Linux

snort port no

Hi, can anybody know snort port no in linux, (1 Reply)
Discussion started by: manoj.solaris
1 Replies

3. BSD

Snort on openbsd

Im trying to gather some info to set up snort on openbsd 3.2, has anyone out there managed to get it up and running ? My initial attempts seem to be quite below par (4 Replies)
Discussion started by: malcontent
4 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

prads2snort

PRADS2SNORT(1)							    networking							    PRADS2SNORT(1)

NAME

       prads2snort - Snort autotuning of Frag3 and Stream5

SYNOPSIS

	  prads2snort -i /var/log/prads-asset.log -o /etc/snort/host_attributes.xml -d linux -v

DESCRIPTION

       PRADS is a Passive Real-time Asset Detection System.

       It  passively  listen to network traffic and gathers information on hosts and services it sees on the network. This information can be used
       to map your network, letting you know what services and hosts are alive/used, or can be used together with your favorite IDS/IPS setup  for
       "event to host/service" correlation.

       Gathering  info about your hosts in real-time, will also let you detect assets that are just connected to the network for a short period of
       time, where a active network scan (nmap etc.) would take long time, and not common to run continually, hence missing the asset.

       The initial goal of implementing PRADS, was to make the host_attribute_table.xml for Snort (automatically).

       PRADS2SNORT is the tool that does this!

OPTIONS

       -i,--infile <file>
	      file to feed prads2snort.pl

       -o,--outfile <file>
	      file to write host_attribute data to (host_attribute.xml)

       -d,--default <os>
	      set Default OS if unknown (linux,bsd,macos,windows)

       -v, --verbose
	      prints out OS, frag, stream and confidence of asset

       -h, --help
	      this help message

       --version
	      show prads2snort.pl version

PROBLEMS

       1. Better mapping of less used apps to their correct snort attributes or drop them.

SEE ALSO

       o PRADS <http://prads.projects.linpro.no/>

       o p0f <http://lcamtuf.coredump.cx/p0f.shtml>

       o PADS <http://passive.sourceforge.net/>

       o Snort <http://snort.org>

       o Sguil <http://sguil.net>

       o Hogger <http://code.google.com/p/hogger/>

BUGS

       Report bugs here:

       o http://github.com/gamelinux/prads/issues

       For general questions:

       o http://projects.linpro.no/mailman/listinfo/prads-devel

       o http://projects.linpro.no/mailman/listinfo/prads-users

AUTHOR

       edwardfjellskaal@gmail.com

COPYRIGHT

       GPL

0.2								    2010-06-21							    PRADS2SNORT(1)