Related Directory Categories
Sources
Help build the largest human-edited directory on the web.
Submit a site - Become an editor
Wikipedia. Licensed under the GNU Free Documentation License.
Are you an expert in this subject? Join the discussion and share your knowledge at Wikipedia.org.
Snort (software)
From Wikipedia, the free encyclopedia
| Snort | |
|---|---|
| Developer: | Sourcefire, Inc |
| Latest release: | 2.8.0 / September 25, 2007 |
| OS: | Cross-platform |
| Genre: | Security / IDS |
| License: | GNU General Public License |
| Website: | www.snort.org |
Snort is a free software / open source network intrusion detection and prevention system capable of performing packet logging and real-time traffic analysis on IP networks. Snort was written by Martin Roesch but is now owned and developed by Sourcefire, of which Roesch is the founder and CTO. Proprietary versions with integrated hardware and support services are sold by Sourcefire.
Snort can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, web application attacks, SMB probes, and OS fingerprinting attempts, amongst other features. The system can also be used for intrusion prevention purposes, by dropping attacks as they are taking place. Snort can be combined with other software such as SnortSnarf, sguil, OSSIM, and the Basic Analysis and Security Engine (BASE) to provide a visual representation of intrusion data. With patches for the snort source from Bleeding Edge Threats, support for packet stream antivirus scanning with ClamAV and network abnormality with SPADE, in the network layer 3 and 4, is possible with historical observation.
Sourcefire became public in 2006 after Check Point's attempt to acquire it in 2005 fell through as both companies mutually withdrew from the acquisition process.
Sourcefire recently purchased the ClamAV open source project.
- Snort Web site
- SOURCEfire - The company that owns and maintains Snort.
- The Bleeding Edge Threats - Community maintained Snort rulesets.
- Install Guide Snort + BASE CentOS 4.4 - Spanish Language
- Applied Watch Command Center - Enterprise Open Source Security Management Suite for Snort (Free Version, and a Pay version)
- Sguil - An open source Tcl/Tk interface for network security monitoring
- IDS Policy Manager - Snort Rules Management
- CEREBUS - ncurses command shell browser of unified snort logs.
- Basic Analysis and Security Engine - An open source based Snort DB web analysis tool, replaces ACID.