The Open Source Intrusion Detection System https://www.snort.org/
Go to file
Automatic Build System fdf38c17d0 automatic version update by autodist [release 3.2.1.0-1mamba;Fri May 24 2024] 2024-05-24 12:16:13 +02:00
README.md update to 3.1.19.0 [release 3.1.19.0-1mamba;Wed Dec 29 2021] 2024-01-05 17:56:53 +01:00
snort-conf automatic version update by autodist [release 2.9.6.1-1mamba;Thu Apr 24 2014] 2024-01-05 17:56:52 +01:00
snort-createmysql automatic version update by autodist [release 2.9.6.1-1mamba;Thu Apr 24 2014] 2024-01-05 17:56:52 +01:00
snort-createmysql-archive automatic version update by autodist [release 2.9.6.1-1mamba;Thu Apr 24 2014] 2024-01-05 17:56:52 +01:00
snort-initscript automatic version update by autodist [release 2.9.6.1-1mamba;Thu Apr 24 2014] 2024-01-05 17:56:52 +01:00
snort-sysconfig automatic version update by autodist [release 2.9.6.1-1mamba;Thu Apr 24 2014] 2024-01-05 17:56:52 +01:00
snort.spec automatic version update by autodist [release 3.2.1.0-1mamba;Fri May 24 2024] 2024-05-24 12:16:13 +02:00
snortdb-extra.bz2 automatic version update by autodist [release 2.9.6.1-1mamba;Thu Apr 24 2014] 2024-01-05 17:56:52 +01:00

README.md

snort

Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient. Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system.