Snort (software)

Snort (software)

Infobox Software
name = Snort



caption =
collapsible =
author =
developer = Sourcefire, Inc.
released =
latest release version = 2.8.3
latest release date = September 5, 2008
latest preview version =
latest preview date =
frequently updated =
programming language =
operating system = Cross-platform
platform =
size =
language =
status =
genre = Intrusion-detection system
Intrusion prevention system
license = GNU General Public License
website = [http://www.snort.org/ www.snort.org]

Snort is a free and open source Network Intrusion prevention system (NIPS) and network intrusion detection system (NIDS) capable of performing packet logging and real-time traffic analysis on IP networks. Snort was written by Martin Roesch and is now developed by Sourcefire, of which Roesch is the founder and CTO. Integrated enterprise versions with purpose built hardware and commercial support services are sold by Sourcefire.

Snort performs protocol analysis, content searching/matching, and is commonly used to actively block or passively detect a variety of attacks and probes, such as buffer overflows, stealth port scans, web application attacks, SMB probes, and OS fingerprinting attempts, amongst other features. The software is mostly used for intrusion prevention purposes, by dropping attacks as they are taking place. Snort can be combined with other software such as SnortSnarf, sguil, OSSIM, and the Basic Analysis and Security Engine (BASE) to provide a visual representation of intrusion data. With patches for the Snort source from Bleeding Edge Threats, support for packet stream antivirus scanning with ClamAV and network abnormality with SPADE in network layers 3 and 4 is possible with historical observation. ( These patches seem to be no longer maintained )

External links

* [http://www.snort.org/ Snort Web site]
* [http://www.sourcefire.com/ Sourcefire] - The company that owns and maintains Snort.
* [http://www.emergingthreats.net/ Emerging Threats] - Community maintained Snort rule sets.

Free user interfaces:
* [http://sguil.sourceforge.net Sguil] - An open source Tcl/Tk interface for network security monitoring
* [http://base.secureideas.net Basic Analysis and Security Engine] - An open source based Snort DB web analysis tool, replaces ACID.
*Network Security Toolkit - Automatic Snort configuration and Web-based management.

Commercial user interfaces:
* [http://www.sourcefire.com Sourcefire] - Enterprise intrusion prevention at speeds of up to 10Gigabit from the makers of Snort
* [http://www.activeworx.org IDS Policy Manager] - Snort Rules Management
* [http://www.appliedwatch.com Applied Watch Command Center] - Enterprise Security Management Suite for Snort
* [http://dragos.com/cerebus/ CEREBUS] - text user interface browser of unified Snort logs.
* [http://www.aanval.com/ Aanval] - Snort and Syslog analysis software (free version available)

Tools for use with Snort
* [http://code.google.com/p/snort-unified-perl/ SnortUnified perl modules] - Tools for easily processing Snort unified and unified2 log files
* [http://www.skynet-solutions.net/easyids EasyIDS] - Free customized CentOS install cd containing Snort, Barnyard, BASE, ntop, and more.


Wikimedia Foundation. 2010.

Игры ⚽ Поможем написать курсовую

Look at other dictionaries:

  • Snort — may refer to: * Snort (software), a package for intrusion detection * Snort, a map coloring game * Insufflation, the practice of inhaling (or exhaling) of substances into a body cavity * Snort, a common military name for a submarine snorkel * The …   Wikipedia

  • Snort — Entwickler Sourcefire Aktuelle Version 2.9.1 (23. August 2011) Betriebssystem Plattformunabhängig Kategorie Intrusion …   Deutsch Wikipedia

  • Snort — es un sniffer de paquetes y un detector de intrusos basado en red (se monitoriza todo un dominio de colisión). Es un software muy flexible que ofrece capacidades de almacenamiento de sus bitácoras tanto en archivos de texto como en bases de datos …   Wikipedia Español

  • SNORT — Saltar a navegación, búsqueda Snort es un sniffer de paquetes y un detector de intrusos basado en red (se monitoriza todo un dominio de colisión). Es un software muy flexible que ofrece capacidades de almacenamiento de sus bitácoras tanto en… …   Wikipedia Español

  • SNORT — es un sniffer de paquetes y un detector de intrusos. Es un software muy flexible que ofrece capacidades de almacenamiento de sus bitácoras tanto en archivos de texto como en bases de datos abiertas como lo es MySQL. Así mismo existen herramientas …   Enciclopedia Universal

  • Software Firewall — Eine (auch: ein) Personal Firewall oder Desktop Firewall (von englisch firewall Brandschutzwand, „Brandmauer“) ist eine Software, die den ein und ausgehenden Datenverkehr eines PCs auf dem Rechner selbst filtert. Sie wird zum Schutz des Computers …   Deutsch Wikipedia

  • Nessus (software) — For other uses, see Nessus (disambiguation). Nessus Developer(s) Tenable Network Security Stable release 4.4.1 / 1st March 2011[1] Operating system …   Wikipedia

  • Thresh (software) — Infobox Software caption = Main configuration menu name = Thresh developer = Matthew J. Deren Jr. latest release version = 1.5.0b latest release date = March 21, 2007 operating system = Cross platform genre = Security / IDS license = GNU General… …   Wikipedia

  • Free And Open Source Software Developers' European Meeting — Jimbo Wales durant le FOSDEM 2005 La FOSDEM (Free and Open Source Software Developers European Meeting : réunion européenne des développeurs de logiciels libres et open source) est un ensemble de conférences qui se déroulent annuellement… …   Wikipédia en Français

  • Free and open source software developers' european meeting — Jimbo Wales durant le FOSDEM 2005 La FOSDEM (Free and Open Source Software Developers European Meeting : réunion européenne des développeurs de logiciels libres et open source) est un ensemble de conférences qui se déroulent annuellement… …   Wikipédia en Français

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”