Home page logo
/

Snort

This network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

While Snort itself is free and open source, parent company SourceFire offers their VRT-certified rules for $499 per sensor per year and a complementary product line of software and appliances with more enterprise-level features. Sourcefire also offers a free 30-day delayed feed. For downloads and more information, visit the Snort homepage.

Popularity #5, 2
Rating ★★★★★ (1)
Latest release 2.9.6.0
Jan. 23, 2014
(3 months ago)
Homepage/Download
Wikipedia
Outdated/incomplete?
★★★★★ 
 100%
★★★★ 
 0%
★★★ 
 0%
★★ 
 0%
★ 
 0%
Screenshot

Comments

no rating ZhouYi

hello everybody First i'm a Chinese my English is not good I have some questions with snort unified2 output my snort unified2 output files are empty! but if i don't use unified2 outpt, log files are not empty I want to use barnyard2 to put log files into DB because of the empty unified2 files now i can't do it please help me thanks

★★★★★ Christopher

Sourcefire does a great job maintaining this. I use it daily and it provides a great deal of insight as to what takes place on my network.

Your comment

Along with your rating, you can use the comment form to post a review, tutorial, tips and tricks, or anything else others will find useful. If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).

 
 
  (will not be shown, will not be spammed)
  (web site, Twitter, Facebook, etc.)
(At least 50 characters. No markup is allowed. URLs will be made into links.)
 Which does not belong: buffer overflow, format string, sql injection, flux capacitor, cross-site scripting (antispam)

Feed for updates.

Home

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]