Home page logo


This network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

While Snort itself is free and open source, parent company SourceFire offers their VRT-certified rules for $499 per sensor per year and a complementary product line of software and appliances with more enterprise-level features. Sourcefire also offers a free 30-day delayed feed. For downloads and more information, visit the Snort homepage.

Popularity #5, 2
Rating ★★★★★ (2)
Latest release
July 23, 2015
(6 years, 4 months ago)


★★★★★ Bhavik

Best IPS in the market right now. Better than other IPS/IDS in terms of preprocessor ability to process events.

★★★★★ Christopher

Sourcefire does a great job maintaining this. I use it daily and it provides a great deal of insight as to what takes place on my network.

Comments disabled

Feed for updates.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]