Snort

This network intrusion detection and prevention system excels at traffic analysis and packet logging on IP networks. Through protocol analysis, content searching, and various pre-processors, Snort detects thousands of worms, vulnerability exploit attempts, port scans, and other suspicious behavior. Snort uses a flexible rule-based language to describe traffic that it should collect or pass, and a modular detection engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.

While Snort itself is free and open source, parent company SourceFire offers their VRT-certified rules for $499 per sensor per year and a complementary product line of software and appliances with more enterprise-level features. Sourcefire also offers a free 30-day delayed feed. For downloads and more information, visit the Snort homepage.

Popularity
#5, 2
Latest release
  • 2.9.7.5
  • July 23, 2015 (7 years ago)
Links
Rating
★★★★★ (2)
★★★★★
100% ★★★★
0% ★★★
0% ★★
0%
0%
Outdated/incomplete?

Screenshot

Comments

★★★★★ Bhavik

Best IPS in the market right now. Better than other IPS/IDS in terms of preprocessor ability to process events.

★★★★★ Christopher

Sourcefire does a great job maintaining this. I use it daily and it provides a great deal of insight as to what takes place on my network.

Comments disabled

Feed for updates.

Home