Jump to content

Snort (software)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Mt7 (talk | contribs) at 10:03, 11 October 2005. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Snort is a GPL-licensed open source network intrusion detection system. Originally it is written by Martin Roesch, nowadays owned and operated by Sourcefire. Check Point aquired Sourcefire in 2005. Commercial versions with integrated hardware and support services are sold by Sourcefire. Snort is capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. The system can be used for intrusion prevention purposes too. Snort can also be combined with other open source projects such as SnortSnarf, ACID, sguil, and the "Basic Analysis and Security Engine" (BASE) to provide a visual representation of intrusion data.

Stub icon

This software article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Snort_(software)&oldid=25267335"