This network intrusion detection and prevention system excels at traffic
analysis and packet logging on IP networks. Through protocol analysis,
content searching, and various pre-processors, Snort detects thousands
of worms, vulnerability exploit attempts, port scans, and other
suspicious behavior. Snort uses a flexible rule-based language to
describe traffic that it should collect or pass, and a modular detection
engine. Also check out the free Basic Analysis and Security Engine (BASE), a web interface for analyzing Snort alerts.
While Snort itself is free and open source, parent company SourceFire
offers their VRT-certified rules for $499 per sensor per year and a
complementary product line of software and appliances with more
enterprise-level features. Sourcefire also offers a free 30-day delayed
feed.
Snort® is an open source network intrusion prevention and
detection system (IDS/IPS) developed by Sourcefire.
Combining the benefits of signature, protocol, and anomaly-based
inspection, Snort is the most widely deployed IDS/IPS technology
worldwide. With millions of downloads and nearly 400,000 registered
users, Snort has become the de facto standard for IPS.
We strongly recommend that you keep pace with the latest production
release. Snort is evolving all the time and to stay current with latest
detection capabilities you should always have both your Snort engine
and ruleset up to date.
README
06 Aug, 2012
Source
Binaries
0 comments:
Post a Comment