mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-16 19:50:19 +01:00
24a3a46036
Signed-off-by: Andrew Clemons <andrew.clemons@gmail.com> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org> |
||
|---|---|---|
| .. | ||
| doinst.sh | ||
| rc.snort | ||
| README | ||
| README.SLACKWARE | ||
| slack-desc | ||
| snort.info | ||
| snort.SlackBuild | ||
Snort is an open source network intrusion detection and prevention system. It is capable of performing real-time traffic analysis, alerting, blocking and packet logging on IP networks. It utilizes a combination of protocol analysis and pattern matching in order to detect a anomalies, misuse and attacks. Snort uses a flexible rules language to describe activity that can be considered malicious or anomalous as well as an analysis engine that incorporates a modular plugin architecture. Snort is capable of detecting and responding in real-time, sending alerts, performing session sniping, logging packets, or dropping sessions/packets when deployed in-line. Snort has three primary functional modes. It can be used as a packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection and prevention system. For more information about running Snort on Slackware, please see README.SLACKWARE.