slackbuilds_ponce/network/snort
Niels Horn 64e84ab974 network/snort: Updated for version 2.9.0.
Signed-off-by: Robby Workman <rworkman@slackbuilds.org>
2010-10-16 21:31:45 -05:00
..
doinst.sh network/snort: Updated for version 2.9.0. 2010-10-16 21:31:45 -05:00
rc.snort network/snort: Updated for version 2.9.0. 2010-10-16 21:31:45 -05:00
README network/snort: Updated for version 2.9.0. 2010-10-16 21:31:45 -05:00
README.SLACKWARE network/snort: Updated for version 2.9.0. 2010-10-16 21:31:45 -05:00
slack-desc network/snort: Added (Intrusion Detection and Prevention System) 2010-09-21 22:09:42 -05:00
snort.info network/snort: Updated for version 2.9.0. 2010-10-16 21:31:45 -05:00
snort.SlackBuild network/snort: Updated for version 2.9.0. 2010-10-16 21:31:45 -05:00

Snort is an open source network intrusion detection and prevention system.  It 
is capable of performing real-time traffic analysis, alerting, blocking and 
packet logging on IP networks.  It utilizes a combination of protocol analysis 
and pattern matching in order to detect a anomalies, misuse and attacks.  
Snort uses a flexible rules language to describe activity that can be considered
malicious or anomalous as well as an analysis engine that incorporates a modular
plugin architecture.  Snort is capable of detecting and responding in real-time,
sending alerts, performing session sniping, logging packets, or dropping 
sessions/packets when deployed in-line.

Snort has three primary functional modes.  It can be used as a packet sniffer 
like tcpdump(1), a packet logger (useful for network traffic debugging, etc), 
or as a full blown network intrusion detection and prevention system.

This requires libdnet and daq.