mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-16 19:50:19 +01:00
20 lines
973 B
Text
20 lines
973 B
Text
Snort is an open source network intrusion detection and prevention
|
|
system. It is capable of performing real-time traffic analysis,
|
|
alerting, blocking and packet logging on IP networks. It utilizes
|
|
a combination of protocol analysis and pattern matching in order to
|
|
detect a anomalies, misuse and attacks.
|
|
|
|
Snort uses a flexible rules language to describe activity that can
|
|
be considered malicious or anomalous as well as an analysis engine
|
|
that incorporates a modular plugin architecture. Snort is capable
|
|
of detecting and responding in real-time, sending alerts, performing
|
|
session sniping, logging packets, or dropping sessions/packets when
|
|
deployed in-line.
|
|
|
|
Snort has three primary functional modes. It can be used as a packet
|
|
sniffer like tcpdump(1), a packet logger (useful for network traffic
|
|
debugging, etc), or as a full blown network intrusion detection and
|
|
prevention system.
|
|
|
|
For more information about running Snort on Slackware, please see
|
|
README.SLACKWARE.
|