Definition Snort
Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide.With millions of downloads and nearly 400,000 registered users, Snort has become the de facto standard for IPS.
According to Technopedia: Snort® is an open-source security software product that looks at network traffic in real time and logs packets to perform detailed analysis used to facilitate security and authentication efforts.
USES OF SNORT®
Snort
is useful for developers or others working on different types of system
troubleshooting.
The security tool has three different modes, as follows:
The security tool has three different modes, as follows:
- Packet sniffer
- Consistent logging of network traffic to facilitate debugging
- Active network intrusion handling system
Snort is
built to detect various types of hacking and uses a flexible rules language to
determine the types of network traffic that should be collected.
For Snort to work correctly, users must identify directories for use and perform calibrations to specify how the program should work in any of its three basic modes.
For Snort to work correctly, users must identify directories for use and perform calibrations to specify how the program should work in any of its three basic modes.
Posted
by: Michael A. Alabi
