Snort

Snort is an opensource intrusion prevention system (IPS) and intrusion detection system (IDS).

Social links:
Platforms:
By:cisco
Visit product
screenshot of snort

Key features

Snort is an opensource intrusion prevention system (IPS) and intrusion detection system (IDS). It uses series of rule that help define malicious activities on network and use those defined rules to identify packets and alert to users. It can detect, prevent network attacks. It was created in 1998 and ever since it has become widely used.

Snort is considered as an alternative to closed source IPS solutions

  • Snort can detect intrusion on network.
  • Capable of analyzing network in real-time and detecting suspicious behavior.
  • Offers another modes NIPS which is capable of preventing or blocking network threats.
  • It provide signature based detection.
  • Users can write custom rules in flexible and easy to write rule language.
  • Snort can be integrated with other solution to create a more secure network setup.
  • It keep detailed logs of all network activities.

Use cases

  • Vulnerability scanning
  • Protocol analysis
  • Malware detection
  • Forensic ...and much more.

Useful Links

Source Code
Documentation
Download