Download Snort   Snort


Software Specifications

Snort Screenshot
  View more screenshots
Editor Rating
3.10 MB
License [?]:
Open Source
Not available
Last Updated:
Networking Software
Sourcefire, Inc.
Operating System:
Unix Linux Windows 7 Windows Server 2008 Windows 8 Windows Server 2012
Additional Requirements:
Windows: WinPcap, Barnyard2, MySQL, Strawberry Perl, PHP; Linux: DAQ, dnet, g++, autotools or cmake, LuaJIT, pcap, pcre, zlib, pkgconfig.
Not available

Snort Review

" An open-source network including wireless intrusion prevention and detection system (NIDS//NIPS) with traffic analyzer and packet logger. "

Snort is an open source network intrusion detection and prevention system (NIDS/NIPS). It is capable of performing real-time traffic analysis and packet logging on internet protocol (IP) networks.

It can also perform protocol analysis, content searching, content matching.

Snort can be used to detect a variety of attacks and probes including buffer overflows, stealth port scans, server message block (SMB) probes, common gateway interface (CGI) attacks, operating system fingerprinting attempts.

Prevent your personal and traffic data such as credit card number, visited websites, bank account numbers, username and password information from being captured by intruder while using a network including wireless or wi-fi networks.

Snort can be configured to run in three main modes:
  • Sniffer: Read network packets and display them for you in a continuous stream on the console
  • Packet Logger: Log packets to the disk for network traffic debugging
  • Network Intrusion Detection (NIDS): Detect network traffic and analyze it against a rule set defined by user

The Network Intrusion Detection mode is the most complex and configurable mode.

Snort is comprised of two major components:
  1. Snort Engine: a detection engine that utilizes a modular plug-in architecture
  2. Snort Rules: Flexible rule language to describe traffic to be collected

The Snort Engine is distributed both as source code and binaries for popular Linux distributions and Windows. It's important to note that the The Snort Engine and Snort Rules are distributed separately.

Snort 2.9 for Linux introduces the Date Acquisition (DAQ) library for packet I/O. DAQ replaces direct calls to libpcap functions with an abstraction layer that facilitates operation in a variety of hardware and software interfaces without requiring changes to Snort.

Snort Rules

Snort uses a simple, lightweight rules description language that is flexible and quite powerful. Rules are a different methodology for performing detection, which bring the advantage of 0-day detection to the table.

Unlike signature, rules are based on detecting the actual vulnerability, not an exploit or unique piece of data.

There are two sets of rules distributed. The Community Ruleset is free available to all users. The Snort Subscriber Rule Set will be made available to users in the following ways:
  • Subscribers will receive rulesets in real-time as they are released
  • Registered users will receive rulesets 30 days after subscribers
  • Unregistered users will receive access to the community ruleset

The rules are available for download on the download page.



Top Related Downloads
1. Download Snort Snort
An open-source network including wireless intrusion prevention and detection system (NIDS//NIPS) with traffic analyzer and packet logger.
2. Download Network Device Explorer Network Device Explorer
Manage network devices (routers, switches, modems, etc) remotely from your PC.
3. Download UltraSniff Network Sniffer UltraSniff Network Sniffer
A powerful promiscuous network sniffer and sockets sniffer.
4. Download File Search for LAN File Search for LAN
Search utility based on the fastest an high performance search engine.
5. Download HSMonitor HSMonitor
Gives you possibility to get full information about remote PCs.