Download Snort   Snort 2.9.7.3

Advertisement

Software Specifications


Snort Screenshot
  View more screenshots
Editor Rating
4.5
Version:
2.9.7.3
Size:
3.10 MB
License [?]:
Open Source
Price:
Not available
Last Updated:
Category:
Networking Software
Developer:
Sourcefire, Inc.
Operating System:
Unix Linux Windows 7 Windows Server 2008 Windows 8 Windows Server 2012
Additional Requirements:
Windows: WinPcap, Barnyard2, MySQL, Strawberry Perl, PHP; Linux: DAQ, dnet, g++, autotools or cmake, LuaJIT, pcap, pcre, zlib, pkgconfig.
Limitations
Not available

Snort Review

" An open-source network including wireless intrusion prevention and detection system (NIDS//NIPS) with traffic analyzer and packet logger. "

Snort is an open source network intrusion detection and prevention system (NIDS/NIPS). It is capable of performing real-time traffic analysis and packet logging on internet protocol (IP) networks.

It can also perform protocol analysis, content searching, content matching.

Snort can be used to detect a variety of attacks and probes including buffer overflows, stealth port scans, server message block (SMB) probes, common gateway interface (CGI) attacks, operating system fingerprinting attempts.

Prevent your personal and traffic data such as credit card number, visited websites, bank account numbers, username and password information from being captured by intruder while using a network including wireless or wi-fi networks.

Snort can be configured to run in three main modes:
  • Sniffer: Read network packets and display them for you in a continuous stream on the console
  • Packet Logger: Log packets to the disk for network traffic debugging
  • Network Intrusion Detection (NIDS): Detect network traffic and analyze it against a rule set defined by user

The Network Intrusion Detection mode is the most complex and configurable mode.

Snort is comprised of two major components:
  1. Snort Engine: a detection engine that utilizes a modular plug-in architecture
  2. Snort Rules: Flexible rule language to describe traffic to be collected

The Snort Engine is distributed both as source code and binaries for popular Linux distributions and Windows. It's important to note that the The Snort Engine and Snort Rules are distributed separately.

Snort 2.9 for Linux introduces the Date Acquisition (DAQ) library for packet I/O. DAQ replaces direct calls to libpcap functions with an abstraction layer that facilitates operation in a variety of hardware and software interfaces without requiring changes to Snort.

Snort Rules

Snort uses a simple, lightweight rules description language that is flexible and quite powerful. Rules are a different methodology for performing detection, which bring the advantage of 0-day detection to the table.

Unlike signature, rules are based on detecting the actual vulnerability, not an exploit or unique piece of data.

There are two sets of rules distributed. The Community Ruleset is free available to all users. The Snort Subscriber Rule Set will be made available to users in the following ways:
  • Subscribers will receive rulesets in real-time as they are released
  • Registered users will receive rulesets 30 days after subscribers
  • Unregistered users will receive access to the community ruleset

The rules are available for download on the download page.
Advertisement

Tags

Share

Sponsored Links

Top Related Downloads
1. Download GFI LANguard Network Security Scanner GFI LANguard Network Security Scanner
Audit network security with GFI's network scanning and patch management tool.
2. Download LanHelper LanHelper
Manage your network easily and no extra server program is required.
3. Download Remote Asset Tracker Remote Asset Tracker
Get total visibility of your network to reduce IT administration and costs!
4. Download Network Asset Tracker Network Asset Tracker
Allows you to make up a agent less network inventory.
5. Download SecureCentral ScanFi Free Edition SecureCentral ScanFi Free Edition
A web-based vulnerability assessment scanner.