Download Snort   Snort 2.9.7.3

Advertisement

Software Specifications


Snort Screenshot
  View more screenshots
Editor Rating
4.5
Version:
2.9.7.3
Size:
3.10 MB
License [?]:
Open Source
Price:
Not available
Last Updated:
Category:
Networking Software
Developer:
Sourcefire, Inc.
Operating System:
Unix Linux Windows 7 Windows Server 2008 Windows 8 Windows Server 2012
Additional Requirements:
Windows: WinPcap, Barnyard2, MySQL, Strawberry Perl, PHP; Linux: DAQ, dnet, g++, autotools or cmake, LuaJIT, pcap, pcre, zlib, pkgconfig.
Limitations
Not available

Snort Review

" An open-source network including wireless intrusion prevention and detection system (NIDS//NIPS) with traffic analyzer and packet logger. "

Snort is an open source network intrusion detection and prevention system (NIDS/NIPS). It is capable of performing real-time traffic analysis and packet logging on internet protocol (IP) networks.

It can also perform protocol analysis, content searching, content matching.

Snort can be used to detect a variety of attacks and probes including buffer overflows, stealth port scans, server message block (SMB) probes, common gateway interface (CGI) attacks, operating system fingerprinting attempts.

Prevent your personal and traffic data such as credit card number, visited websites, bank account numbers, username and password information from being captured by intruder while using a network including wireless or wi-fi networks.

Snort can be configured to run in three main modes:
  • Sniffer: Read network packets and display them for you in a continuous stream on the console
  • Packet Logger: Log packets to the disk for network traffic debugging
  • Network Intrusion Detection (NIDS): Detect network traffic and analyze it against a rule set defined by user

The Network Intrusion Detection mode is the most complex and configurable mode.

Snort is comprised of two major components:
  1. Snort Engine: a detection engine that utilizes a modular plug-in architecture
  2. Snort Rules: Flexible rule language to describe traffic to be collected

The Snort Engine is distributed both as source code and binaries for popular Linux distributions and Windows. It's important to note that the The Snort Engine and Snort Rules are distributed separately.

Snort 2.9 for Linux introduces the Date Acquisition (DAQ) library for packet I/O. DAQ replaces direct calls to libpcap functions with an abstraction layer that facilitates operation in a variety of hardware and software interfaces without requiring changes to Snort.

Snort Rules

Snort uses a simple, lightweight rules description language that is flexible and quite powerful. Rules are a different methodology for performing detection, which bring the advantage of 0-day detection to the table.

Unlike signature, rules are based on detecting the actual vulnerability, not an exploit or unique piece of data.

There are two sets of rules distributed. The Community Ruleset is free available to all users. The Snort Subscriber Rule Set will be made available to users in the following ways:
  • Subscribers will receive rulesets in real-time as they are released
  • Registered users will receive rulesets 30 days after subscribers
  • Unregistered users will receive access to the community ruleset

The rules are available for download on the download page.


Tags

Share

Top Related Downloads
1. Download Nsauditor Network Security Auditor Nsauditor Network Security Auditor
Scan and monitor network for possible vulnerabilities. Over 35 net tools in one.
2. Download LAN Search PRO LAN Search PRO
A powerful utility for fast file searching across your LAN.
3. Download LanBuster LanBuster
Lets you easily turn on or off filesharing from your computer.
4. Download Fomine NetSend Fomine NetSend
Send messages via SMB protocol.
5. Download SoftPerfect Network Protocol Analyzer SoftPerfect Network Protocol Analyzer
A network analyzer (sniffer). It analyzes the data passing through your network.