Snort

  • Mike O’Leary
Chapter

Abstract

Snort is an open source network intrusion detection system that can be installed on Linux and Windows. It functions by first normalizing traffic, then checking the traffic against sets of rules. There are community rules, registered rules, and commercial rules for Snort available from http://www.snort.org ; it is also possible to write custom rules. To avoid false positives, Snort needs to be tuned for its environment. Snort can raise alerts when specific traffic is seen on the network; it can also detect port scans, ARP spoofing, and sensitive data such as credit card numbers or social security numbers.

Keywords

Intrusion Detection System Configuration File Home Network Window System Full Path 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Copyright information

© Mike O'Leary 2015

Authors and Affiliations

  • Mike O’Leary
    • 1
  1. 1.Department of MathematicsTowson UniversityTowsonUS

Personalised recommendations