Monday, February 14, 2011

SNORT - The best intrusion detection software(IDS) - Download !!

Snort - open source IDS -

If you are in security, you might have heard of an Intrusion Detection system, which is a device or mechanism that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. There are a lot of professional IDS available for commercial use,but when it comes to being free as freedom (read:open source), Snort is my favorite.

Snort can be run in 4 modes:
  1. sniffer mode: snort will read the network traffic and print them to the screen.
  2. packet logger mode: snort will record the network traffic on a file
  3. IDS mode: network traffic matching security rules will be recorded (mode used in our tutorial)
  4. IPS mode: also known as snort-inline (IPS = Intrusion prevention system)