Tool of the Day: Snort
Snort is a libpcap-based packet sniffer/logger which can be used as
a lightweight network intrusion detection system. It features rules
based logging and can perform content searching/matching in
addition to being used to detect a variety of other attacks and
probes, such as buffer overflows, stealth port scans, CGI attacks,
SMB probes, and much more. Snort has a real-time alerting
capability, with alerts being sent to syslog, a separate "alert" file, or
even to a Windows computer via Samba.
This package provides the plain-vanilla version of Snort and does
not provide database (available in snort-pgsql and snort-mysql)
support.
version: snort 2.9.2-3ubuntu1
size: 2.1 MB to download, 11.2 MB when installed
for more details: http://www.snort.org/
regards,
dhanasekar
