What is Snort?

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide. With millions of downloads and approximately 300,000 registered users, Snort has become the de facto standard for IPS.

New to Snort?

  1. Requirements

    Before installing Snort you need to verify that you have a number of software packages installed. These are: Libpcap, PCRE, Libnet and Barnyard. Click the requirements button for more information on these packages.

  2. Downloads

    Once the platform is prepared, you need to download and install the Snort Engine. The Snort Engine can be downloaded as source code or binaries for popular operating systems. Click the downloads button for more information about the Snort Engine and how to download.

  3. Rules

    Snort requires a current ruleset to deliver the latest detection capabilities. Snort Rules are distributed separately from the engine. Click the rules button for more information on the rulesets available on Snort.org

  4. Docs

    Users have reams of documentation available, the official docs, a wide array of set-up guides and dozens of Snort books. Click the Docs button for more information on available documentation.

From our Blogs

Snort News

From the Forums

  • Snort on windows XP Box

    New topic "Snort on windows XP Box" is in forum "Support" with 7 replies.

    Posted on Sep 09, 2010

  • Snort and Sguil

    New topic "Snort and Sguil" is in forum "Snort Newbies" with 1 replies.

    Posted on Sep 09, 2010

  • Help with rules creation

    New topic "Help with rules creation" is in forum "Rules" with 1 replies.

    Posted on Sep 09, 2010