|
|
|
|
What is
Snort?
SNORT® is an open source network intrusion prevention
and detection system utilizing a rule-driven language, which combines
the benefits of signature, protocol and anomaly based inspection
methods. With millions of downloads to date, Snort is the most widely
deployed intrusion detection and prevention technology worldwide and
has become the de facto standard for the industry.
|
|
|
|
We’re pleased to introduce our first beta release built on the new Snort 3.0 architecture. SnortSP is an open-source platform for running packet-based network security applications, including the Snort 2.8.2.1 detection engine. SnortSP introduces a new shell-based user interface, a multi-threaded execution module, native IPv6 support, performance improvements, and more.
Get more info on SnortSP here. |
| Snort Users Webcast Series |
Common Mistakes with Snort and How to Fix Them
In this latest Snort Users Webcast, Joel Esler, a Sourcefire security consultant and frequent contributor to the Snort community discusses fixes to some of the most common mistakes made when configuring and using Snort. Covers: Snort.conf file | Variables | Preprocessors | Rules | Barnyard and SnortUnified
View the webcast
Writing Effective Rules Part 1
In this Snort Users webcast, Matt Olney of the Sourcefire VRT discusses the VRT's methodology for writing effective Snort Rules and what you need to know about Snort to take on rule writing. Covers: Detection theory | Snort’s architecture | Rule options available in Snort
View the webcast | download the slides
|
| Document Spotlight |
 Sourcefire Vulnerability
Research Team (VRT) White Paper
White Paper covering the capabilities and
processes followed by the Sourcefire VRT in writing rules.
Get it here. |
|
|
|
|
|
|
