Snort - Network Intrusion Prevention and Detection System

  •        0

Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Snort can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

Snort has a real-time alerting capability as well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients. Snort has three primary uses: a straight packet sniffer like tcpdump, a packet logger (useful for network traffic debugging, etc), or a full-blown network intrusion prevention system.

http://snort.org/

Tags
Implementation
License
Platform

   




Related Projects

TCPDump - Network Packet Analyzer


TCPDump, a powerful command-line packet analyzer; and libpcap, a portable C/C++ library for network traffic capture. It prints out a description of the contents of packets on a network interface that match the boolean expression. The Packet Capture library provides a high level interface to packet capture systems. All packets on the network, even those destined for other hosts, are accessible through this mechanism.

Snort


Snort is a libpcap-based sniffer/logger which can be used as a network intrusion detection and prevention system. It uses a rule-based detection language as well as various other detection mechanisms and is highly extensible.

OpenVAS - Vulnerability Scanner and Manager


OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. It is designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

ClearOS - Linux based Operating System


ClearOS is a powerful network and gateway server designed for small organizations and distributed environments. The open source revolution in the software industry has made it possible to provide ClearOS at no cost. Among other features, antivirus, antispam, VPN and content filtering are built right into the software -- no need for expensive third party add-ons. With ClearOS, you can avoid costly vendor lock-in and proprietary formats; instead, you can embrace open standards and protocols.

Angry IP Scanner - Fast and Friendly Network Scanner


Angry IP Scanner (or simply ipscan) is an open-source and cross-platform network scanner designed to be fast and simple to use. It scans IP addresses and ports and it is widely used by network administrators.

Network Packet Capture Facility for Java


jpcap is a set of Java classes which provide an interface and system for network packet capture. A protocol library and tool for visualizing network traffic is included. jpcap utilizes libpcap, a widely deployed system library for packet capture.

Orionsniffer - A TCP/IP packet sniffer detects images from network


Orion Sniffer (or simply, 'Orion') is capable of sniffing GIF, JPEG and PNG images from unencrypted network traffic and saving these images to disk on the fly. Its filter recognizes specific data (eg: A GIF image) received from a Source (eg: TCP/IP packet), and an Output Handler 'does something' with the data (eg: write it to a file).

The libpcap project


libpcap is a system-independent interface for user-level packet capture. libpcap provides a portable framework for low-level network monitoring. Applications include network statistics collection, security monitoring, network debugging, etc.

Callflow Sequence Diagram Generator


The callflow sequence diagram generator is a collection of awk and shell scripts that will take a packet capture file that can be read by wireshark and produce a time sequence diagram. This is useful to view amp; debug SIP callflows or other network traffic

Netty - Event-driven Asynchronous Network Application Framework


Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. Netty is a NIO client server framework which enables quick and easy development of network applications such as protocol servers and clients. It greatly simplifies and streamlines network programming such as TCP and UDP socket server.








We have large collection of open source products. Follow the tags from Tag Cloud >>