Although Snort is a great application for intrusion detection, it does have its shortcomings. The good news is that the Snort community is working very hard to address a number of important issues, and is already on target for a few of them.

Flexibility Breeds Complexity

Snort is designed to be as flexible, customizable, and extensible as possible. This requires that Snort not be a turnkey, out-of-the-box solution. You can't pop in a CD and have Windows Installer do all the work for you. It is necessary to learn Snort plus other supporting applications to make Snort function.

Snort is also quite difficult to install correctly. There are several components that must be working in unison for the IDS to run smoothly. Little start-to-finish ...

Get Intrusion Detection with Snort now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.