Using SNORT for network intrusion detection and prevention

SNORT is an open source intrusion detection/prevention system that is capable of real-time traffic analysis and packet logging. Extremely popular, SNORT is the tool of choice for the open source community. While there are a number of other NIDS and NIPS out there, we will stick to SNORT for the purposes of this section.

SNORT is available from the https://www.snort.org/ website:

Using SNORT for network intrusion detection and prevention

It makes a lot of sense to go through the documentation available on the website as this information is updated on a fairly regular basis.

At the time of writing, SNORT is available in flavors that run on some Linux ...

Get Learning Network Forensics now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning Network Forensics by Samir Datt

Using SNORT for network intrusion detection and prevention

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly