Chapter 13. Introduction to Snort and Snort Rules

Introduction to Snort and Snort Rules

Snort is an open source free NIDS that was developed by Marty Roesch. It was initially written so that Marty could do traffic sniffing at his job and has grown to a full-featured NIDS. Along the way, Marty has attracted a vast following of admirers and coders who work collectively to enhance the code and issue new releases. In early 2002, Snort was downloaded from its home at www.snort.org over 10,000 times a week to protect government, corporate, home, and educational sites.

Snort is a signature-based NIDS that uses a combination of rules and preprocessors to analyze traffic. The rules offer a simple ...

Get Network Intrusion Detection, Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.