| This lightweight network intrusion detection and prevention system
excels at traffic analysis and packet logging on IP networks. Through
protocol analysis, content searching, and various pre-processors, Snort
detects thousands of worms, vulnerability exploit attempts, port scans,
and other suspicious behavior. Snort uses a flexible rule-based
language to describe traffic that it should collect or pass, and a
modular detection engine. Also check out the free Basic Analysis and Security
Engine (BASE), a web interface for analyzing Snort alerts. Open
source Snort works fine for many individuals, small businesses, and
departments. Parent company SourceFire
offers a complimentary product line with more enterprise-level features
and real-time rule updates. They offer a free (with registration)
5-day-delayed rules feed, and you can also find many great free rules at
Bleeding Edge Snort.
|