Questions about this topic? Sign up to ask in the talk tab.

Snort

From NetSec
Revision as of 05:28, 6 December 2010 by 127.0.0.1 (Talk)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Snort is a NIDS, or Network IDS. It uses the pcap library to read packets and is complete with its own traffic analysis engine as well as multiple preprocessing engines. It can be used to identify segmentation and fragmentation overwrite attacks as well as a myriad of attacks against hosts including buffer overflows and web exploitation.