Jump to letter: [
ABCDEFGHIJKLMNOPQRSTUVWXYZ
]
snort: Intrusion detection system
| Name: | snort |
Vendor: | http://www.karan.org/ |
| Version: | 2.4.3 |
License: | GPL |
| Release: | 1.el4.kb |
URL: | http://www.snort.org |
- Summary
- Snort is a libpcap-based packet sniffer/logger which
can be used as a lightweight network intrusion detection system.
It features rules based logging and can perform protocol analysis,
content searching/matching and can be used to detect a variety of
attacks and probes, such as buffer overflows, stealth port scans,
CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
Snort has a real-time alerting capabilty, with alerts being sent to syslog,
a seperate "alert" file, or as a WinPopup message via Samba's smbclient
This version is compiled without database support. Edit the spec file
and rebuild the rpm to enable it.
Edit /etc/snort.conf to configure snort and use snort.d to start snort
This rpm is different from previous rpms and while it will not clobber
your current snortd file, you will need to modify it.
There are 9 different packages available
All of them require the base snort rpm. Additionally, you will need
to chose a binary to install.
/usr/sbin/snort should end up being a symlink to a binary in one of
the following configurations:
plain plain+flexresp
mysql mysql+flexresp
postgresql postgresql+flexresp
snmp snmp+flexresp
bloat mysql+postgresql+flexresp+snmp
Please see the documentation in /usr/share/doc/snort-2.4.3
Changelog
- * Thu Feb 16 22:00:00 2006 Dennis Gilmore <dennis{%}ausil{*}us> - 2.4.3-1
- Updated to 2.4.3
- * Tue Apr 1 23:00:00 2003 Phillip Compton <pcompton AT proteinmedia.com> 0:2.0.0-0.fdr.0.1.rc4
- Updated to 2.0.0rc4
- Fedorafied spec
- * Wed Sep 25 23:00:00 2002 Chris Green <cmg{%}sourcefire{*}com>
- updated to 1.9.0