'Snort' is one of the software to detect intrusion in the system, able to analyze real-time traffic, 'and logging ip, port able to analyze and detect all kinds of' attack 'from outside, such as buffer overflows, stealth port scans, CGI attacks, SMB probes , OS fingerprinting. snort by default it has the 3 most important things are:
(1) packet sniffer, like tcpdump, iptraf etc.
(2) packet logger, which is useful for packet traffic etc.
(3) NIDS, intrusion detection on the network.
If you want an IDS package that’s pretty, graphical and idiot-proof, Snort isn’t for you. But if you want something that’s surprisingly powerful and costs nothing, and you don’t mind spending a few hours figuring out how to write rules and chant the right incantations on a Linux command line, go and download Snort now.
|
|
0 komentar:
Post a Comment