discuss: Snort on Red Hat Linux HOWTO?
Subject:
Fw: Re: Snort on Red Hat Linux HOWTO?
From:
Hans-JoachimPicht ####@####.####
Date:
18 Dec 2001 05:54:01 -0000
Message-Id: <200112180553.fBI5rMbb009402@Turing.picht.org>
On Tue, 18 Dec 2001 11:02:12 +0530
"Vivek Venugopalan" ####@####.#### wrote:
Hi Vivek,
> Pardon by ignorance but what exactly is snort? Also if you can include
> sections for other distributions also it would help. I run debian...
I'm also running Debian GNU/Linux :) Here is a description of snort as it is
included in the descripton of the debian package.
hans@Turing:~$ apt-cache show snort
Package: snort
[...]
Description: Flexible NIDS (Network Intrusion Detection System)
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules
based logging and can perform content searching/matching in addition
to being used to detect a variety of other attacks and probes, such
as buffer overflows, stealth port scans, CGI attacks, SMB probes, and
much more. Snort has a real-time alerting capability, with alerts being
sent to syslog, a separate "alert" file, or even to a Windows computer
via Samba.
With best regards
Hans
--
Hans-Joachim Picht, Consultant ####@####.####
Linux Consulting Europe http://www.lnxce.net
Vogelhecke 2 D - 35447 Reiskirchen Tel: +491751629201
Fax: +49640862649 Germany