Snort
Home > Midmarket IT Security Definitions - Snort
SearchMidmarketSecurity.com Definitions (Powered by WhatIs.com)
EMAIL THIS
LOOK UP TECH TERMS Powered by: WhatIs.com
Search listings for thousands of IT terms:
Browse tech terms alphabetically:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

Snort

Show me everything on Detecting and preventing network intrusions

DEFINITION - Snort is an open source network intrusion detection system (NIDS) created by Martin Roesch. Snort is a packet sniffer that monitors network traffic in real time, scrutinizing each packet closely to detect a dangerous payload or suspicious anomalies.

Snort is based on libpcap (for library packet capture), a tool that is widely used in TCP/IP traffic sniffers and analyzers. Through protocol analysis and content searching and matching, Snort detects attack methods, including denial of service, buffer overflow, CGI attacks, stealth port scans, and SMB probes. When suspicious behavior is detected, Snort sends a real-time alert to syslog, a separate 'alerts' file, or to a pop-up window.

NSS Group, a European network security testing organization, tested Snort along with intrusion detection system (IDS) products from 15 major vendors including Cisco, Computer Associates, and Symantec. According to NSS, Snort, which was the sole open source freeware product tested, clearly out-performed the proprietary products.

Learn more about Detecting and preventing network intrusions
Quiz: Intrusion defense in the era of Windows Vista: A five-question multiple-choice quiz to test your understanding of the content presented by expert Peter H. Gregory in this lesson of SearchSecurity.com's Intrusion Defense School.
The keys to locking down Windows Vista User Account Control: Windows Vista's User Account Control feature can effectively lock down users' desktops. However, it's not exactly the perfect defense strategy.
How to create a bit-image copy of a live server: Part of your incident response plan should include the creation of a bit image copy of a live server. Free and open source tools are available to simplify this process.
Network-based integrity monitoring keeps website hacks in check: Network integrity monitoring software brings the concept of file-based integrity monitoring, required by regulations such as PCI-DSS, to a company's online presence.
Screencast: Samurai offers pen-testing nirvana: Peter Giannoulis demonstrates the Samurai Web Testing Framework, a free, live Linux distro pre-configured to function as a stand-alone Web pen-testing environment.

LAST UPDATED: 11 Mar 2009

Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com

More resources from around the web:
- Snort.org provides more information and downloads.
- SearchSecurity.com features a Snort Technical Guide with answers to FAQs.
- Mike Chapple explains the 'top-down' IPS sensor search.
- Mike Rothman explains 'Best practices for purchasing a network intrusion device.'
- David Jacobs discusses intrusion prevention management packages.





FILE EXTENSION AND FILE FORMAT LIST
File Extension and File Format List:
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #


RELATED CONTENT
The keys to locking down Windows Vista User Account Control
Windows Vista's User Account Control feature can effectively lock down users' desktops. However, it's not exactly the perfect defense strategy.
How to create a bit-image copy of a live server
Part of your incident response plan should include the creation of a bit image copy of a live server. Free and open source tools are available to...
Network-based integrity monitoring keeps website hacks in check
Network integrity monitoring software brings the concept of file-based integrity monitoring, required by regulations such as PCI-DSS, to a company's...

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
intrusion detection  (SearchMidmarketSecurity.com)
Intrusion detection (ID) is a type of security management system for computers and networks. An ID system gathers and analyzes information from...




About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts