Tool and Usage
|Latest release||188.8.131.52 |
Besides intrusion detection, Snort has the capabilities to prevent attacks. By taking a particular action based on traffic patterns, it can become an intrusion prevention system (IPS).
Snort 3.0 was introduced in 2014 and is the first multi-threaded version. The tooling being single-threaded was a downside compared with similar tools.
Usage and audience
Snort is commonly used for security monitoring. Target users for this tool are system administrators.
- Customization and additions are possible
- Extendable with custom tests and plugins
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Supported by a large company
- + Well-known tool
Supported operating systems
Snort is known to work on FreeBSD, Linux, macOS, and Microsoft Windows.
Similar tools to Snort:
Bro is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.
Network threat detection engine that acts as intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM)
Scirius is a web application to do Suricata ruleset management. There is both a community version as paid version available.
This tool page was updated at . Found an improvement? Help the community by submitting an update.