Tool and Usage
Besides intrusion detection, Snort has the capabilities to prevent attacks. By taking a particular action based on traffic patterns, it can become an intrusion prevention system (IPS).
Snort 3.0 was introduced in 2014 and is the first multi-threaded version. The tooling being single-threaded was a downside compared with similar tools.
Usage and audience
Snort is commonly used for security monitoring. Target users for this tool are system administrators.
- Customization and additions are possible
- Extendable with custom tests and plugins
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Supported by a large company
- + Well-known tool
Supported operating systems
Snort is known to work on FreeBSD, Linux, Microsoft Windows, and macOS.
Similar tools to Snort:
Network threat detection engine that acts as intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM)
Zeek is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.
Scirius is a web application to do Suricata ruleset management. There is both a community version as paid version available.
This tool page was updated at . Found an improvement? Help the community by submitting an update.