Snort

LSE toolsLSE toolsSnort (222)Snort (222)

Tool and Usage

Project details
LicenseGPLv2
Programming languageC
AuthorMarty Roesch
Latest release2.9.11.1 []

Project health

67
This score is calculated by different factors, like project age, last release date, etc.

Introduction

Besides intrusion detection, Snort has the capabilities to prevent attacks. By taking a particular action based on traffic patterns, it can become an intrusion prevention system (IPS).

Background information

Snort 3.0 was introduced in 2014 and is the first multi-threaded version. The tooling being single-threaded was a downside compared with similar tools.

Usage and audience

Snort is commonly used for security monitoring. Target users for this tool are system administrators.

Features

  • Customization and additions are possible
  • Extendable with custom tests and plugins

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + Supported by a large company
  • + Well-known tool

Author and Maintainers

Snort is under development by Marty Roesch and maintained by Cisco.

Installation

Supported operating systems

Snort is known to work on FreeBSD, Linux, macOS, and Microsoft Windows.

Snort alternatives

Similar tools to Snort:

100

Bro

Bro is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.

100

Suricata

Network threat detection engine that acts as intrusion detection (IDS), inline intrusion prevention (IPS), and network security monitoring (NSM)

85

Scirius

Scirius is a web application to do Suricata ruleset management. There is both a community version as paid version available.

All Snort alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a intrusion prevention system software and network intrusion detection tool.