Previous
Snort hit by vulnerability
News Snort, the open-source intrusion-detection software, is vulnerable to hackers, its developers revealed this week. Snort's popularity has grown as many businesses have been tempted away from expensive proprietary intrusion-detection systems.
[February 21, 2007, 10:50]
Snort fails to win approval
News The creator of Snort, the open-source network-based Intrusion Detection System (IDS), says the software is up for an overhaul. The next generation of Snort will include "passive discovery" features, Roesch said, which will automatically tweak the...
[May 24, 2004, 14:25]
Snort Cookbook: Miscellaneous Other Uses
White Papers The wondrous thing about Snort is that, because of its flexible modular structure, it is easy to make it do things that it wasn't designed to do. With some original thinking, it is possible to get Snort to do anything from checking up on the health...
[October 17, 2007, 1:00]
SIFT: Snort Intrusion Filter for TCP
White Papers In this paper, a Snort Intrusion Filter for TCP (SIFT) is presented that operates as a preprocessor to prevent benign traffic from being inspected by an intrusion monitor running Snort. Snort is a popular open-source rule-processing intrusion system.
[October 31, 2007, 0:00]
Introduction to Intrusion Detection With Snort
White Papers After a brief discussion of IDS, this paper focuses on a pattern-matching network-based IDS, Snort. As soon as someone discovers a new computer security vulnerability, hordes of crackers start knocking at the doors of computers worldwide to see if...
[November 1, 2006, 0:00]
Write your own custom Snort rules for tighter security
White Papers Snort is a favorite open source application in use in many IT departments because it offers an inexpensive and effective way to provide intrusion detection capability on a network segment. Now, with this sample hack from the O'Reilly book Network...
[May 18, 2006, 1:00]
Back Orifice problems lead to pain for Snort
News An exploit has been published that could take advantage of a flaw in Snort, a popular open source intrusion protection system, according to a security group. The exploit code, published on the Web by FrSirt on Tuesday, demonstrates how...
[October 27, 2005, 9:45]
Compiling PCRE to FPGA for Accelerating SNORT IDS
White Papers Deep Payload Inspection systems like SNORT and BRO utilize regular expression for their rules due to their high expressibility and compactness. The SNORT IDS system uses the PCRE Engine for regular expression matching on the payload.
[May 21, 2008, 1:01]
Analyzing Snort Data With the Basic Analysis and Security Engine (BASE)
White Papers When used with Snort, BASE reads both tcpdump binary log formats and Snort alert formats. This paper describes storing Snort alert output in a MySQL database and using the web front end BASE to analyze the data.
[November 1, 2006, 0:00]
Managing Badware and Policy Violation With Aanval and Bleeding Edge Threat Snort Rules
White Papers The focus this month will detail the effort to manage those risks on ones network using Aanval, an excellent Snort console from Remote Assessment, and Bleeding Threat Snort Rules designed to readily identify traffic of concern.
[May 21, 2008, 1:01]
Distinguishing False From True Alerts in Snort by Data Mining Patterns of Alerts
White Papers The Snort network intrusion detection system is well known for triggering large numbers of false alerts. This paper presents a clustering approach for handling Snort alerts more effectively. In addition, it usually only warns of a potential attack...
[May 21, 2008, 1:01]
The Snort Network Intrusion Detection System on the Intel IXP2400 Network Processor
White Papers This paper describes an implementation of the Snort Network Intrusion Detection System (Snort NIDS) on the Intel IXP2400 processor. The Intel IXP2400 network processor was selected to achieve line rates in excess of 2.5 gigabits per second for the...
[June 12, 2008, 1:01]
Snort Management System: Managing Multiple Snort Instances on Many Systems
White Papers The snort management system enables engineers to efficiently manage and deploy small and/or large production snort environments. This system employs the open-source WebJob framework and several other open-source technologies including: oinkmaster...
[May 21, 2008, 1:01]
Intrusion detection team denies Trojan claim
News The author of Snort, an open-source Intrusion Detection System (IDS), Martin Roesch, has dismissed as untrue claims the software was 'trojaned' by attackers. Roesch, who is also the chief technology officer of US-based IDS company Sourcefire, moved...
[September 22, 2003, 10:05]
Design Alternatives for a High-Performance Self-Securing Ethernet Network Interface
White Papers This paper presents and evaluates a strategy for integrating the Snort network intrusion detection system into a high-performance programmable Ethernet Network Interface Card (NIC), considering the impact of several possible hardware and software...
[July 4, 2008, 1:00]
HenWen
Downloads HenWen is a network security package for Mac OS X that makes it easy to configure and run Snort, a free Network Intrusion Detection System (NIDS). Features: Drag and drop installation (no installer or uninstaller necessary) Includes a precompiled...
[June 20, 2005, 8:00]
Real-Time Multistage Attack Awareness Through Enhanced Intrusion Alert Clustering
White Papers Snort is the most widely deployed intrusion detection sensor. For many networks and their system administrators, the alerts generated by Snort are the primary indicators of network misuse and attacker activity.
[April 11, 2008, 1:02]
Applying Fast String Matching to Intrusion Detection
White Papers This paper studies how the popular intrusion detection system Snort can be best optimized to utilize different string matching algorithms. The paper analyzes the performance of Snort's current string matching algorithm, Boyer-Moore, and several...
[May 21, 2008, 1:01]
Open source security push gets $20m
News Sourcefire is best known for its popular Snort open source IPS product. Snort encountered security problems in October, with exploit code being published that demonstrated how vulnerabilities in a Snort sensor designed to detect an exploit tool...
[June 2, 2006, 17:15]
SPACEDIVE: A Distributed Intrusion Detection System for Voice-over-IP Environments
White Papers The Snort IDS is well known for its efficiency in examining incoming packets and SPACEDIVE leverages the Snort functionality. Voices over IP (VoIP) systems are gaining in popularity as the technology for transmitting voice traffic over IP networks.
[April 11, 2008, 1:02]
