applications/internet

snort - An open source Network Intrusion Detection System (NIDS)

Website: http://www.snort.org/
License: GPL
Vendor: Snort.org
Description:
Snort is an open source network intrusion detection system, capable of
performing real-time traffic analysis and packet logging on IP networks.
It can perform protocol analysis, content searching/matching and can be
used to detect a variety of attacks and probes, such as buffer overflows,
stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts,
and much more.

Snort has three primary uses. It can be used as a straight packet sniffer
like tcpdump(1), a packet logger (useful for network traffic debugging,
etc), or as a full blown network intrusion detection system.

You MUST edit /etc/snort/snort.conf to configure snort before it will work!

Please see the documentation in /usr/share/doc/snort-2.9.15 for more
information on snort features and configuration.

Packages

snort-2.9.15-1.el6.i686 [8.1 MiB] Changelog by Lawrence R. Rogers (2019-10-10):
- Release 2.9.15-1
	 New Additions
		Added new debugs to print detection, file_processing and Preproc time consumption info and verdict.
		Added support to detect new Korean file formats .egg and .alg in the file preprocessor.
		Added support to detect new RAR file-type in the file preprocessor.
	Improvements / Fix
		Fix to generate ALERT if TEID value is zero in GTP v1 and v2 packets.
		Fix to whitelist ftp data sessions when no file policy exists.
		Fix RTF file magic to a more generic value to prevent evasions.
		Added debug logs during HTTP reload
		Added rule SID check during validation
		Fix an issue where HTTP was processing non-HTTP traffic on port 443
		Added new debugs to print detection, file processing, and Prepro time consumption info and verdicts

Listing created by Repoview-0.6.6-1.el6