Snort

Snort

Snort is set of predefined rules which is used mostly for IDS or IPS. It has 3 main operational modes

Packet Sniffing- Shows network traffic like Wireshark
Packet logging —> collects and logs network traffic into a file
Network in…


This content originally appeared on DEV Community and was authored by AJ

Snort

Snort is set of predefined rules which is used mostly for IDS or IPS. It has 3 main operational modes

  • Packet Sniffing- Shows network traffic like Wireshark
  • Packet logging —> collects and logs network traffic into a file
  • Network intrusion detection —> Analyzes packets and matches traffic against signature

Intrusion detection system

  • Network intrusion detection system —> monitors traffic from different areas of the network and if a signature is identified an alert is made
  • Host based intrusion detection system —> Monitor traffic from a single endpoint device, basically investigating the traffic on a specific device and if a signature is identified an alert is created

ntrusion prevention system

  • Network intrusion prevention system —> monitor traffic and if a signature is identified the connection is terminated
  • Behavior based intrusion prevention system —> Same thing it monitors and terminates if an usual behavior is detected, the difference between NIP and BIP is behavior based requires training period which is known as baselining to learn normal traffic so it can differentiate between threats etc.
  • Wireless intrusion Prevention System —> monitors the traffic flow from of wireless network, if a signature is identified the connection is terminated
  • Host-based Intrusion Prevention System —> monitors and protects network on one single end point device, if a signature is identified the connection is terminated

Detection prevention techniques

  • Signature based
  • behavior based
  • Policy based


This content originally appeared on DEV Community and was authored by AJ


Print Share Comment Cite Upload Translate Updates
APA

AJ | Sciencx (2025-01-17T22:08:55+00:00) Snort. Retrieved from https://www.scien.cx/2025/01/17/snort/

MLA
" » Snort." AJ | Sciencx - Friday January 17, 2025, https://www.scien.cx/2025/01/17/snort/
HARVARD
AJ | Sciencx Friday January 17, 2025 » Snort., viewed ,<https://www.scien.cx/2025/01/17/snort/>
VANCOUVER
AJ | Sciencx - » Snort. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2025/01/17/snort/
CHICAGO
" » Snort." AJ | Sciencx - Accessed . https://www.scien.cx/2025/01/17/snort/
IEEE
" » Snort." AJ | Sciencx [Online]. Available: https://www.scien.cx/2025/01/17/snort/. [Accessed: ]
rf:citation
» Snort | AJ | Sciencx | https://www.scien.cx/2025/01/17/snort/ |

Please log in to upload a file.



There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.

Related Posts