Snort 2.9.8

Snort provides you with a high-performance, yet lightweight and flexible rule-based network intrusion detection and prevention system that can also be used as a packet sniffer and logger. Snort is an Open Source network intrusion prevention system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching  and matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

With its advanced capabilities and reliability, it is the most deployed IDS / IPS software, widely used in network monitoring applications.

Combining database signatures with anomaly-based scanning, Snort is capable of detecting unwanted intrusions and features real-time analysis and alerts. In order to work properly, the application requires WinPcap, a tool that provides direct packet access, allowing it to read raw network data.

Having a Snort sensor up and running requires solid command line, network protocol functioning and IDS knowledge, thus beginner users might need to take their time to go through the documentation in order to learn how things work.

The application can be used as a packet sniffer and logger, monitoring the network traffic in real-time, displaying the TCP/IP packet headers and recording the packets to a logging directory or a database (MySQL, Oracle, Microsoft SQL Server, and ODBC are supported).

However, the real power of Snort resides in its intrusion detection capabilities, since it can analyze network traffic and warn you about unusual events, vulnerabilities or exploits.

The user customizable rules are similar to a firewall application and define the behavior of Snort in the IDS mode. You can set them up by editing the configuration file, which can also include application-specific rules (for SMTP e-mail connections, SSH and so on).

The program analyzes the sent and received packets and determines whether any of them represent a possible threat.

The packets that trigger rules can be logged in ASCII or binary format, the latter being recommended for keeping up with a fast LAN.

Snort benefits from large community support with significant contribution to the rule database, which guarantees its reliability. Whether you use it for real-time traffic analysis and logging or as an IDS / IPS appliance, it is a powerful network security tool that professional users are surely to appreciate.

Platform: Windows XP/Vista/7/8/8.1/10
License: GPL/Freeware
Author: Website
Size: 3.58MB

SHA256: 6a38b4fa9f420b2c29e38cb224ca341f203c7ab6771cb3a67c6d74e9066c432c

Direct Link 2Shared

Direct Link Solidfiles

Direct Link 4Shared

Direct Link Mega

Direct Link Mediafire

Direct Link Hostr

Publisher's Website