summaryrefslogtreecommitdiff
path: root/network/snort/README
diff options
context:
space:
mode:
Diffstat (limited to 'network/snort/README')
-rw-r--r--network/snort/README42
1 files changed, 42 insertions, 0 deletions
diff --git a/network/snort/README b/network/snort/README
new file mode 100644
index 0000000000..6a15d09b62
--- /dev/null
+++ b/network/snort/README
@@ -0,0 +1,42 @@
+Snort is an open source network intrusion detection and prevention system. It
+is capable of performing real-time traffic analysis, alerting, blocking and
+packet logging on IP networks. It utilizes a combination of protocol analysis
+and pattern matchingin order to detect a anomalies, misuse and attacks.
+Snort uses a flexible rules language to describe activity that can be considered
+malicious or anomalous as well as an analysis engine that incorporates a modular
+plugin architecture. Snort is capable of detecting and responding in real-time,
+sending alerts, performing session sniping, logging packets, or dropping
+sessions/packets when deployed in-line.
+
+Snort has three primary functional modes. It can be used as a packet sniffer
+like tcpdump(1), a packet logger (useful for network traffic debugging, etc),
+or as a full blown network intrusion detection and prevention system.
+
+Please read the snort_manual.pdf file that should be included with this
+distribution for full documentation on the program as well as a guide to
+getting started.
+
+This package builds a very basic snort implimentation useful for monitoring
+traffic as an IDS or packet logger and as a sort of improved tcpdump (which
+is what I use it for). MySQL support is included, so you should have little
+trouble hooking snort up to a database or ACID. For more information on
+these, check out snort's homepage at:
+
+ http://www.snort.org/
+ http://www.snort.org/docs/
+
+snort.org has a nasty habit of changing the location of their source
+code, which means there's no garauntee that the link in snort.info is
+correct. If you can't get that link to work, look for the source code at:
+
+ http://www.snort.org/dl/old/
+
+Please note that this build script disables dynamic plugins. This can be
+easily added by deleting the following line in the script.
+
+ --disable-dynamicplugin \
+
+This will put the headers and source for dynamic plugins into /usr/src/snort.
+There is no rc.snort script included with this script at this time, but you
+should have little trouble creating one of your own. Please e-mail me with
+any questions or comments. -- Alan Hicks <alan@lizella.net>