summaryrefslogtreecommitdiff
path: root/network/snort/README
diff options
context:
space:
mode:
Diffstat (limited to 'network/snort/README')
-rw-r--r--network/snort/README13
1 files changed, 13 insertions, 0 deletions
diff --git a/network/snort/README b/network/snort/README
new file mode 100644
index 0000000000..249f906b22
--- /dev/null
+++ b/network/snort/README
@@ -0,0 +1,13 @@
+Snort is an open source network intrusion detection and prevention system. It
+is capable of performing real-time traffic analysis, alerting, blocking and
+packet logging on IP networks. It utilizes a combination of protocol analysis
+and pattern matching in order to detect a anomalies, misuse and attacks.
+Snort uses a flexible rules language to describe activity that can be considered
+malicious or anomalous as well as an analysis engine that incorporates a modular
+plugin architecture. Snort is capable of detecting and responding in real-time,
+sending alerts, performing session sniping, logging packets, or dropping
+sessions/packets when deployed in-line.
+
+Snort has three primary functional modes. It can be used as a packet sniffer
+like tcpdump(1), a packet logger (useful for network traffic debugging, etc),
+or as a full blown network intrusion detection and prevention system.