snort-2.9.14.1.txz


Advertisement

Description

snort - Lightweight network intrusion detection system

Property Value
Distribution FreeBSD 12
Repository FreeBSD Ports Latest i386
Package filename snort-2.9.14.1.txz
Package name snort
Package version 2.9.14.1
Package release -
Package architecture i386
Package type txz
Category security
Homepage http://www.snort.org/
License GPLv2
Maintainer dvl@FreeBSD.org
Download size 2.93 MB
Installed size 7.08 MB
Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules based logging
and can perform content searching/matching in addition to being used to detect
a variety of other attacks and probes, such as buffer overflows, stealth port
scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting
capability, with alerts being sent to syslog, a separate "alert" file, or even
to a Windows computer via Samba.
Packets are logged in their decoded form to directories which are generated
based upon the IP address of the remote peer.  This allows Snort to be used as
a sort of "poor man's intrusion detection system" if you specify what traffic
you want to record and what to let through.
For instance, I use it to record traffic of interest to the six computers in
my office at work while I'm away on travel or gone for the weekend.  It's
also nice for debugging network code since it shows you most of the Important
Stuff(TM) about your packets (as I see it anyway).  The code is pretty easy
to modify to provide more complete packet decoding, so feel free to make
suggestions.
WWW: http://www.snort.org/
Options:
- APPID: off
- DOCS: on
- FILEINSPECT: off
- GRE: on
- HA: off
- IPV6: on
- LRGPCAP: off
- NONETHER: off
- NORMALIZER: on
- PERFPROFILE: on
- SOURCEFIRE: on
- BARNYARD: on
- PULLEDPORK: on
- DBGSNORT: off
=========================================================================
Snort uses rcNG startup script and must be enabled via /etc/rc.conf
Please see /usr/local/etc/rc.d/snort
for list of available variables and their description.
Configuration files are located in /usr/local/etc/snort directory.
Please note that, by default, snort will truncate packets larger than the
default snaplen of 15158 bytes.  Additionally, LRO may cause issues with
Stream5 target-based reassembly.  It is recommended to disable LRO, if
your card supports it.
This can be done by appending '-lro' to your ifconfig_ line in rc.conf.
=========================================================================

Alternatives

Package Version Architecture Repository
snort-2.9.14.1.txz 2.9.14.1 amd64 FreeBSD Ports Latest
snort-2.9.14.1.txz 2.9.14.1 i386 FreeBSD Ports Quarterly
snort-2.9.14.1.txz 2.9.14.1 amd64 FreeBSD Ports Quarterly
snort - - -

Requires

Name Value
barnyard2 = 1.13_3
daq = 2.2.2
libdnet = 1.13_3
libdnet.so.1 -
libpcap.so.1 -
libpcre.so.1 -
libsfbpf.so.0 -
pcre = 8.43_2
pulledpork = 0.7.3

Provides

Name Value
libsf_dce2_preproc.so.0 -
libsf_dnp3_preproc.so.0 -
libsf_dns_preproc.so.0 -
libsf_engine.so.0 -
libsf_ftptelnet_preproc.so.0 -
libsf_gtp_preproc.so.0 -
libsf_imap_preproc.so.0 -
libsf_modbus_preproc.so.0 -
libsf_pop_preproc.so.0 -
libsf_reputation_preproc.so.0 -
libsf_sdf_preproc.so.0 -
libsf_sip_preproc.so.0 -
libsf_smtp_preproc.so.0 -
libsf_sorules.so.0 -
libsf_ssh_preproc.so.0 -
libsf_ssl_preproc.so.0 -

Download

Type URL
Mirror pkg.freebsd.org
Binary Package snort-2.9.14.1.txz
Source Package security/snort

Install Howto

Install snort txz package:

# pkg install snort

See Also

Package Description
snort-rep-1.10_1.txz Snort reporting tool that can produce text or HTML from logs
snort2pfcd-2.0.txz Snort alert to pf blocker
snortsam-2.70_1.txz SnortSam is a output plugin for Snort
snortsnarf-1.0_1,1.txz Generate HTML report summaries from snort incident alerts
sntop-1.4.3_1.txz Monitor status of network nodes using fping
snzip-1.0.4_1.txz Compression/decompression tool based on snappy library
so-hunspell-1.0.2_1.txz Somali hunspell dictionaries
so-synth-lv2-1.4.1.txz Unofficial LV2 ports of 50m30n3's synthesizers
soapui-5.2.1.txz Web service, SOA, and SOAP testing tool
sobby-0.4.8_5.txz Standalone obby server
socat-1.7.3.3_1.txz Multipurpose relay and more
soci-3.2.2_17.txz C++ Database Access Library
sock-0.4.2.txz W. Richard Stevens' sock program plus IPv6 and SCTP
sockaddr-g20180320.txz Command line utility for querying IP information
socket-1.2.txz Create TCP socket and connect to stdin/out
Advertisement
Advertisement