O'Reilly logo

Learning Network Forensics by Samir Datt

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Using SNORT for network intrusion detection and prevention

SNORT is an open source intrusion detection/prevention system that is capable of real-time traffic analysis and packet logging. Extremely popular, SNORT is the tool of choice for the open source community. While there are a number of other NIDS and NIPS out there, we will stick to SNORT for the purposes of this section.

SNORT is available from the https://www.snort.org/ website:

Using SNORT for network intrusion detection and prevention

It makes a lot of sense to go through the documentation available on the website as this information is updated on a fairly regular basis.

At the time of writing, SNORT is available in flavors that run on some Linux ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required