Snort is an open source free NIDS that was developed by Marty Roesch. It was initially written so that Marty could do traffic sniffing at his job and has grown to a full-featured NIDS. Along the way, Marty has attracted a vast following of admirers and coders who work collectively to enhance the code and issue new releases. In early 2002, Snort was downloaded from its home at www.snort.org over 10,000 times a week to protect government, corporate, home, and educational sites.

Snort is a signature-based NIDS that uses a combination of rules and preprocessors to analyze traffic. The rules offer a simple ...