Posts

Showing posts from September, 2016

Basic Configuration for Snort IDS on Windows OS

Image
What wikipedia says about Snort ( https://en.wikipedia.org/wiki/Snort_(software) ) Snort's open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching and matching. These basic services have many purposes including application-aware triggered quality of service , to de-prioritize bulk traffic when latency-sensitive applications are in use. [1] The program can also be used to detect probes or attacks , including, but not limited to, operating system fingerprinting attempts, common gateway interface , buffer overflows , server message block probes, and stealth port scans . [10] Snort can be configured in three main modes: sniffer, packet logger, and network intrusion detection. [11] In sniffer mode, the program will read network packets and display them on the console. In packet logger mode, the program wi...