slackbuilds

History

Robby Workman 143991a46e Entire Repo: Remove APPROVED field from .info files This field used to make sense in our pre-git days, but the Signed-Off-By: line serves the same purpose (and even more) now, so APPROVED has been rejected. ;-) Signed-off-by: Robby Workman <rworkman@slackbuilds.org>		2012-08-14 23:22:50 -05:00
..
README	network/snort: Updated for version 2.9.0.3.	2010-12-27 20:06:58 -02:00
README.SLACKWARE	network/snort: Updated for version 2.9.0.	2010-10-16 21:31:45 -05:00
doinst.sh	network/snort: Updated for version 2.9.0.	2010-10-16 21:31:45 -05:00
rc.snort	network/snort: Updated for version 2.9.0.	2010-10-16 21:31:45 -05:00
slack-desc	network/snort: Updated for version 2.9.0.3.	2010-12-27 20:06:58 -02:00
snort.SlackBuild	network/snort: Updated for version 2.9.1.2.	2011-11-26 09:08:07 -06:00
snort.info	Entire Repo: Remove APPROVED field from .info files	2012-08-14 23:22:50 -05:00

README

Snort is an open source network intrusion detection and prevention system.
It is capable of performing real-time traffic analysis, alerting, blocking
and packet logging on IP networks. It utilizes a combination of protocol
analysis and pattern matching in order to detect a anomalies, misuse and
attacks.
Snort uses a flexible rules language to describe activity that can be
considered malicious or anomalous as well as an analysis engine that
incorporates a modular plugin architecture. Snort is capable of detecting
and responding in real-time, sending alerts, performing session sniping,
logging packets, or dropping sessions/packets when deployed in-line.

Snort has three primary functional modes.  It can be used as a packet
sniffer like tcpdump(1), a packet logger (useful for network traffic
debugging, etc), or as a full blown network intrusion detection and
prevention system.

This requires libdnet and daq.