SNORT is simple software are very useful to see activity from computer networking. Snort can be used as Network Intrusion Detection System (NIDS) in lightweight and this software use rules system to detecting and logging from any assault in computer networking. With any rules to detect signature from any assault, then Snort can detect and logging that assault.This software is opensource based from GNU (General Public License)[GNU89], so that can it's free to used and the source code for Snort can be obtained and modified if we necessary. Initially, Snort be made to operating system based unix, but in windows version also been made too, and now Snort is cross-platform.
Snort is software who still based command-line, so it's be troublesome for user who are used to Graphical User Interface (GUI). Therefore, there are some software from third person provide GUI for Snort, for example IDScenter for Microsoft Windows and Acid based PHP so we can accessed from web browser.
Snort has a language-making rules relatively easy to learned and flexible.
Snort have a database for any rules.
Snort can do logging direct to database system, for example to MySQL, PostGRE SQL and MS
SQL.
Snort as NIDS can hide from computer networking so that existence can't be detected from the other computer. This is called as stealth mode.
Snort have 3 operations mode :
1. Sniffer Mode
2. Packet Logger Mode
3. Network Intrusion Detection Mode
No comments:
Post a Comment