|
|
Snort is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire and is available for both types of Operating Systems, i.e. Windows and Linux. Snort’s threat detection and prevention components work together to reassemble traffic, prevent evasions, detect threats, and output information about these threats without creating false positives or missing legitimate threats.
The threat prevention process in Snort consists of multiple components which work together to reassemble traffic as a target host would see it, identify traffic areas that may contain threats, and match Snort rules against these traffic areas to recognize attacks. Such areas must not be accessed for computer security.
|
|