Package : snort

Package details

Summary: An Intrusion Detection System (IDS)

Snort is a libpcap-based packet sniffer/logger which can be used as a
lightweight network intrusion detection system. It features rules based logging
and can perform protocol analysis, content searching/matching and can be used
to detect a variety of attacks and probes, such as buffer overflows, stealth
port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
Snort has a real-time alerting capabilty, with alerts being sent to syslog, a
separate "alert" file, or as a WinPopup message via Samba's smbclient

This rpm is different from previous rpms and while it will not clobber
your current snort file, you will need to modify it.

There are 9 different packages available

All of them require the base snort rpm. Additionally, you will need
to chose a binary to install.

/usr/sbin/snort should end up being a symlink to a binary in one of
the following configurations. We use update-alternatives for this.
Here are the different packages along with their priorities.

plain(10) plain+flexresp(11) mysql(12)
mysql+flexresp(13) postgresql(14) postgresql+flexresp(15)
bloat(16) inline(17) inline+flexresp(18)
prelude(19) prelude+flexresp(20)

Please see the documentation in /usr/share/doc/snort

License: GPLv2

Maintainer: nobody

List of RPMs