Snort
Platforms:
FreeBSD,
HP-UX,
IRIX,
Linux,
MacOS,
NetBSD,
OpenBSD,
Solaris
Categories:
Intrusion Detection,
Network
Version: v1.9.0
URL: http://www.snort.org
Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a seperate "alert" file, or as a WinPopup message via Samba's smbclient.