[Savannah-hackers] submission of Snort Intrusion Detection System - savannah.nongnu.org

[cmg]

A package was submitted to savannah.nongnu.org
This mail was sent to address@hidden, address@hidden


Chris Green <address@hidden> described the package as follows:
License: gpl
Other License: 
Package: Snort Intrusion Detection System
System name: snort
Type: non-GNU

Description:
Snort is an open source network intrusion detection system, capable of 
performing real-time traffic analysis and packet logging on IP networks. It can 
perform protocol analysis, content searching/matching and can be used to detect 
a variety of attacks and probes, such as buffer overflows, stealth port scans, 
CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

Snort uses a flexible rules language to describe traffic that it should collect 
or pass, as well as a detection engine that utilizes a modular plugin 
architecture. Snort has a real-time alerting capability as well, incorporating 
alerting mechanisms for syslog, a user specified file, a UNIX socket, or 
WinPopup messages to Windows clients using Samba\'s smbclient.

Snort has three primary uses. It can be used as a straight packet sniffer like 
tcpdump(1), a packet logger (useful for network traffic debugging, etc), or as 
a full blown network intrusion detection system.

http://www.snort.org/dl/snort-2.0.0rc1.tar.gz



Other Software Required:
libpcap is the only real dependency, everything else is optional. 

Other Comments:
What we\'d love to be able to do is have savannah be a CVS mirror of our future 
internal server so that we can implement a patch policy.

My work number is 410-423-1941 (Chris Green) if you have any questions.