-
December 10th, 2001, 07:55 AM
#1
New toy for networking people..
Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Includes real time alerting, incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages via smbclient. Changes: Bugfix release - fixed crash bug in frag2 on Linux, fixed ICMP printout and decoder for new ICMP header structs introduced in 1.8.1, fixed flexresp code - actually works now, flexresp response times should be shorter for TCP sniping, TCP packets are cached at start time and fired as needed, and added -B switch to enhance obfuscation of IP addresses in pcap files.
Source: http://packetstorm.decepticons.org/f...1.8.3.tar.html
hmm sounds yummy.. hehe... i ordered one copy... hope i'd get it soon..
-
December 10th, 2001, 08:15 AM
#2
Member
Have a look at www.demarc.org . Used with snort it really helps.
cheers
I\'m not a BOT I\'m a beer droid!
Prepare to be Assimilated.
-
December 10th, 2001, 08:40 AM
#3
Senior Member
well, thankz for the info* i hope i can try one too...
\"The more you ignore me... the closer i get!\"
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|