IT professionals have all heard of SNORT. This open source network intrusion detection and prevention system has become the standard for network protection. An application designed for Linux, SNORT uses a rule-driven language that looks at anomalies on your network.
The rules used by snort are VRT Certified. These rules can be obtained in three ways. Subscribers receive real-time updates based on a subscription. Users who register SNORT, receive the rules 30 days after release and unregistered users receive the installation rule set.
SNORT was originally written and founded by Martin Roesch. The evolution of SNORT from its original light weight code
to the complex reliable code of today makes it the ideal choice for Information Technology professionals. With open source becoming more popular in businesses, SNORT becomes a prime selection for free open source software in the intrusion detection arena.
Keeping to high standards, Sourcefire offers comprehensive training led by qualified instructors with hands-on and certifications.
Over the years, SNORT has crossed platforms to Windows. Security professionals still Linux is still the operating system of choice. With Ubuntu, SNORT is an easy install and can be easily monitored by network technicians or security professionals.
The current version of SNORT as of this writing, 2.8.3 offers greater protection of small business and enterprise networks than any other version. With MySQL and Apache as freeware open source products, using SNORT becomes a zero dollar investment in regards to software. SNORT’s return of investment (ROI) is one of the quickest in the information technology market. Network traffic analysis is a key part of security in any business. Many businesses install firewalls and ignore intrusion detection systems. SNORT allows for this extra protection at virtually no cost to companies. Analysis of wired networks has always been a critical concern. Today, with wireless technology readily available, this form of connectivity needs to be monitored for events and alerts. The
analysis of system (intrusion logs) logs in SNORT can be performed in several different ways (GUI or terminal). By analyzing these logs, problems and alerts can be seen in real time.
With this open source solution, system administrators should install this much needed application in their network to protect their assets.