|
|
|
|
What is
Snort?
SNORT® is an open source network intrusion prevention
and detection system utilizing a rule-driven language, which combines
the benefits of signature, protocol and anomaly based inspection
methods. With millions of downloads to date, Snort is the most widely
deployed intrusion detection and prevention technology worldwide and
has become the de facto standard for the industry.
|
|
|
|
We’re pleased to introduce our first beta release built on the new Snort 3.0 architecture. SnortSP is an open-source platform for running packet-based network security applications, including the Snort 2.8.2.1 detection engine. SnortSP introduces a new shell-based user interface, a multi-threaded execution module, native IPv6 support, performance improvements, and more.
Get more info on SnortSP here. |
| Snort Users Webcast Series |
|
Using the Host Attribute Table in Snort
This session features Ed Mendez, Director of Courseware Development for the Sourcefire Education Team. Ed will discuss Using Snort's Host Attribute Table.
More info and webcast access | download the slides
Writing Effective Rules Part II
In this session Matt Olney of the Sourcefire Vulnerability Research Team (VRT) will present Performance Rules Creation: Rules Options and Techniques. Covers: detecting buffer overflows with content checks and isdataat, and PCRE | detecting attacks against the Kaminsky DNS bug with byte_test | more.
More info and webcast access | download the slides
|
| Document Spotlight |
 Sourcefire Vulnerability
Research Team (VRT) White Paper
White Paper covering the capabilities and
processes followed by the Sourcefire VRT in writing rules.
Get it here. |
|
|
|
|
|
|
