DomiLock: Snort

Menu :
.: Home
.: CheckNow!
.: Tools
.: Guestbook
.: About
.: Links
.: Contact Us
Numbers :
:. 17224 scans performed
:. show details













    

What is Snort?
"Snort is a lightweight network intrusion detection system, capable of performing
real-time  traffic analysis and packet logging on IP networks.  It  can perform protocol
analysis, content searching/matching and can be used to detect a variety of attacks
and probes,  such as buffer overflows, stealth port scans, CGI attacks, SMB probes,
OS fingerprinting attempts, and much  more.  Snort  uses a flexible rules language to
describe traffic that it should collect or pass, as well as a detection engine  that 
utilizes a modular plugin architecture.  Snort has a real-time alerting capability as
well, incorporating alerting mechanisms for syslog, a user specified file, a UNIX
socket, or WinPopup messages to Windows clients using Samba's smbclient."
text from the Snort site

Do I need Snort?
Putting your Domino server (or even your entire network) under surveillance of an IDS (Intrusion Detection System, like Snort) allows you to be alerted about an
ongoing attack or information probe. Some IDS's can deny acces to your server or network for the IP(s) that offended the IDS rules. If you are serious about security you should definitely have an IDS!

Why Snort?
Snort is free software (GNU General Public License). Snort is a serious IDS, compared to commercial available IDS it does really well. if you're 'not in to' free software but are interested in IDS's Snort allows you to enter the IDS world at no cost...

What has this got to do with DomiLock?
DomiLock's test rules are available in Snort rule file format.

Where to get Snort
The Snort homepage


Copyright © 2000-2002 DomiLock. All right reserved. Privacy policy.