ADMIN - Explore the new world of system administration! ADMIN is a smart, technical magazine for IT pros on heterogeneous networks. Each issue delivers technical solutions to the real-world problems you face every day. Learn the latest techniques for better:
network security
system management
troubleshooting
performance tuning
virtualization
cloud computing
on Windows, Linux, Solaris, and popular varieties of Unix.
Snort Helpers: Open Source Network Intrusion Detection
Snorby, OpenFPC, and Pulled Pork
Author(s): Ralf Spenneberg
Snort is the de facto standard for open source network intrusion detection. The developer community has kept a fairly low profile for a couple of years, but extensions like Snorby, OpenFPC, and Pulled Pork have given the old hog a new lease on life.
Snort is old – on an IT timescale, even ancient. Marty Roesch started developing the network sniffer back in 1998. His original plan was “just” to program a network sniffer that would run on a variety of operating systems. The initial version, released back in 1998, comprised just 1,200 lines of code, but one of the most powerful network IDS engines of all time arose from these humble beginnings. In 2001, Roesch founded Sourcefire, a company that is today synonymous with successful network intrusion prevention appliances based on Snort. Sourcefire continues to develop Snort as a way of giving back to the open source community.
Comments