Snort:一款广受欢迎的开源IDS(入Q检测系统)工具
这款小型的侵入检测和预防系统擅长于通信分析和IP数据包登录(packetlogging)。Snort除了能够进行协议分析、内容查找和包括其它很多预管理程序,还能够查看上千种蠕虫病毒、漏洞、端口扫描以及其它可疑行为查看。Snort使用一种简单的基于规则的言语来描绘网络通信,以及判别关于网络数据是放行还是阻拦,其查看引擎是模块化的。用于分析Snort警报的页面模式的引擎BasicAnalysisandSecurityEngine(BASE)可免费取得。开源的Snort为自己、小企业、集团用户提供杰出的服务。其母企业SourceFire提供丰厚的企业级特性和定期升级以丰厚其产品线。提供(有必要注册)5天免费的规则试用,您也能够在BleeEdgeSnort找到很多免费规则。
(This small intrusion detection and prevention system excels at traffic analysis and IP packet logging. In addition to protocol analysis, content lookup, and many other pre-management programs, Snort can view thousands of worms, vulnerabilities, port scans, and other suspicious behaviors. Snort uses a simple rules-based language to describe network traffic, and to determine whether to pass or block network data, and its viewing engine is modular. BasicAnalysisandSecurityEngine(BASE), the engine for analyzing page patterns of Snort alerts, is available for free. The open source Snort provides outstanding services for yourself, small businesses, and corporate users. Its parent company, SourceFire, offers a wealth of enterprise-grade features and regular upgrades to enrich its product line. Offers (registration required) a 5-day free trial of the rules, you can also
EdgeSnort finds a lot of free rules.)
页:
[1]