Free Software Foundation!

Join now


From Free Software Directory
Jump to: navigation,

Snort is a network intrusion detection system that performs real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and more. Snort has three primary uses: as a straight packet sniffer like tcpdump(1), as a packet logger (useful for network traffic debugging, etc), or as a full blown network intrusion detection system. Snort logs packets in either tcpdump(1) binary format or in Snort's decoded ASCII format to logging directories that are named based on the IP address of the "foreign" host. It should work any place libpcap does. Snort uses a flexible rules language to describe traffic that it should collect or pass, as well as a detection engine that utilizes a modular plugin architecture. It also has real-time alerting capabilities.


User FAQ available from; see same URL for complete list of documentation; user manpage included in the distribution

"IRC irc:// " IRC development channel


Download version 2.3.3 (stable)
released on 22 April 2005

VCS Checkout


Related Projects


LicenseVerified byVerified onNotes
GPLv2Janet Casey3 July 2001

Leaders and contributors

Martin Roesch Maintainer

Resources and communication

Audience Resource type URI
Support Mailing List Info/Archive
Developer VCS Repository Webview
Bug Tracking E-mail
Help Mailing List Info/Archive
Bug Tracking,Developer Mailing List Info/Archive

Software prerequisites

Kind Description
Required to use libpcap
Required to build libpcap

This entry (in part or in whole) was last reviewed on 19 July 2005.


Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.

Personal tools