From wiki-ben
Revision as of 20:30, 4 January 2017 by Bensoer (talk | contribs)
Jump to: navigation, search

Snort is an IDS that does real-time analysis of incoming traffic. It can be configured to work both for networks and also single systems. An idealistic configuration follows the following tutorial:

This includes how-to on setup of also barnyard and other components.

In addition to this, the community rules do not cover all aspects of intrusion detection. Thus using emerging threats rulesets is also recommended. These can be found here: