OpenBSD ports

The net/snort port

snort-2.9.20p4 – highly flexible sniffer/NIDS

Description

Snort is an open source network intrusion detection and prevention system.  It
is capable of performing real-time traffic analysis, alerting, blocking and
packet logging on IP networks.  It utilizes a combination of protocol analysis
and pattern matching in order to detect a anomalies, misuse and attacks.
Snort uses a flexible rules language to describe activity that can be considered
malicious or anomalous as well as an analysis engine that incorporates a
modular plugin architecture.  Snort is capable of detecting and responding in
real-time, sending alerts, performing session sniping, logging packets, or
dropping sessions/packets when deployed in-line.

Snort has three primary functional modes.  It can be used as a packet sniffer
like tcpdump(8), a packet logger (useful for network traffic
debugging, etc), or as a full blown network intrusion detection and prevention
system.

Categories:

net security

Library dependencies

• archivers/xz
• devel/pcre
• lang/luajit
• net/daq
• net/libdnet
• www/nghttp2

Build dependencies

Run dependencies