SANS Institute

Latest Content From SANS Institute

Whitepaper: Using Snort as an IDS and Network Monitor in Linux

by SANS InstituteJan 01, 2008

This paper describes the benefits of using an Intrusion Detection System (IDS) in general, and Snort specifically. The paper also describes techniques to use Snort effectively and some of the interesting features. It also looks at the importance of interpreting the data that Snort outputs with some examples of packets captured by Snort. In order to get the most out of Snort or any other Intrusion Detection System is it imperative to be able to intelligently interpret the data (packet captures)