First page Back Continue Last page Summary Graphics
Which IDS should I use?
Snort uses a flexible rules language to describe
traffic that it should collect or pass, as well as a
detection engine that utilizes a modular plugin
architecture.
Snort has a real-time alerting capability as well incorporating alerting mechanisms for syslog, a user specified file, a UNIX socket, or WinPopup messages to Windows clients using Samba's smbclient.
Notes: