Problem solve Get help with specific problems with your technologies, process and projects.

What is Snort, and can I use it to recover from virus attacks?

What is Snort, and how does it work? I've heard that it can help my organization recover quickly from virus attacks. Is that true?
Snort is an intrusion detection facility. Quoting from the snort home page at http://www.snort.org/about.html:

"Snort has three primary uses. It can be used as a straight packet sniffer like tcpdump(1), a packet logger (useful for network traffic debugging, etc.), or as a full blown network intrusion detection system."

Snort may help you to detect certain types of attacks that can take place at the security perimeter of you network. Snort is not specifically a virus detective, and it certainly is not an anti-virus solution.

Editor's note: For more information on Snort and other intrusion detection strategies, check out our Best Web Links on intrusion detection and prevention.

Dig Deeper on Linux servers

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.