Network security managers' preferences for the Snort IDS and GUI add-ons

Galen A. Grimes

Research output: Contribution to specialist publicationArticle

Abstract

The features of Snort, one of the most widely used is a command line Intrusion Detection System (IDS) based on libpcap packet capture library are discussed. Snort employs a rather cryptic command-line interface and all program configurations are done by manually editing the one configuration file that is snort.conf. The decisions of security managers to use Snort as their IDS also includes the choice of GUI front-end. This choice of Snort suggest that more security managers are using Snort as an attack trend analysis tool rather than as a real-time intrusion indicator. It is also stated that network security managers favor the Snort/ACID combination in operation on a Linux platform.

Original languageEnglish (US)
Pages19-20
Number of pages2
Volume2005
No4
Specialist publicationNetwork Security
DOIs
StatePublished - Apr 2005

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Information Systems and Management

Fingerprint

Dive into the research topics of 'Network security managers' preferences for the Snort IDS and GUI add-ons'. Together they form a unique fingerprint.

Cite this