- "Snort -
Lightweight Intrusion Detection for Networks"
This paper discusses the architecture, performance, and uses of Snort.
It also contains a comparative analysis of Snort to some other well know
programs used for similar purposes. Additionally, there is a nice
rules tutorial contained in the document for those of you wanting to know
how the rules system works. I presented this paper at the USENIX LISA
'99 conference in November of 1999.
Everything you ever wanted to know about writing Snort rules but were
afraid to dig out of the RULES.SAMPLE file!
- USENIX Snort Presentation Slides (Powerpoint format) (PDF Format)
I'm making the slides I put together for the USENIX LISA '99 conference
available here as well.
- Running and
installing Snort under Daemontools
Information on installing snort and running it under Dan Bernsteins
- "Installing Snort on a Win 2000 System - A
Michael Steele from Silicon Defense has written up a guide on installing
Snort on a Windows 2000 system.
Instructions start at installing Snort, and ends using Acid to view the
Place in a Windows 2000 Environment " Author: Jon Bull
The target audience of
this document are middle of the road administrators who may be looking for
an easy to setup network intrusion detection system that wonít put a
dent in the IT budget. This
document will introduce you to Snort.