Snort is a program that can perform protocol analysis and content searching/matching. It can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.
Snort can operate in three modes; it can operate as a packet sniffer, a packet logger, and an IDS.
http://www.snort.org/
More info How to set Snort in PFsense can be found :
http://doc.pfsense.org/index.php/Setup_Snort_Package#Setting_up_snort_package_for_the_first_time
More files, logs and settings will be add'et later
No comments:
Post a Comment