logo

Justification for choosing Snort as IDS

   

Added on  2020-04-13

4 Pages708 Words101 Views
BEST CHOICE FOR CLIENT IS SNORT SYSTEMJustification for choosing Snort as IDSSnort is a lightweight IDS that can be easily deployed on a network with minimal disruptions to operations. Snort support various operating system such as Linux, UNIX and Windows. Snort has a capability of packet payload detection which Tcpdump does not have. Also its decoded display output is more user friendly than Tcpdump. Snort support MYSQL database therefore allthe events can be stored in a database. This will allow a user to search, view and profile the eventat any time. Also snort is an open source back by the cisco and the community therefore it has a large support from the community.After installation Snort Rule is 0 List of Snort decoder preprocessor engines ICMP and TCP Snort protocol rules ICMP and TCP Snort protocol rule added
Justification for choosing Snort as IDS_1
Running Snort with real time console alertICMP rule were added so by Pinging from another computer in the network, the snort generates positive alert of intrusion in the network. The IP of a client who is pinging has beenshown as 192.168.43.47Intrusion detection program vs an intrusion prevention systemSnort -- The poor man's intrusion-detection system. (2017) IPS is similar to IDS except that IPS is able to block threat. IPS monitor, logs and report activities similarly to IDS but they are also capable of stopping potential threat without system administrator.The Pros & Cons of Intrusion Detection Systems. (2017) Both Intrusion detection program and intrusion prevention system are important to any organization by offering the following benefits:Detecting intrusion in real time.Ability to analyze large data.Automated action and responses such as blocking potential threat and alerting administrator of any intrusion respectively.Real time reporting capabilities. Through data analysis network rules and policies can be derived from it.
Justification for choosing Snort as IDS_2

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Networking and Security
|4
|801
|57

Demonstration of Network Security Tools
|10
|2109
|85

Intrusion Detection System and Snort: A Comprehensive Guide
|8
|857
|312

Information Management: Intrusion Detection, Firewalls, and Operating System Security
|4
|778
|289

Difference between Firewall and Intrusion Detection System
|4
|454
|21

Cyber Security Detection of Common Attacks Using SNORT Project 2022
|56
|14273
|14