USENIX Technical Program - Abstract - 13th Systems Administration Conference - LISA '99
Snort - Lightweight Intrusion Detection for Networks
Martin Roesch, Stanford Telecommunications, Inc.
Network intrusion detection systems (NIDS) are an important part of
any network security architecture. They provide a layer of defense
which monitors network traffic for predefined suspicious activity or
patterns, and alert system administrators when potential hostile
traffic is detected. Commercial NIDS have many differences, but
Information Systems departments must face the commonalities that they
share such as significant system footprint, complex deployment and
high monetary cost. Snort was designed to address these issues.