Snort Package is a GUI based front-end for Sourcefire\'s Snort ® IDS/IPS software. The Snort Package goal is to be
the best open-source GUI to manage multiple snort sensors and multiple rule snapshots. The project other goal is to be a highly competitive GUI for
network monitoring for both private and enterprise use. Lastly, this project software development should bring programmers and users together to create
software.
What is Snort ? Used by fortune 500 companies and goverments Snort is the most widely deployed IDS/IPS technology worldwide. It features rules based logging and
can perform content searching/matching in addition to being used to detect a variety of other attacks and probes, such as buffer overflows, stealth port
scans, CGI attacks, SMB probes, and much more.
Requirements :
Minimum requirement 256 mb ram, 500 MHz CPU.
Recommended 500 mb ram, 1 Ghz CPU.
The more rules you run the more memory you need.
The more interfaces you select the more memory you need.
Development is done on a Alix 2D3 system (500 MHz AMD Geode LX800 CPU 256MB DDR DRAM).
About Me
Coming soon............
Services
Coming soon............
Change Log
Coming soon............
PfSense is brought to you by a dedicated group of developers who are security and network professionals by trade. The following people are active developers of the pfSense project.
Username is listed in parenthesis (generally also the person\'s forum username, IRC nickname, etc.).
Main Snort-dev Package Developer
Robert Zelaya
Founders
In alphabetical order
Chris Buechler (cmb)
Scott Ullrich (sullrich)
Active Developers
Listed in order of seniority along with date of first contribution.
Bill Marquette (billm) - February 2005
Holger Bauer (hoba) - May 2005
Erik Kristensen (ekristen) - August 2005
Seth Mos (smos) - November 2005
Scott Dale (sdale) - December 2006
Martin Fuchs (mfuchs) - June 2007
Ermal Luçi (ermal) - January 2008
Matthew Grooms (mgrooms) - July 2008
Mark Crane (mcrane) - October 2008
Jim Pingle (jim-p) - February 2009
Rob Zelaya (robiscool) - March 2009
Renato Botelho (rbgarga) - May 2009
FreeBSD Developer Assistance
We would like to thank the following FreeBSD developers for their assistance.
Max Laier (mlaier)
Christian S.J. Peron (csjp)
Andrew Thompson (thompsa)
Bjoern A. Zeeb (bz)
among many others who help us directly, and everyone who contributes to FreeBSD.
Inactive Developers
The following individuals are no longer active contributors, having moved on because of other commitments, or employers forbidding contributions. We thank them for their past contributions.
Daniel Berlin (dberlin)
Daniel Haischt (dsh)
Espen Johansen (lsf)
Scott Kamp (dingo)
Bachman Kharazmi (bkw)
Fernando Tarlá Cardoso Lemos (fernando)
Kyle Mott (kyle)
Colin Smith (colin)
Heros
Coming soon............
=========================
Q: Do you have a quick install tutorial and tabs explanation.
A: Yes.
http://doc.pfsense.org/index.php/Setup_Snort_Package
=========================
Q: What interfaces can snort listen on ?
A: Right now all WAN interfaces and LAN interfaces. But if you select a LAN interface you may need to adjust the snort rules to use the LAN interface.
==========================
Q: What logs does the snort package keep. ?
A: Most of the snort logs are keept in the /var/log/snort.
Snorts syslogs\' are saved to the /var/log/snort/snort_sys_0ng0.
==========================
Q: What is the best Performance setting ? or Snort is using 90% cpu and all my memory.
A: Depends how much memory you have and how many rules you want to run.; lowmem for systems with less than 256 mb memory, ac-bnfa for systems
with over 256 mb of memory. The other options are; ac high memory, best performance, ac-std moderate memory, high performance,acs small
memory, moderate performance,ac-banded small memory,moderate performance,ac-sparsebands small memory, high performance.
Short version: For most people ac-bnfa is the best setting.
=========================
Q: What is the Oinkmaster code ? How do I get the code ?
A: The Oinkmaster code is your personal password in order to download snort rules.
You get a Oinkmaster code when you register with snort.org. It is free to register.
Goto https://www.snort.org/signup to get your personal code.
=========================
Q: What is the Snort.org subscriber option? How do I become a Snort.org subscriber?
A: Snort.org subscribers get the the latest rule updates 30 days faster than registered users.
Goto http://www.snort.org/vrt/buy-a-subscription/.
It is highly suggested that you get a paid subscription so that you can always have the latest rules.
=========================
Q: When did you start working on the snort package.
A: I started working on the snort package in May 2009.