Welcome to the Aanval Wiki. Snort, Suricata and Syslog Intrusion Detection, Situational Awareness and Risk Management.

Visit http://www.aanval.com/ for more information.

Snort

From Aanval Wiki
Jump to: navigation, search

Snort is arguably the world's most widely used free intrusion detection system (IDS) and intrusion prevention system (IPS) designed to perform packet logging and real-time traffic analyses of IP networks.

Snort is a signature-based IDS/IPS with packages available for all operating system platforms and boasts an impressive global community of users and supporters.

Snort requires an interface, GUI, or management console like Aanval to be effective.

Downloading, Installing, and Configuring Snort

We recommend visiting our Community Portal and using the Snort install guide for your particular OS flavor.

Using Snort with Aanval

  1. To configure Snort sensors to Aanval, please visit Snort Settings to first configure the Snort or MySQL database to which Snort data is being written.
    (See How do I create a database? for instructions to create a database.)
  2. Once the database is configured, please visit Sensor Configuration to further configure active Snort sensors on the database.

External Links