SNORT is an open source intrusion detection/prevention system that is capable of real-time traffic analysis and packet logging. Extremely popular, SNORT is the tool of choice for the open source community. While there are a number of other NIDS and NIPS out there, we will stick to SNORT for the purposes of this section.
SNORT is available from the https://www.snort.org/ website:
It makes a lot of sense to go through the documentation available on the website as this information is updated on a fairly regular basis.
At the time of writing, SNORT is available in flavors that run on some Linux distributions as well as Windows.
The download link will guide us to the correct flavor as per our requirements:
After the download, we need to install SNORT as per the following process:
We start by agreeing to the GNU Public License (GPL) so that we can proceed with the installation of SNORT: