snort

Open-source network intrusion detection system. More information: https://www.snort.org/#documents.

  • Capture packets with verbose output:

sudo snort -v -i interface

  • Capture packets and dump application layer data with verbose output:

sudo snort -vd -i interface

  • Capture packets and display link layer packet headers with verbose output:

sudo snort -ve -i interface

  • Capture packets and save them in the specified directory:

sudo snort -i interface -l path/to/directory

  • Capture packets according to rules and save offending packets along with alerts:

sudo snort -i interface -c path/to/rules.conf -l path/to/directory

Report New Issue View Source