Suricata (software): Difference between revisions

Suricata

Developer(s)	Open Information Security Foundation
Stable release	3.0 / January 27, 2016; 8 years ago (2016-01-27)
Preview release	3.0.1RC1 / March 23, 2016; 8 years ago (2016-03-23)
Repository	github.com/OISF/suricata
Written in	C
Operating system	FreeBSD, Linux, UNIX, Mac OS X, Microsoft Windows
Type	Intrusion-detection system Intrusion prevention system
License	GNU General Public License[1]
Website	suricata-ids.org

Suricata is an open source-based intrusion detection system (IDS). It was developed by the Open Information Security Foundation (OISF). A beta version was released in December 2009, with the first standard release following in July 2010.^[2][3]

Features

^[4]

• Multi-threading
• Automatic protocol detection
• Gzip decompression
• Independent HTP library
• Standard input methods
• Unified2 output
• Flow variables
• Fast IP matching
• HTTP log module
• Graphics card acceleration
• Windows binaries
• Lua scripting^[5]
• Prelude output^[6]
• file matching, logging, extraction, md5 checksum calculation^[6]
• IP reputation
• DNS logger

in a future release

^[4]

• Global flow variables

Third-party tools

Third-party tools available for Snort are compatible with Suricata, like the following:

• Snorby
• BASE
• Sguil (free)
• Aanval (commercial)
• Telesoft MPAC Security

Free intrusion detection systems

• Bro NIDS
• OSSEC HIDS
• Prelude Hybrid IDS
• Sagan
• Snort

See also

• Aanval

References

1. "Suricata license".
2. "New Open Source Intrusion Detector Suricata Released". Slashdot. 2009-12-31. Retrieved 2011-11-08.
3. "Suricata Downloads". Open Security Information Foundation. Retrieved 2011-11-08.
4. Jonkman, Matt (2009-12-31). "Suricata IDS Available for Download!". Seclists.org. Retrieved 2011-11-08.
5. "Suricata Features". Retrieved 2012-10-06.
6. "Suricata All Features". Retrieved 2012-10-06.

External links

• Open Information Security Foundation
• "Suricata". Freecode.
• Suricata website