Talk:Snort (software)

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Deletion[edit]

On 27 July 2004, Snort was nominated for deletion. As a result of the discussion, the article was moved and kept. See Wikipedia:Votes for deletion/Snort for details. Rossami 22:02, 2 Aug 2004 (UTC)


Proprietary or free software[edit]

Snort is combined into the "Sourcefire Intrusion Sensor" by Sourcefile. There's no evidence that it is not done as an entirely proprietary aggregate distribution. If there's no proof that something is distributed as free software we usually note that its proprietary software. Since Snort is free software, the availability of a proprietary version would make it dual-licensed.

Sourcefire openly admits they combine proprietary add-ons to Snort in these sensors, but it's not clear they use the GPL to distribute Snort with the device that is sold to customers. They can use a proprietary license at their option since they are the presumed copyright holders. --69.165.73.238 14:20, 8 August 2006 (UTC)


Absolutely incorrect. Snort is used within an appliance offered by Sourcefire. Snort itself is maintained by Sourcefire under the GPL, there is no dual license, the entire snort code base is under the GPL. Go to www.snort.org, download the source, and see for yourself. —Preceding unsigned comment added by 64.214.53.2 (talk) 21:40, 28 December 2007 (UTC)

Snort Back Orifice Preprocessor Buffer Overflow[edit]

"The vulnerable code will process any UDP packet that is not destined to or sourced from the default Back Orifice port (31337/udp). An attacker could exploit this vulnerability by sending a specially crafted UDP packet to a host or network monitored by Snort." "A remote attacker who can send UDP packets to a Snort sensor may be able to execute arbitrary code. Snort typically runs with root or SYSTEM privileges, so an attacker could take complete control of a vulnerable system. An attacker does not need to target a Snort sensor directly; the attacker can target any host or network monitored by Snort." Are these notices that I'm seeing jokes? Banaticus 05:48, 7 September 2006 (UTC)

No. This was a widely-known flaw in Snort at one point. Shadow1 (talk) 12:20, 11 April 2007 (UTC)

New article: Sourcefire, Inc[edit]

I've started an article, Sourcefire, Inc, for the company that develops the Snort and ClamAV free software packages. Contributions very welcome. --Gronky 09:38, 23 October 2007 (UTC)

Applied watch command center removed[edit]

Applied Watch Command Center - Enterprise Security Management Suite for Snort is no longer free, although a trial version may be available. see [1] following takeover by endace.com —Preceding unsigned comment added by 60.242.145.52 (talk) 05:37, 10 April 2008 (UTC)

Origin of creator?[edit]

Basically the Americans are saying a lot of their sensitive govermental organisations are using Snort and they don’t want the software to be controlled by an Israeli company, they see it as a threat. The same Bush administration review panel that approved a ports deal involving the United Arab Emirates has notified a leading Israeli software —Preceding unsigned comment added by 86.139.45.11 (talk) 10:05, 23 July 2008 (UTC)

Question[edit]

Can snort be used on a standalone machine? Ie, a single computer on a router? Sephiroth storm (talk) 05:01, 27 March 2009 (UTC)