Services » Browse Packages » net-analyzer »

snort

Description:The de facto standard for intrusion detection/prevention
License: GPL-2
Homepage:https://www.snort.org
Location:Portage
 Legend:
  • + - stable
  • ~ - unstable
  • M - hardmask
alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86
2.9.17-r1 - ~ ~ - - - ~ ~ ~ - - ~ ~

USE flags

  • active-response - Enables support for automatically sending TCP resets and ICMP unreachable messages to terminate connections. Used with inline deployments.
  • control-socket - Enables Snort's control socket.
  • debug - Enable extra debug codepaths, like asserts and extra output. If you want to get meaningful backtraces see https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
  • file-inspect - Enables extended file inspection capabilities.
  • flexresp3 - Enables support for new flexable response preprocessor for enabling connection tearing for inline deployments. Replaces flexresp and flexresp2.
  • gre - Enable support for inspecting and processing Generic Routing Encapsulation (GRE) packet headers. Only needed if you are monitoring GRE tunnels.
  • high-availability - Enables high-availability state sharing.
  • inline-init-failopen - Enables support to allow traffic to pass (fail-open) through inline deployments while snort is starting and not ready to begin inspecting traffic. If this option is not enabled, network traffic will not pass (fail-closed) until snort has fully started and is ready to perform packet inspection.
  • large-pcap-64bit - Allows Snort to read pcap files that are larger than 2 GB. ONLY VALID FOR 64bit SYSTEMS!
  • libtirpc - Build against net-libs/libtirpc for RPC support
  • linux-smp-stats - Enable accurate statistics reporting through /proc on systems with multiple processors.
  • lua_single_target_luajit - Build for LuaJIT only
  • non-ether-decoders - Enable decoding of non-ethernet protocols such as TokenRing, FDDI, IPX, etc.
  • open-appid - Enable OpenAppID, an open, application-focused detection language and processing module for Snort that enables users to create, share, and implement application detection. Requires dev-lang/luajit.
  • perfprofiling - Enables support for preprocessor and rule performance profiling using the perfmonitor preprocessor.
  • ppm - Enables support for setting per rule or per packet latency limits. Helps protect against introducing network latency with inline deployments.
  • react - Enables support for the react rule keyword. Supports interception, termination, and redirection of HTTP connections.
  • reload-error-restart - Enables support for completely restarting snort if an error is detected during a reload.
  • selinux - !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
  • shared-rep - Enables the use of shared memory for the Reputation Preprocessor (Only available on Linux systems)
  • side-channel - Enables Snort's side channel.
  • sourcefire - Enables Sourcefire specific build options, which include --enable-perfprofiling and --enable-ppm.
  • threads - Add threads support for various packages. Usually pthreads

Security Advisory

Date Severity Title
about 17 years high Snort: Remote execution of arbitrary code
about 17 years normal Snort: Denial of Service

Also available in: Atom

About Project
History
Screenshots
Logos and themes
Video
Reviews
Introduction
Contact Us
Donations

Development
News
Calculate Linux

Products
Calculate Directory Server
Calculate Linux Desktop
Calculate Linux Scratch
Support
Downloads
License

Documentation
Installing Calculate
Working with Calculate
Working with Portage
Calculate Utilities
Server Configuration
Workstation Setup
Calculate Network Configuration
Hardware Setup
Manuals
Guides

Services
Newest Packages
GLSA
Browse Packages
USE Flags
All Licenses

OpenID Server
Pastebin

Community
Blogs
Forums
Wiki
BugTracker

Calculate User Map
LinuxQuestions
Facebook
Google+
Telegram
Twitter
If you find a mistake, please highlight it and press Ctrl+Enter.
Thank you!