tldr/pages/common/snort.md

25 lines
692 B
Markdown

# snort
> Open-source network intrusion detection system.
> More information: <https://www.snort.org/#documents>.
- Capture packets with verbose output:
`sudo snort -v -i {{interface}}`
- Capture packets and dump application layer data with verbose output:
`sudo snort -vd -i {{interface}}`
- Capture packets and display link layer packet headers with verbose output:
`sudo snort -ve -i {{interface}}`
- Capture packets and save them in the specified directory:
`sudo snort -i {{interface}} -l {{path/to/directory}}`
- Capture packets according to rules and save offending packets along with alerts:
`sudo snort -i {{interface}} -c {{path/to/rules.conf}} -l {{path/to/directory}}`