Snort for Mac
Snort is a Mac OS X command line tool that brings a network intrusion prevention system to your computer. The utility will analyze your traffic in real time in order to help you view what protocols are used, or possible outside attacks, probes, scans, and so on.
Network intrusion prevention system that must be compiled from source
Snort is not available as a binary distribution, and does not come with a graphical user interface: you will download the source code archive, and you will have to manually compile it via the Terminal app. Note that you must also have the Xcode Command Line Tools deployed on your Mac.
To install Snort, you must go to the Snort folder in a new Terminal window (drag and drop the Snort folder on top of the Terminal Dock icon) and run the following commands: “./configure”, “make”, “sudo make install”, and “snort”.
Take into consideration that certain command take longer to complete than others, and that you might also need to install certain dependencies (including the daq library that can be downloaded from the Snort project page).
Monitor or protect your network via the command line
The Snort application can either track your network’s traffic (sniffer mode) and log all the transferred packages (packet logger mode), or act like a prevention system and detect potentially unwanted intrusions.
To help you get started, the Snort developers provide an extensive user manual that presents all the included functions and possible uses, configurations details, and so on. The application includes various monitoring, logging, and alerting tools, so reading the documentation is highly recommended.
To conclude, if you are looking for an unobtrusive yet powerful tool that can log your network traffic and detect potentially harmful intrusions, the Snort open source network intrusion prevention system certainly deserves your attention.