Snort is a network intrusion prevention and detection system that uses a rule-driven language, which combines the benefits of protocol, signature and anomaly based inspection methods.
Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry.
How to install and run: Unarchive, open a Terminal window, go to Snort's folder and run the following commands from the command line:
sudo make install
· Apple Xcode (to build from source)
What's New in This Release: [ read full changelog ]
· Improved support for DAQ verdicts of whitelist and blacklist for 6in4 and 4in6 encapsulated traffic (similar to Teredo & GTP). See the Snort manual for configuration details.
· Avoid changing the length of IP options in frag3 when receiving duplicate 0-offset fragments that have IP options.