[Snort-users] Snort supports...

Daniel Kobayashi Imori daniel at ...7147...
Thu Oct 10 13:51:09 EDT 2002


Hi,

I'd like to know if snort supports the following items:

Detection Tecnology:
1. Protocol Analysis
2. Pattern Matching
3. +1200 signatures
4. Monitoring High Performance Networks (> 100 Mbits/s)
5. Application level protocol support
6. Stateful Packet Inspection technology
7. Decoding backdoor protocols/communication
8. Real Time events consolidation
9. HTTP response attacks detection
10. Unicode (multiple format) attack detection
11. High Speed networks optimize
11. Port independent detection ability
12. Monitoring multiple net segments in only sensor
13. IP defragmentation support
14. TCP stream reassembly support
15. Stealth monitoring interface
16. Signatures defined by user
17. Signatures update automatic
Customization:
18. Granular Tunning signatures
19. Total packets capture
20. TCP,UDP,ICMP protocols filter
21. Specific IP attacks filter
Response/Alert
22. Packet loss logging/alert
23. Granular Tunning response
24. Response fields customization
25. Trap SNMP send
26. E-mail send
27. Evidences log (attack packets)
28. Response defined by user
29. Alerts send to sms
30. TCP reset response
31. Check Point firewall OPSEC integration
Management
32. Remote update sensors
33. Remote GUI and command line management
34. Control, visualization and sort events in high volumes traffic
35. Correlation data and vulnabilities support
Generics
36. Capture packets when communication broken
37. Criptography communication sensor/console
38. Export report HTML,Word, Excel Format.
39. Relational DB support
40. Brazil courses and tools availability

If anyone can help me, i'll be thankfull!

--
Daniel Kobayashi Imori
daniel at ...7147...





More information about the Snort-users mailing list