The Implementation of Rule-Based Early Warning System in Snort Through Email
Snort is a network intrusion detection and prevention tool and is used to identify and prevent the different types of attacks on networks. The snort works on the basis of rules enabled or created by the network administrator time to time. In this paper attacks are identified with the help of alert mechanism in the rule set as defined in snort package. The alert notification on email is shown in the form of snapshots. It simply means to deliver the alert in the form of email which makes the flexibility to the administrator to roam anywhere without being taking pain of any missed information related to attacks.
KeywordsIntrusion Snort Rules Alert Swatch and sendmail
- 1.Goel A, Vasistha AK A review on foundation of network intrusion detection and prevention system. Int J Electr Eng 9(1):125–137Google Scholar
- 2.Goel A, Vasistha AK The implementation and assessment of snort capabilities. Int J Comput Appl 167(13):15–23Google Scholar
- 3.Sourcefire Inc, Roesch M, Green C (2013) SNORT Users Manual—SNORT Release: snort-22.214.171.124. http://www.snort.org
- 4.Caswell B, Beale J, Baker A (2007) Snort intrusion detection and prevention toolkit, Syngress. ElsevierGoogle Scholar
- 5.Frederick M, Avolio, Paul A (1995) Vixie, Send mail: theory and practice. Digital PressGoogle Scholar