Opinion on SNORT

["Coltrane Nyathi" <CNyathi () csir co za>]

I 'll appreciate any comments on SNORT if anyone has ever used/tested it

BELOW IS A SNIPPET FROM THE Snort site:

"Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. 
It features rules based logging and can perform protocol analysis, content searching/matching and can be used to detect 
a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS 
fingerprinting attempts, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a 
seperate "alert" file, or as a WinPopup message via Samba's smbclient.  
"
thanx
Coltrane