Home > What is the difference between Snort and Bro?
FAQ:
EMAIL THIS

What is the difference between Snort and Bro?

14 Jan 2008 | SearchSecurityChannel.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

About the author
Richard Bejtlich is director of incident response at General Electric Company in Manassas, Va. and blogs at Bejtlich.net and TaoSecurity.com. Listen to the rest of Richard's answers on Snort by downloading our Snort podcast.
Bro is the only other real open source network intrusion detection system supported by a significant community of users. Vern Paxson of the University of California at Berkeley is the lead developer. Bro is considered a specification-based network IDS. Bro uses a variety of protocol analysis modules to inspect traffic and make judgments regarding its conformance to various norms. It is actually a very powerful complement to Snort.

Return to the Snort FAQ guide and read the rest of Richard's expert responses.

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
What is Snort?
Why is the Snort IDS still alive and thriving?
Is Snort right for the IDS needs of all clients?
How does Snort's flavor of intrusion detection work?

Network intrusion detection and prevention defenses
SIEM services help customers with security monitoring
Implementing IDS/IPS technologies: Managing politics and accountability
Juniper launches mid-level security appliances
Must-haves for wireless network security: WLAN switches, intrusion detection and more
Host-based IDS/IPS Partner Program Directory
Understanding Snort's Unified2 output
Network security algorithms introduction
Searching for multiple strings in packet payloads
Approximate string matching
IP traceback via probabilistic marking

Open Source Security Software
Network session data analysis with Snort and Argus
How to use shared object rules in Snort
Why is the Snort IDS still alive and thriving?
Is Snort right for the IDS needs of all clients?
Will deploying Snort detect malicious events quickly?
How can the operator test Snort?
How can I learn more about Snort?
What does the future hold for Snort?
What extra functionality do Snort add-ons provide?
Does Snort support target-based intrusion detection?

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts