Snort is an open source Network Intrusion Detection System (NIDS) which is available free of cost. NIDS is the type of Intrusion Detection System (IDS) that is used for scanning data flowing on the network. There are also host-based intrusion detection systems, which are installed on a particular host and detect attacks targeted to that host only. Although all intrusion detection methods are still new, Snort is ranked among the top quality systems available today.
Snort is an open source network intrusion detection system (NIDS) created by Martin Roesch. Snort is a packet sniffer that monitors network traffic in real time, scrutinizing each packet closely to detect a dangerous payload or suspicious anomalies.
Snort can be configured to run in three modes:
• Sniffer mode, which simply reads the packets off of the network and displays them for you in a continuous stream on the console (screen).
• Packet Logger mode, which logs the packets to disk.
• Network Intrusion Detection System (NIDS) mode, which performs detection and analysis on network traffic. This is the most complex and configurable mode.
See: What is Intrusion Detection?
Watch this excellent video on how to install Snort in Windows here:
For excellent written instructions, see how to install Snort on Windows:
https://www.securityarchitecture.com/learning/intrusion-detection-systems-learning-with-snort/installing-snort-on-windows/
And how to install Snort on Linux:
https://www.securityarchitecture.com/learning/intrusion-detection-systems-learning-with-snort/installing-snort-on-linux/