Colloquium: The SNORT Intrusion Detection System

Xiongqi (Wesley) Wu, Graduate Student, UK Computer Science

Venue: 209 CRMS

Time: 4:00-5:00pm

Hosts: Professors Griffioen, Singhal, and Marek

Abstract:                                                                          

Snort is a popular open source network intrusion detection tool that has           
the ability to perform real time traffic analysis and packet logging for           
IP-based networks.  Snort has three main modes of operation: (1) sniffer           
mode (captures and displays packets), (2) logger mode (log packets to               
disk), and (3) NIDS mode(detects and/or prevents intrusion).  In this              
talk, we will provide a brief introduction to the general area of                  
intrusion dection systems, give an overview of the Snort system, and               
describe how one might use Snort (including customizations via Snort               
rules).                                                                            
                                                                                   
Mr. Wu is a Ph.D. candidate at the Department of Computer Science,                 
University of Kentucky