From 35896a4e7a24dad54ffca3bbd611b2c61c13c496 Mon Sep 17 00:00:00 2001 From: Dirk Froemberg Date: Mon, 2 Aug 1999 10:14:11 +0000 Subject: [PATCH] Initial import of snort-1.2, a lightweight network intrusion detection system. --- security/snort/Makefile | 25 +++++++++++++++++++++++++ security/snort/distinfo | 1 + security/snort/pkg-comment | 1 + security/snort/pkg-descr | 21 +++++++++++++++++++++ security/snort/pkg-plist | 11 +++++++++++ 5 files changed, 59 insertions(+) create mode 100644 security/snort/Makefile create mode 100644 security/snort/distinfo create mode 100644 security/snort/pkg-comment create mode 100644 security/snort/pkg-descr create mode 100644 security/snort/pkg-plist diff --git a/security/snort/Makefile b/security/snort/Makefile new file mode 100644 index 000000000000..08a2d58f5f1b --- /dev/null +++ b/security/snort/Makefile @@ -0,0 +1,25 @@ +# New ports collection makefile for: snort +# Version required: 1.2 +# Date created: Mon Aug 2 12:04:08 CEST 1999 +# Whom: Dirk Froemberg +# +# $Id$ +# + +DISTNAME= snort-1.2 +CATEGORIES= security net +MASTER_SITES= http://www.clark.net/~roesch/ \ + http://www.physik.TU-Berlin.DE/~ibex/ports/distfiles/ + +MAINTAINER= dirk@FreeBSD.org + +GNU_CONFIGURE= yes + +post-install: + ${MKDIR} ${PREFIX}/share/snort +.for i in CREDITS RULES.SAMPLE USAGE backdoor-lib misc-lib overflow-lib \ + scan-lib snort-lib web-lib + ${INSTALL_DATA} ${WRKSRC}/$i ${PREFIX}/share/snort +.endfor + +.include diff --git a/security/snort/distinfo b/security/snort/distinfo new file mode 100644 index 000000000000..ee9836184983 --- /dev/null +++ b/security/snort/distinfo @@ -0,0 +1 @@ +MD5 (snort-1.2.tar.gz) = 5cc7f80915e1f7719bf6a2a310b77948 diff --git a/security/snort/pkg-comment b/security/snort/pkg-comment new file mode 100644 index 000000000000..2ed409a612f5 --- /dev/null +++ b/security/snort/pkg-comment @@ -0,0 +1 @@ +Lightweight network intrusion detection system diff --git a/security/snort/pkg-descr b/security/snort/pkg-descr new file mode 100644 index 000000000000..1b98a24f98c0 --- /dev/null +++ b/security/snort/pkg-descr @@ -0,0 +1,21 @@ +Snort is a libpcap-based packet sniffer/logger which can be used as a +lightweight network intrusion detection system. It features rules based logging +and can perform content searching/matching in addition to being used to detect +a variety of other attacks and probes, such as buffer overflows, stealth port +scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting +capabilty, with alerts being sent to syslog, a seperate "alert" file, or even +to a Windows computer via Samba. + +Packets are logged in their decoded form to directories which are generated +based upon the IP address of the remote peer. This allows Snort to be used as +a sort of "poor man's intrusion detection system" if you specify what traffic +you want to record and what to let through. + +For instance, I use it to record traffic of interest to the six computers in +my office at work while I'm away on travel or gone for the weekend. It's +also nice for debugging network code since it shows you most of the Important +Stuff(TM) about your packets (as I see it anyway). The code is pretty easy +to modify to provide more complete packet decoding, so feel free to make +suggestions. + +WWW: http://http://www.clark.net/~roesch/security.html diff --git a/security/snort/pkg-plist b/security/snort/pkg-plist new file mode 100644 index 000000000000..aeb9624f7993 --- /dev/null +++ b/security/snort/pkg-plist @@ -0,0 +1,11 @@ +bin/snort +share/snort/CREDITS +share/snort/RULES.SAMPLE +share/snort/USAGE +share/snort/backdoor-lib +share/snort/misc-lib +share/snort/overflow-lib +share/snort/scan-lib +share/snort/snort-lib +share/snort/web-lib +@dirrm share/snort