Talk With an Expert

An Analysis of the Snort Data Acquisition Modules

An Analysis of the Snort Data Acquisition Modules (PDF, 3.95MB)Published: 08 Nov, 2012
Created by
Christopher Murphy

Snort is a commonly used open source Intrusion Detection System (IDS) with voluminous documentation and excellent community support. However, the data acquisition (DAQ) modules included with Snort IDS versions 2.9 and later are a relatively recent addition. DAQ allows new flexibility for Snort by separating the network capture functions out into external, loadable modules. DAQ also integrates inline intrusion prevention capability that was previously only available with add-on patches.