Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform content searching/matching in addition to being used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog,a seperate "alert" file, or as WinPopup messages via Samba's smbclient.
55860ab8906f2d35a4d97a935e5d711818cc80f3002a5347d12c068993f84b7d