Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] Nagios versus Snort
  • From: Crispin Cowan <crispin@xxxxxxxxxx>
  • Date: Thu, 08 Dec 2005 02:39:17 -0800
  • Message-id: <43980D55.8020903@xxxxxxxxxx>
Bruno Cochofel wrote:
> Can someone tell me the difference between Nagios and Snort?
>
Nagios is a "network" monitor, in that it monitors the machines on your
network to tell you which services are up and which are down. It
monitors your service status.

SNORT is a network intrusion detection system. It monitors traffic on
your network, regardless of which host it came from or is destined for,
looking for patterns it might recognize as attacks.

> Which one does the best job in monitoring Networks?
>
Since they are used for almost completely different things, "best" is
not a meaningful question. SNORT is a very strong NIDS, well regarded by
most users. I have heard that Nagios is a good service monitor, but
there are other alternatives, and Nagios does not have the near-total
dominance of its niche that SNORT does.

Crispin
--
Crispin Cowan, Ph.D. http://crispincowan.com/~crispin/
Director of Software Engineering, Novell http://novell.com


< Previous Next >
References