What is Snort?
Snort is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system. Snort's open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on IP networks. Snort performs protocol analysis, content searching, and content matching. The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans.
What does the acronym NIDS stand for?
network-based intrusion detection system
What is packet capture?
Packet capture is the process of intercepting and logging traffic.
What is a packet?
A packet is a formatted unit of data carried by a packet mode computer network.
Computer communications links that do not support packets, such as traditional point-to-point telecommunications links, simply transmit data as a series of bytes, characters, or bits alone. When data is formatted into packets, the bitrate of the communication medium can be better shared among users than if the network were circuit switched.
What is TCP?
Transmission Control Protocol
The Transmission Control Protocol (TCP) is one of the two original core protocols of the Internet protocol suite (IP), and is so ubiquitous that the entire suite is often called TCP/IP. TCP provides reliable, ordered, error-checked delivery of a stream of octets between programs running on computers connected to an intranet or the public Internet.
What is YAF?
YAF is Yet Another Flowmeter.
It processes packet data from pcap dumpfiles as generated by tcpdump or via live capture from an interface using pcap(3) into bidirectional flows, then exports those flows to IPFIX Collecting Processes or in an IPFIX-based file format. YAF's output can be used with the SiLK flow analysis tools and any other IPFIX compliant toolchain.
What is cron?
Cron is the time-based job scheduler in Unix-like computer operating systems.
What is IoC?
Inversion of Control (IoC)
IoC is a programming technique, expressed here in terms of object-oriented programming, in which object coupling is bound at run time by an assembler object and is typically not known at compile time using static analysis.
Inversion of control is sometimes facetiously referred to as the "Hollywood Principle: Don't call us, we'll call you", because program logic runs against abstractions such as callbacks.
What is a form factor (small form factor vs large form factor)?
the form factor is the specification of a motherboard - the dimensions, power supply type, location of mounting holes, number of ports on the back panel, etc.
What is a PCIe SSD?
Peripheral Component Interconnect Express
PCIe is a high-speed expansion card format that connects a computer with its attached peripherals. PCIe has a point-to-point architecture. This means that each device connects to the host with its own serial link and does not have to share a bus.
PCIe-based solid-state storage has better performance than server-based SATA, SAS or Fiber Channel (FC) solid-state drives because of the direct connections. This makes it a good choice for applications that have intensive input/output (I/O) requirements, such as, online transaction processing and data warehousing.
What is SATA?
Serial ATA (Serial Advanced Technology Attachment or SATA) is a standard for connecting hard drives into computer systems.
As its name implies, SATA is based on serial signaling technology, unlike current IDE (Integrated Drive Electronics) hard drives that use parallel signaling.
What is SAS?
Serial-attached SCSI (SAS) is a method used in accessing computer peripheral devices that employs a serial (one bit at a time) means of digital data transfer over thin cables.
SAS is especially of interest for access to mass storage devices, particularly external hard drives.