Snort mailing list archives
Re: Kernel for snort
From: Matt Kettler <mkettler () evi-inc com>
Date: Wed, 21 Aug 2002 15:50:07 -0400
It really shouldn't matter very much for snort which kernel version you use. Perhaps some slight differences in performance/security..
Personally I favor box security over performance for the box I run snort on, so personaly I'd try to use the grsecurity kernel patch to randomize PID's, restrict links and other goodies, or run it off OpenBSD.
If low-drop rate is the most important to you , perhaps some of the low-latency patches might be helpful, but really we're talking about very, very minor differences.
I think the best guideline is "pick the kernel which has all the latest security fixes, and has the best support for your hardware and no major known bugs." Since your hardware is pretty common/generic, pretty much any recent kernel should do.
At 01:12 PM 8/21/2002 -0600, hackerwacker wrote:
I would like to try a new kernel for my Snort box. Here are the stats: RH 7.1 Intel chip set P-III e 1000 mhz 771 MB memory Snort 1.8.7 Should I go with current stable (2.4.19) from kernel.org or another version ? ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Kernel for snort hackerwacker (Aug 21)
- Re: Kernel for snort Matt Kettler (Aug 21)