Snort mailing list archives

Snort Performance

From: "Laura" <uy38698 () adinet com uy>
Date: Fri, 26 Mar 2004 10:30:01 -0300

I'm thinking about placing an NIDS (linux box running red hat 8 with
snort v 2.0.2 + acid 0.9.6) on a 2950 sw where not only all the traffic
from all the companies goes by but also where the carriers connections
ends.
 
Monitoring about 8 interfaces, the amount of traffic that it will see is
going to be really big. 
 
Does anyone have any experience using snort in a critical point of the
network, loading lots of traffic. I'm interested in information about
performance, hardware of the machine used (type of card, amount of
memory, processor, etc) and comments tips or best practices in order to
minimize the possible problems of any kind.
 
TIA
 
Laura

Current thread:

Snort Performance mik sib (Jan 09)
- <Possible follow-ups>
- Snort performance SN ORT (Feb 02)
  - RE: Snort performance Michael Steele (Feb 02)
- Snort Performance Laura (Mar 26)
  - RE: Snort Performance Jim Hendrick (Mar 26)
  - Re: Snort Performance Rodrigo B. Ramos (Mar 26)
- Re: Snort Performance Mark . Schutzmann (Mar 26)
  - RE: Snort Performance Laura (Mar 26)