Snort mailing list archives
Gigabit IDS
From: Tony.Williams () ci austin tx us
Date: Mon, 5 Jan 2004 23:07:02 -0600
Hey Guys, I recently picked up a Dell Poweredge 1750 at work for a pilot test using snort as our enterprise IDS. The specs on the box are Dual Xeon 3.06Ghz Procs, 2gig mem, 15k rpm scsi drives in a raid 5 configuration and dual intel fiber gig nics. I've been doing some studying and I want to leverage our current microsoft sql database backend for logging. I saw that barnyard was probably the way to go for logging to the database but it seems as though it only supports mysql and postgres. I figure I could use the database output plugin in snort but I know that will cost me performance and at gigabit i'm not sure how much I can give. It seems that there is a win32 version of barnyard that supports mssql but I'm really wanting to make my sensors linux for speed. Can anyone give me some insight and let me know if my hardware sounds good for gigabit ids and also if you think I may have an issue with using the snort db output plugin instead of barnyard due to the lack of mssql support? I'm going to be starting the test soon but I'm still in the information gathering stage right now. Any help would be appreciated. Thanks!!! Tony Williams ------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Gigabit IDS Tony . Williams (Jan 05)
- Re: Gigabit IDS Erek Adams (Jan 06)
- Re: Gigabit IDS twig les (Jan 06)
- Re: Gigabit IDS Erek Adams (Jan 06)