Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: "Making Snort go fast under Linux..."

From: "Randal T. Rioux" <randy () procyonlabs com>
Date: Wed, 24 Feb 2010 11:40:41 -0500
On Wed, February 24, 2010 9:02 am, Edward Bjarte Fjellskål wrote:


During the years, I have tried to gather some notes
on what can help "Snort go faster".

I summed it up in a blog post:
http://www.gamelinux.org/?p=81

If anyone here has any comments/improvements/tips etc,
I would be happy to hear about them, and include them
in my post for future reference.


Nice job, some really great pointers. Gave me an idea.

You mentioned performance may be enhanced by using different
compilers/flags. I'm going to run some tests using different setups (OS,
compiler collection, etc). Can anybody suggest an ideal way to beat the
Hell out of a Snort box?

I'd like to analyze as large a dataset as possible containing a large
amount of detectable malware/sig triggers. Something that can sustain 1Gb
of traffic for approx. five minutes. I have the storage, systems and
bandwidth in my lab to do fiber, copper, multiple platforms and operating
systems.

This will be fun.

Thanks!
Randy



------------------------------------------------------------------------------
Download Intel&#174; Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: