Snort mailing list archives
Re: OS options to monitor traffic over a 1GiB and 10 GiB
From: Jaime Nebrera <jnebrera () gmail com>
Date: Wed, 04 Jul 2012 10:31:03 +0200
Hi Peter,
Just to confuse things further, another option: http://www.ntop.org/pf_ring/using-pf_ring-daq-for-high-performance-110-gbit-snort-based-idsips/
We are in charge of such development (sorry but I used my personal email instead of work email to join this list) in collaboration with Luca and Alfredo. I just sent to this list the announcement of the project and hope very soon will be included in snort.org blog and repositories (at least for the DAQ side). The project involves quite a lot of stuff, one is the improvement of the performance at the sensor and the other is the management of a big number of devices With respect to performance we focused mainly in four different areas: porting of DAQ to latest pf_ring, enhancements in the TX path (for IPS mode), enhancing the DAQ to make a single snort process able to read data from multiple ethernet segments at the same time (thus being able to exploit all hardware resources in a multi segment scenario) and last, creation of a new forwarding mode at kernel level (kind of IDS running as a forwarding device) We just made the site public and hope with some time and patiente from your side we will be able to provide more info, like documentation in english, community mailing list, etc Enjoy ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Re: [Snort-users] OS options to monitor traffic over a 1GiB and 10 GiB Robert Vineyard (Jul 01)
- Message not available
- Re: OS options to monitor traffic over a 1GiB and 10 GiB Robert Vineyard (Jul 01)
- Re: OS options to monitor traffic over a 1GiB and 10 GiB C. L. Martinez (Jul 01)
- Re: OS options to monitor traffic over a 1GiB and 10 GiB waldo kitty (Jul 02)
- Re: OS options to monitor traffic over a 1GiB and 10 GiB livio Ricciulli (Jul 03)
- Re: OS options to monitor traffic over a 1GiB and 10 GiB C. L. Martinez (Jul 03)
- Re: OS options to monitor traffic over a 1GiB and 10 GiB Peter Bates (Jul 04)
- Re: OS options to monitor traffic over a 1GiB and 10 GiB Jaime Nebrera (Jul 04)
- Re: OS options to monitor traffic over a 1GiB and 10 GiB Robert Vineyard (Jul 01)
- Message not available