Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE : Re: RE : Re: high packet loss - low throughput

From: waldo kitty <wkitty42 () windstream net>
Date: Fri, 19 Jul 2013 14:06:25 -0400
On 7/19/2013 09:36, Joel Esler wrote:

On Jul 19, 2013, at 9:27 AM, rmkml <rmkml () yahoo fr <mailto:rmkml () yahoo fr>> wrote:


3500 rules is high, can you run only with recommended rulesets please? (
Around 500 - 1000 rules)


I don’t think that’s the problem. 3500 isn’t a high number of rules. 10000 is.


agreed...

FWIW: counting all the rules in the (VRT managed) Community (VRTC), VRT 
Registered (VRTR), and ET Open (ETO) sets... by default there are...

256   VRTC rules enabled
2358  VRTC rules disabled
=========================
2614  VRTC rules total


3850  VRTR rules enabled
13387 VRTR rules disbled
========================
17237 VRTR rules total


16320 ETO rules enabled
2669  ETO rules disabled
========================
18989 ETO rules total


20442 total enabled
18414 total disabled
====================
38856 total rules


NOTE: "by default" means enabled or disabled out of the box by the 
vendor/maintainer...

i'll leave the count of rules contained in the VRT Subscriber (VRTS) or ET Pro 
(ETP) rules sets to others ;)

-- 
NOTE: No off-list assistance is given without prior approval.
       Please keep mailing list traffic on the list unless
       private contact is specifically requested and granted.

------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: