Snort mailing list archives
Re: Choosing Config detection - search-method
From: Anacleto Junior <suporte.anacleto () gmail com>
Date: Thu, 13 Mar 2014 11:37:22 -0300
Oh thanks. Now it's clear for me. I think that using the ac-split it's better for me for now. I have to study more about Snort to start changing some advanced options. Thank you for your response. 2014-03-13 10:57 GMT-03:00 Bhagya Bantwal (bbantwal) <bbantwal () cisco com>:
Hello Anacleto Júnior, The detection method with the snort.conf we ship is ac-split. The default in the code is ac-bnfa. Both detection methods are low on memory and high on performance. The optimal detection method depends on the rule set you have. Thank you! Bhagya From: Anacleto Junior <suporte.anacleto () gmail com> Date: Tuesday, March 11, 2014 12:51 PM To: "snort-users () lists sourceforge net" <snort-users () lists sourceforge netSubject: [Snort-users] Choosing Config detection - search-method
-- Anacleto Júnior Analista de TI e Redes Linux User: #447388
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- Choosing Config detection - search-method Anacleto Junior (Mar 11)
- Message not available
- Re: Choosing Config detection - search-method Anacleto Junior (Mar 13)
- Message not available