Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [SUSPECTED SPAM] Snort rules time

From: Darryle Merlette <merlette () niksun com>
Date: Fri, 1 Mar 2019 19:05:13 +0000
I believe he is asking for the run-time complexity of the string search algorithms done in Snort (Boyer-Moore, etc.)

Probably a better question for the snort-devel list.

Thanks,

Darryle

--------------------------------------------



Original message:




Date: Fri, 1 Mar 2019 15:32:48 +0000



From: "Joel Esler (jesler)" <jesler () cisco com<mailto:jesler () cisco com>>



To: Carl Nykvist <nykvistc () gmail com<mailto:nykvistc () gmail com>>



Cc: "snort-sigs () lists snort org<mailto:snort-sigs () lists snort org>" <snort-sigs () lists snort 
org<mailto:snort-sigs () lists snort org>>



Subject: Re: [Snort-sigs] [SUSPECTED SPAM]  Snort rules time



            complexity



Message-ID: <E3E99496-9BE2-4ED4-B4E1-A46F8A203AA9 () cisco com<mailto:E3E99496-9BE2-4ED4-B4E1-A46F8A203AA9 () cisco 
com>>



Content-Type: text/plain; charset="us-ascii"







How Snort handles "time complexity"



What do you mean?















On Mar 1, 2019, at 5:10 AM, Carl Nykvist via Snort-sigs <snort-sigs () lists snort org<mailto:snort-sigs () lists 
snort org>> wrote:







Hi!







Anyone here knows how snort handles time complexity to search and filter for specific rules quickly?







__________________________________________________________________________
Darryle Merlette, CISSP                                          NIKSUN, Inc.
Tel: +1 770-772-1613                                              http://www.niksun.com
Cel: +1 908 510-3574                                              457 N. Harrison St.
HQ:  +1 609 936-9999 x3324                                 Princeton, NJ 08540 USA
__________________________________________________________________________
                                          **** CONFIDENTIALITY NOTICE ****
This electronic mail message (and/or documents accompanying it) is the property of NIKSUN, Inc.
and may contain confidential material for the sole use of NIKSUN and the intended recipient(s).
Any review, use, distribution or disclosure by anyone other than an intended recipient is strictly
prohibited. If you have received this communication in error, please contact the sender by e-mail
and delete all copies of the message.


_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists snort org
https://lists.snort.org/mailman/listinfo/snort-sigs

Please visit http://blog.snort.org for the latest news about Snort!

Please follow these rules: https://snort.org/faq/what-is-the-mailing-list-etiquette

Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a 
href=" https://snort.org/downloads/#rule-downloads";>emerging threats</a>!
Previous By Date Next
Previous By Thread Next

Current thread: