Re: What does lightweight mean?

["Talisker" <Talisker () networkintrusion co uk>]

Bill

The term "lightweight" is referring to the minimal resources used by Snort,
whilst a common misconception the term does not reflect Snorts performance
as an IDS.

Take Care
Andy
http://www.networkintrusion.co.uk
Talisker's Network Security Tools List

Security Tools Notification
http://groups.yahoo.com/group/security-tools/join
----- Original Message -----
From: "Anderson, Bill" <wander01 () mail state mo us>
To: "'Snort Users'" <snort-users () lists sourceforge net>
Sent: Wednesday, May 30, 2001 3:19 PM
Subject: [Snort-users] What does lightweight mean?


> I have been considering Snort as an IDS for our organization, but several
> people have tried to steer me away because Snort is described as
> 'lightweight.' What does the term lightweight mean or imply? Does it mean
it
> can only handle light network traffic streams, or does it mean it is light
> in terms of needed resources? Or is it something else entirely? Any
thoughts
> are welcome.
>
> Also, I am currently running snort in the tcpdump file read mode, reading
> the files that our Shadow IDS created. Shadow only records the first 68
> bytes of each packet in the tcpdump log file. Is this enough packet data
for
> the Snort rules? Or will Snort work better with more or the entire packet?
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> http://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users



_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users