Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: OS Choice - No Flame War!

From: Erek Adams <erek () theadamsfamily net>
Date: Sun, 9 Sep 2001 07:49:04 -0700 (PDT)
On Sun, 9 Sep 2001 gary.smith () ScottishAmicable co uk wrote:


Without wishing to start some sort of Jihad/Flame War (_please_ take note)


Damn, And I like those candies!  Hard and Chewy, but spicy! ;-P


can someone give me an objective comparison of Snort on the various
platforms?


Ugh...  You're asking a tough one...


Everyone will have their own personal favourites and thats fine by me, but
I'm looking to make a long term decision on probe OS and I'd rather that
wasn't made on the back of a "use RedHat because I like it" post.

An objective Win32 vs. *NIX comparison followed by a best *NIX would be
great.


I can't and won't speak for M$.  I don't use it, so I have no real clue to
offer there.

*NIXs:  I've not built sensors on every single platform.  I've not used every
single *nix.  So I'm not speaking for every one of them...  What I have found
is the *nixes with the better TCP/IP stacks are usually your winners.  *BSD
seems to be the fastest, most stable stack.  Personally, I like OpenBSD as a
sensor platform.  Stable, solid, and you can get a nice custom kernel for a
rather tight little box.  Next, It's a toss-up between Linux variants.  The
newer 2.4 kernel helped out quite a bit on stability and robustness, but I'm
still not ready to put Linux into a production setup.  And then you have the
tank:  Solaris.  Turn it on, point it in a direction, move outa the way and
just let it run.  In a test lab, I've had Solaris handling a sustained 25mb on
a 100mb segment.  (No, I know that's not a lot, but it was all I could push!
:)



<disclaimer>
I use or have used Windows2000, NT, HP-UX, AIX, Solaris, Mandrake, RedHat,
Caldera.  They are all good operating systems in their own way.  Comparisons
are only valid when discussing equivalent skilled administrators on both
platforms.  I have seen *NIX boxes that were wide open in comparison to NT
boxes I have hardened (and vice versa).
</disclaimer>


Disclaimer noted and understood.  It all depends on the admin at the keyboard.
A comptent admin makes _all_ the difference.  Use the right OS for the job,
just be sure you've got a good admin for that OS.  :)

-----
Erek Adams
Nifty-Type-Guy
TheAdamsFamily.Net


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: