Snort mailing list archives
Re: one way Ethernet cable performance
From: "Onie Camara" <neil () restricted dyndns org>
Date: Thu, 28 Feb 2002 09:28:55 -0600
Hi Keith, Ok. Since the subject title contains "performance" :-) what would be a good command line parameter to run snort in a production environment? Is mine good enough assuming I've got well-tuned rules? snort -d -b -q -o -k none -c /etc/snort/snort.conf -l /var/log/snort ----- Original Message ----- From: "McCammon, Keith" <Keith.McCammon () eadvancemed com> To: "Onie Camara" <neil () restricted dyndns org>; "Erek Adams" <erek () theadamsfamily net>; "Mike Shaw" <mshaw () wwisp com> Sent: Thursday, February 28, 2002 9:13 AM Subject: RE: [Snort-users] one way Ethernet cable performance That is correct. One-way Ethernet cables are intended for passive sensors. -----Original Message----- From: Onie Camara [mailto:neil () restricted dyndns org] Sent: Thursday, February 28, 2002 10:01 AM To: Erek Adams; Mike Shaw Cc: snort-users () lists sourceforge net Subject: Re: [Snort-users] one way ethernet cable performance Am I right that using one way ethernet cable defeats the purpose of snort's flexresp capability like tearing tcp connections? ----- Original Message ----- From: "Erek Adams" <erek () theadamsfamily net> To: "Mike Shaw" <mshaw () wwisp com> Cc: <snort-users () lists sourceforge net> Sent: Thursday, February 28, 2002 5:21 AM Subject: Re: [Snort-users] one way ethernet cable performance
On Wed, 27 Feb 2002, Mike Shaw wrote:I'm about to work up a one-way cable (for use in a hub), but I'm a
bit
concerned about the effect it will have on the network. Since the traffic is broadcast back out into the hub, does that
create
performance issues on that collision domain? This will be at a
rather
critical point on a network and I can't afford to introduce ethernet
oddities.
Mike, Actaully, have a look at this: http://www.theadamsfamily.net/~erek/snort/ I've got a couple of links
on RO
cables. These don't suffer from that since the TX wires aren't even connected. Hope that helps! ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- one way ethernet cable performance Mike Shaw (Feb 27)
- Re: one way ethernet cable performance Chris Green (Feb 27)
- Re: one way ethernet cable performance Mike Shaw (Feb 27)
- Re: one way ethernet cable performance Erek Adams (Feb 28)
- Re: one way ethernet cable performance Onie Camara (Feb 28)
- Re: one way ethernet cable performance Erek Adams (Feb 28)
- Re: one way ethernet cable performance Onie Camara (Feb 28)
- <Possible follow-ups>
- Re: one way Ethernet cable performance Onie Camara (Feb 28)
- Re: one way Ethernet cable performance Erek Adams (Feb 28)
- RE: one way ethernet cable performance Frank Knobbe (Feb 28)
- Re: one way ethernet cable performance Chris Green (Feb 27)