Snort mailing list archives
Re: one way Ethernet cable performance
From: Erek Adams <erek () theadamsfamily net>
Date: Thu, 28 Feb 2002 08:16:14 -0800 (PST)
On Thu, 28 Feb 2002, Onie Camara wrote:
Ok. Since the subject title contains "performance" :-) what would be a good command line parameter to run snort in a production environment? Is mine good enough assuming I've got well-tuned rules? snort -d -b -q -o -k none -c /etc/snort/snort.conf -l /var/log/snort
Actually, you could drop the -d. Since the binary mode logs the entire packet, you don't need to 'decode' it. Only when you did a 'snort -dvr <file>' would it be of use. ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- one way ethernet cable performance Mike Shaw (Feb 27)
- Re: one way ethernet cable performance Chris Green (Feb 27)
- Re: one way ethernet cable performance Mike Shaw (Feb 27)
- Re: one way ethernet cable performance Erek Adams (Feb 28)
- Re: one way ethernet cable performance Onie Camara (Feb 28)
- Re: one way ethernet cable performance Erek Adams (Feb 28)
- Re: one way ethernet cable performance Onie Camara (Feb 28)
- <Possible follow-ups>
- Re: one way Ethernet cable performance Onie Camara (Feb 28)
- Re: one way Ethernet cable performance Erek Adams (Feb 28)
- RE: one way ethernet cable performance Frank Knobbe (Feb 28)
- Re: one way ethernet cable performance Chris Green (Feb 27)