Snort mailing list archives
RE: snort performance vs traffic
From: "Gray . Brendan" <bgray2 () drc com>
Date: Tue, 9 Jul 2002 10:34:07 -0400
I got a Pentium 166, 48 megs RAM, ISA NIC card, RedHat 7.2, running Snort 1.8.6 (RPM), Snortsnarf, with Apache and get zero dropped packets logging to an alert file. I'm watching a T-1, which connects a small office of approx 80 machines to the internet, which is typically at 10% usage. Brendan -----Original Message----- From: Tim Prendergast [mailto:tprendergast () reserveamerica com] Sent: Tuesday, July 09, 2002 10:28 AM To: snort-users () lists sourceforge net Subject: [Snort-users] snort performance vs traffic All, Curious to see what you are running in comparison to my config, because my snort is running out of memory and dying every day during the busy hours... We're pushing like 4 T-1's worth of traffic coming in from the net, not to mention the traffic from our internal machines across the 100mb switch I am snorting... It's on a box with a 500mhz PIII and 256mb of memory. Am I way under-arming this machine for this task? Regards, Tim Prendergast Manager, Web Administration ReserveAmerica, Inc http://www.ReserveAmerica.com <http://www.ReserveAmerica.com> 916-414-8400 x 3536
Current thread:
- snort performance vs traffic Tim Prendergast (Jul 09)
- Re: snort performance vs traffic Chris Green (Jul 09)
- Re: snort performance vs traffic Erek Adams (Jul 09)
- RE: snort performance vs traffic Tim Prendergast (Jul 09)
- RE: snort performance vs traffic Erek Adams (Jul 09)
- Re: snort performance vs traffic Erek Adams (Jul 09)
- RE: snort performance vs traffic Tim Prendergast (Jul 09)
- Re: snort performance vs traffic Rob Hughes (Jul 10)
- <Possible follow-ups>
- RE: snort performance vs traffic Gray . Brendan (Jul 09)