Snort mailing list archives

Re: fast logging

From: Always Bishan <bishan4u () yahoo co uk>
Date: Fri, 28 Feb 2003 06:27:23 +0000 (GMT)

hi

It depends on a huge number of factors, including
what hardware/OS you're
on, how fast your harddrive is, how much RAM you
have,


I have Amd Athlon XO 1.7Ghz,
256 MB RAM,
40 Gb Seagate Baracula Harddisk
and RedHat 8.0

Q1.How will this configuration perform?

what rules you're
running, etc.


with only using only alert rule type ?

Q2.Preprocessor plugin logs in portscan.log. How to
direct it to log to Snort database?

Q3.How to update new rules of snort?

Q4.People in my network access yahoo insider webpage.
Now that webpage contains some PORN words. How do I
direct snort not to alert for yahoo insider, but
keeping the respective rule in porn.rules intact?

Q5. Can anybody who has used snort in switched and
gigabit networks tell me about its performance .
 
Regards,
Bishan


=====
Celebrating Happinessemail: bishan@sumerusolutions.comcompany: www.sumerusolutions.com

__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

fast logging Always Bishan (Feb 27)
- Re: fast logging Bamm Visscher (Feb 27)
- Re: fast logging Martin Roesch (Feb 27)
  - Re: fast logging Always Bishan (Feb 27)