Changing Alert Order

[Thiago Mello <tmello00 () yahoo com br>]

Hi,

I've got a very basic rule, what it mean in snort Pass, Alert and Log?

I want to Snort run in the most fast way, and generate the log in the
fastest way too. I already run with -A fast and -b option, but I want to
know if I can optimize with the Alert Order.

Another question, have anyone use the -A unsock method of output? 
Im trying to use it for my correlator alert module to get the alerts,
but it is not doing what I want....

Opps, one more...
With this method if the snort alert is faster the with -A fast alert
generation method?

Any help is welcome! :)

Thanks very much in advance.

Thiago Mello





-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users