Snort mailing list archives
Re: GIG IDS
From: Matt Jonkman <mjonkman () infotex com>
Date: Tue, 12 Sep 2006 08:51:07 -0400
I was just putting this story up at bleeding snort: http://www.bleedingsnort.com/article.php?story=20060912082537189 Sensory networks has a hardware acceleration card that may be of particular interest. I'm looking into using it myself :) Matt Michael Scheidell wrote:
you may need a commercial system to keep up, or at least one box per connection. If you have a lot of 'small' < 64 byte packets, you might forget the pizza box. (run ntop on a sniffer link for a week and see) The backplane on most 'pizza bozes' is 3.2Gbs max., and two bidirectional 1GB pipes would be, well, more than the available backplane bandwidth. -----Original Message----- *From:* snort-users-bounces () lists sourceforge net [mailto:snort-users-bounces () lists sourceforge net] *On Behalf Of *Marc Appelbaum *Sent:* Tuesday, September 12, 2006 8:24 AM *To:* snort-users () lists sourceforge net *Subject:* [Snort-users] GIG IDS I'm looking for any insight into successful gigabyte Snort deployments. My network is huge multi-gigabyte environment. Most of the connections to my firewalls are gig. My Intenet connections are mostly dual OC-12s. I'm thinking about using a high end Linux with say Red Hat 4 or FreeBSD with at least 4 GB RAM with a Dual Core Intel CPU. Any advice is very welcome. --Marc ------------------------------------------------------------------------ ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
-- -------------------------------------------- Matthew Jonkman, CISSP Senior Security Engineer Infotex 765-429-0398 Direct Anytime 765-448-6847 Office 866-679-5177 24x7 NOC http://my.infotex.com http://www.infotex.com http://www.bleedingsnort.com -------------------------------------------- ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- GIG IDS Marc Appelbaum (Sep 12)
- Re: GIG IDS Joel Esler (Sep 12)
- <Possible follow-ups>
- Re: GIG IDS Michael Scheidell (Sep 12)
- Re: GIG IDS Matt Jonkman (Sep 12)
- Re: GIG IDS Donofrio, Lewis (Sep 12)
- Re: GIG IDS Martin Roesch (Sep 12)