Snort mailing list archives
Snort v2.7.0 improve performance with lowmem search method on pcap file!
From: rmkml <rmkml () free fr>
Date: Sun, 22 Jul 2007 23:08:29 +0200 (CEST)
Hi, Snort v2.7.0 improve performance, on same pcap file: snort 2615 : 60s snort 270 : 30s search method used is lowmem and snort conf is similar (as possible), if I change to ac-bnfa, on same pcap file : snort 2615 : 62s snort 270 : 36s lowmem use 103Mo of memory and acbnfa use 111Mo on snort 270. alert number: 270=25486,2615=25585 , test repeated 10x. tested on linux fedora core 7 x86 laptop plateform Best Regards Rmkml Crusoe Researches ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort v2.7.0 improve performance with lowmem search method on pcap file! rmkml (Jul 23)
- Re: Snort v2.7.0 improve performance with lowmem search method on pcap file! Colin Grady (Jul 23)
- Re: Snort v2.7.0 improve performance with lowmem search method on pcap file! Justin Heath (Jul 23)
- Message not available
- Fwd: Snort v2.7.0 improve performance with lowmem search method on pcap file! Justin Heath (Jul 23)
- Re: Snort v2.7.0 improve performance with lowmem search method on pcap file! Marc Norton (Jul 23)
- Re: Snort v2.7.0 improve performance with lowmem search method on pcap file! Colin Grady (Jul 23)