Snort mailing list archives
Re: Snort Hardware Selection and Fiber/Copper Taps
From: Joel Esler <jesler () sourcefire com>
Date: Fri, 30 Oct 2009 09:56:41 -0400
-- Sent from my iPhone On Oct 29, 2009, at 3:46 PM, "Chan, Wilson" <wchan () honolulu gov> wrote:
Im looking at spec’ing out some new servers for my Linux (CentOS) Sn ort boxes. If funding was not a issue what would you buy?
I'd buy Sourcefire's commercial solution. ;)
Q: Snort is not multi-threaded so does it make sense to buy a rack mount server with multiple cpus?Q: How much ram should be allocated per server for 32bit snort on linux? If I go over 4Gb I would have to use a PAE kernel. How much ram can Snort use?Q: Ntap fiber to copper aggregators for gigabit links or Ntap fiber to copper traditional taps (Outputs Tx and Rx per copper port)?Q: If I decide to use the traditional taps do you run two processes of snort for each TX and RX or do you bridge the two interfaces and run just one snort process? What is best to do in this scenario? Thanks!Wilson--- --- --- ---------------------------------------------------------------------Come build with us! The BlackBerry(R) Developer Conference in SF, CAis the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stayahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort Hardware Selection and Fiber/Copper Taps Chan, Wilson (Oct 29)
- Re: Snort Hardware Selection and Fiber/Copper Taps Joel Esler (Oct 30)
- Re: Snort Hardware Selection and Fiber/Copper Taps Rob Dixon (Oct 30)
- Re: Snort Hardware Selection and Fiber/Copper Taps Mark W. Jeanmougin (Nov 02)
- Re: Snort Hardware Selection and Fiber/Copper Taps Alex Tatistcheff (Nov 04)