RE: high-speed NIDS (>1.7GBit/sec traffic) required.
From: McCammon, Keith (Keith.McCammon@eadvancemed.com)Date: 07/15/02
- Previous message: idslist: "RE: Questions about filtering"
- Maybe in reply to: s s: "high-speed NIDS (>1.7GBit/sec traffic) required."
- Next in thread: Bennett Todd: "Re: high-speed NIDS (>1.7GBit/sec traffic) required."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 15 Jul 2002 13:05:32 -0400 From: "McCammon, Keith" <Keith.McCammon@eadvancemed.com> To: "s s" <solananexus@yahoo.com>, <focus-ids@securityfocus.com>
> I would like to go with snort.
OK.
> what kind of hardware would be required to handle
> this?
Depends...
How many rules are you planning to run?
How much RAM does Snort have available?
What benchmarking have you performed, and what's choking?
What other services (if any) will run on the box?
What do your command-line arguments look like?
What type of output plugins are active?
> I have tried a Sun 280R, no avail. Dropping around
> 70-80k packets per second, too much for the box.
That's believable, but it's difficult to advise based on this information. Please elaborate.
Cheers
Keith
- Previous message: idslist: "RE: Questions about filtering"
- Maybe in reply to: s s: "high-speed NIDS (>1.7GBit/sec traffic) required."
- Next in thread: Bennett Todd: "Re: high-speed NIDS (>1.7GBit/sec traffic) required."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
Loading
