Snort configuration
-
Can anyone explain to me the different performance settings for snort? IE what does ac, ac-banded, etc do?
I love what you've done so far with snort Scott. Great job! One feature I would like to see would be able to check which individual rules under each ruleset I want to enable/disable.
Thanks
-
Also, I believe someone else posted this issue, but I am seeing a big slow down in the snort web gui when I click on Snort Blocked. I am running Release 1.0 with snort 2.6.0.2.2. Sometimes it will take minutes for that list to display.
-
I would also like to know what the different performance setting for snort mean.
I am running 1.0 with snort 2.6.0.2.2 and have no issues with the snort web gui. I know it requires faster hardware inorder to run it, what is your system?
Is your memory or processor taxed?
I have a pentium 4 2.8GHZ with 512Ram with no issues with snort.
-
I am running an AMD 1.0ghz with 512mb. I notice that my mem usage stays at about 50% using the mwm performance setting.
Anyone able to explain the different settings ? :)
-
http://www.snort.org/docs/snort_htmanuals/htmanual_260/node10.html
check out section 2.0.3.2 under directive "detection" for an explaintion. Its just probably a difference in the algorithms used by Snort to analyze the packets depending on what kind of hardware it's being used on.
-
awesome, thanks for the link!