Suricata…Next gen Snort???
-
Anyone taken a look at Suricata? Supposedly the "next generation" snort IDS/IPS:
http://openinfosecfoundation.org/index.php/downloads
http://openinfosecfoundation.org/index.php/faqsJust curious if anyone has researched or tried it out.
-
haven't tried it. Sure ticked off Marty Roesch (Snort founder) it appears, though his basic complaint looks to be legit - it's nothing more than a government-funded rewrite of Snort that doesn't perform nearly as well.
-
+1 to cmb's comments. Give it a while and it may be worth looking at, but currently there's nothing it can do that Snort hasn't done for some time. Given a choice between a well tested platform, and a new one, for any security critical one I'd go with the well tested one…