I have lots of computer is there any solutions to do centralized snort /
iptables inline with easy way ? Any projects what I should take look ?
On Mon, Aug 22, 2005 at 10:03:38PM +0200, Michal Melewski wrote:
Dnia 22-08-2005, pon o godzinie 05:29 +0000, afshinlamei@gmail.com
napisa?(a):
Dear all,
1- can i use snort inline+iptables in router (no bridge) mode under linux?
Yes, you can. All you have to do, is to redirect all your incoming (and
possibly outgoing) traffic to QUEUE target in your iptables rules.
2- what's the performance issuses when using snort inline + flexresponse
mode?
Processor usage is strictly connected with traffic size, but there is
constant RAM usage (in my case 20-30 MB of RAM is used).
I had no time to do any traffic latency tests.
thanks
afshin
--
Michael "carstein" Melewski | "We have no future bacause our present
carstein()7thguard.net | is too volatile. We have only risk
mobile: 502 545 913 | management. The spinning of the given
JID: carstein()gentoo.pl | moment's scenarios. Pattern recognition.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
