Snort mailing list archives
Re: Configuring Snort as a HIDS
From: Jason Haar <Jason.Haar () trimble co nz>
Date: Wed, 05 Dec 2007 09:03:22 +1300
Seth wrote:
Remember also that if the server you install snort on sees alot of traffic, snort will be stealing alot of CPU and memory away from the service you are offering.
That is so true. However, also remember that "file integrity" checks means checksumming every file in scope - which also tends to also hammer the box. You can't get something for nothing :-) PS: osiris is also an option. Very easy to set up, Windows and Unix support. http://*osiris*.shmoo.com -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------------------------- SF.Net email is sponsored by: The Future of Linux Business White Paper from Novell. From the desktop to the data center, Linux is going mainstream. Let it simplify your IT future. http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Configuring Snort as a HIDS Kaplan, Andrew H. (Dec 04)
- Re: Configuring Snort as a HIDS Seth (Dec 04)
- Re: Configuring Snort as a HIDS Jason Haar (Dec 04)
- Re: Configuring Snort as a HIDS Sebastien Tricaud (Dec 04)
- Re: Configuring Snort as a HIDS Seth (Dec 04)