[Snort-devel] Current 2.0 and Sourcefire's Testing Methods

Matthew Callaway matt at ...807...
Wed Mar 19 04:34:07 EST 2003


Greetings,

  I was at Marty's recent talk in Chicago.  It was fun, thanks for
making the effort, Sourcefire folks.  While there, I'd asked what
version of snort Sourcefire uses in production products.  Is there any
plan to make that public, say on the website, perhaps, "Sourcefire uses
snort 2.0 build 52 in its IDS products"?  Perhaps an official 2.0
release is pending?

  Also, what do you think about publishing Sourcefire's methodologies
for testing snort's performance.  That is, there are various metrics
given for each Sourcefire platform, "This box can handle 20 Mbits, while
this box can handle 100 Mbits" etc.  I'm curious how you arrive at these
numbers.  There are many archived discussions regarding testing snort's
performance, I'm wondering what Sourcefire does.  My thought is that we
all might benefit from open discussion of your performance testing.

Your thoughts?

Matt




More information about the Snort-devel mailing list