[Snort-sigs] Rebuilding snort server and sensors

Murali Raju protocoljunkie at ...2420...
Mon Oct 24 05:06:27 EDT 2005


1. Linux - if you want to use the libpcap that employs a shared mem ring
buffer (http://public.lanl.gov/cpw/)..
2. FreeBSD - with device_polling configured can help speed up packet
capturing in addition to speed and stability...
3. OpenBSD - lean with many security features, including the new heap
protection and other defense against ICMP based attacks available on release
3.8....the de facto for security appliances in my opinon.

I use and prefer the BSDs over Linux any day...

Cheers,

_Raju

On 10/24/05, Michael Mulholland <Michael.Mulholland at ...3172...> wrote:
>
>
>
>
>
> folks
>
> i'm intent on rebuilding our existing snort setup from RH9 and was
> wondering what platform you'd recommend
>
> thanks
>
> michael mulholland
>
>
>
>
> *******************************************************************************************
> Any views expressed by the sender of this message are not necessarily
> those of the Department of Finance & Personnel or The Office Of the First
> Minister and Deputy First Minister. This email and any files transmitted
> with it are intended solely for the use of the individual or entity to
> whom
> they are addressed. If you have received this email in error please notify
> the sender immediately by using the reply facility in your email software.
> All emails are swept for the presence of viruses.
>
> *******************************************************************************************
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by the JBoss Inc.
> Get Certified Today * Register for a JBoss Training Course
> Free Certification Exam for All Training Attendees Through End of 2005
> Visit http://www.jboss.com/services/certification for more information
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
>



--
May the packets be with you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20051024/65a5d7b1/attachment.html>


More information about the Snort-sigs mailing list