[Snort-users] Am I missing something ?

François Desarmenien francois at ...1754...
Thu Apr 5 12:28:59 EDT 2001


Hello, you all.

I've started "playing" with snort and made several
tests to understand how it works and how I could
pick its alerts datum to have them forwarded into a
more global logging system we're working on.

The last test we tried was a "simple" ping flood,
which filled the alert and packet log at a so incredible
rate (+- 10Mbytes/15 s not including packet dumps) that
it makes ping floods on snort the easiest way to DOS it !

I'm surely missing something, am I ?

Thanks for your time and snort,

François Désarménien




More information about the Snort-users mailing list