[Snort-users] snort optimization

Deja User malzubs at ...479...
Mon Jan 15 14:00:02 EST 2001


What is the fastest, most complete was to run snort.  I have a busy network segment that I�m spanning and sending to the snort IDS.  
I downloaded the complete rule file from snort.org "snortfull.conf"
So here is what I have 
snort -A full -b -c snortfull.com -i eth0 -l /LOG/snort

Is there anything I can do to make it faster and not drop any traffic?
Also, the snortfull.conf does not include any library references, is there anything I can do to make my capture more complete?

Thanks,
Mohammed.


------------------------------------------------------------
--== Sent via Deja.com ==--
http://www.deja.com/




More information about the Snort-users mailing list