[Snort-users] Kernel for snort

Matt Kettler mkettler at ...4108...
Wed Aug 21 12:52:08 EDT 2002


It really shouldn't matter very much for snort which kernel version you 
use. Perhaps some slight differences in performance/security..

Personally I favor box security over performance for the box I run snort 
on, so personaly I'd try to use the grsecurity kernel patch to randomize 
PID's, restrict links and other goodies, or run it off OpenBSD.

If low-drop rate is the most important to you , perhaps some of the 
low-latency patches might be helpful, but really we're talking about very, 
very minor differences.

I think the best guideline is "pick the kernel which has all the latest 
security fixes, and has the best support for your hardware and no major 
known bugs." Since your hardware is pretty common/generic, pretty much any 
recent kernel should do.

At 01:12 PM 8/21/2002 -0600, hackerwacker wrote:
>I would like to try a new kernel for my Snort box. Here are the stats:
>
>RH 7.1
>Intel chip set
>P-III e 1000 mhz
>771 MB memory
>Snort 1.8.7
>
>Should I go with current stable (2.4.19) from kernel.org or another version
>?
>
>
>
>
>
>
>-------------------------------------------------------
>This sf.net email is sponsored by: OSDN - Tired of that same old
>cell phone?  Get a new here for FREE!
>https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
>_______________________________________________
>Snort-users mailing list
>Snort-users at lists.sourceforge.net
>Go to this URL to change user options or unsubscribe:
>https://lists.sourceforge.net/lists/listinfo/snort-users
>Snort-users list archive:
>http://www.geocrawler.com/redir-sf.php3?list=snort-users





More information about the Snort-users mailing list