[Snort-users] Best OS

Mike Mentges mike at ...8840...
Mon Apr 14 13:46:13 EDT 2003


We currently run this on OpenBSD, FreeBSD, and Linux. Since most of our
Windoze machines are protected by an OpenBSD firewall. I do not know much
about using anything directly connected to the web on a Windoze machine I
personally wouldnt recommend it either :-). Im not bashing Windoze just
stating my Opinion on the security or lack-there-of that Microsoft uses.
We run Snort on each of our firewalls that only report via management
interface which is invisible to world besides to our NOC. We then use
centralized Acid Machine to poll the Snort MySql logs on. We use RH 7.3
for the server. We have not seen any performance issues with doing it this
way. Although I will say that slower architecture will slow the process.
One of the Snort Firewall devices is only 133 128MB BSD box running MySql,
Snort and PF. Load is minimal except when quering large amounts of BS
traffic we see on the RR network :-P

Mike Mentges


On Fri, 11 Apr 2003, Ryan Finnesey wrote:

> I hope I do not start a OS war but I would like to know what people feel is the best OS to run snort on.






More information about the Snort-users mailing list