[Snort-users] Improving overall performance of snort and stopping those drops
edin.dizdarevic at ...7509...
Wed Nov 5 03:46:04 EST 2003
Scott Zawalski schrieb:
> I am using snort to collect packets on a gig connection that gets on
> average 1.3 tB/s.
> Any tips or tricks are greatly appreciated!
> Thank you,
- Have you tried increasing the number of the ring buffer cells like
- I suppose your ruleset is already optimized
- Deactivate preprocessor frag2 if you're behind a defragmenting
firewall (Netfilter always defragments if you turn on conntrack)
- Blend out the encrypted traffic (SSL/HTTPS/IMAPS/POP3S)
More information about the Snort-users