[Snort-users] snort drop rate
cbitian at ...5703...
Mon Nov 17 06:39:41 EST 2003
I am trying to find the drop rate for snort. Here is how I am trying to do it.
I captured the network traffic(about 10000 pkts) in tcpdump format using snort pkt logging mode. i am sending this file from one linux box (using tcp replay ) to other box running snort to analyze 100000 pkts(./snort -A fast -L snort.log -h 192........ -c /etc/snort.conf -n 100000). i started sending the tcpdump format file to snort at speeds from 10 mbps to 90 mbps. snort analyzes the 100000 pkts pretty quick and exits....no pkts are dropped....i tried to analyze 1 million pkts , but when i run tcpreplay the box running snort freezes.....
can anybody tell me how to find the drop rate...both my boxes hav redhat 6.1 on them...
Enter now for a chance to win a 42" Plasma Television!
AOL users go here: http://ad.doubleclick.net/clk;6413623;3807821;f?http://mocda1.com/1/c/563632/113422/313631/313631
This offer applies to U.S. Residents Only
More information about the Snort-users