[Snort-users] system setup for SNORT: looking for recommendation
Jeff Schmidt (CACL Tech Asst)
schmidje at ...11869...
Fri May 28 13:37:07 EDT 2004
I'm setting up a pc with OpenBSD for the purpose of using it as an
NIDS system with SNORT. I've been reading a lot of documentation, but
here are a few questions that I have not come across answers to:
Realistic system requirements: We are trying to do ID on a network with
about 2 dozen computers, so it's not a huge network. However, being at a
public library, each of the individual computers does get quite a bit of
traffic. How much disk space should I set aside for SNORT to record data
about network activity? And under what filesystem? It appears that SNORT
basically saves it's logs and data in /var/log/snort, so I'm guessing I
want to partition my hard drive so that /var has most of the available
space? The server currently has 128MB ram - is this sufficient? It has a
PII-400Mhz processor - is that fast enough to do the real-time analysis
of network traffic that is necessary?
Well, I guess that's all for now. I'm sure I'll be coming up with more
questions as time goes on.
Council of Ashtabula County Libraries
Views expressed are my own and are not my employer's.
More information about the Snort-users