[Snort-users] Snort performance

Milani Paolo Paolo.Milani at ...3258...
Tue Mar 29 02:26:16 EST 2005


Unfortunately results for Snort 1.8 are unreliable since post 2.0 versions are MUCH faster (that's when the whole multi-pattern-matching algorithms thing came in).

Results for Sourcefire IS3000 are not directly applicable to Snort because, as you mention in your report, the Sourcefire sensor uses a custom packet capture driver instead of pcap library. A custom driver gives MAJOR performance increase, results for vanilla snort are not going to be anywhere near that good.

my 2 cents,
Paolo Milani

>Subject: Re: [Snort-users] Snort performance
>From: Bob Walder <bwalder at ...1926...>
>To: Ramkumar Chinchani <rc27 at ...13217...>,
>	Snort-Users Mailing List <snort-users at lists.sourceforge.net>
>
>We looked at open source Snort some time ago (back in the V1.8 days) and
>that appears in one of our earlier reports.
>
>However, our latest Gigabit IDS report includes detailed performance tests
>of the Sourcefire IS3000 which is, of course, based on Snort
>(www.nss.co.uk/gigabitids).
>
>Bob Walder
>The NSS Group
>
>
>
>On 25/3/05 11:33 pm, "Ramkumar Chinchani" <rc27 at ...13217...> wrote:
>
>> Hi all,
>> 
>> I am looking for references/pointers to any documented measurements on
>> Snort's performance overheads, latency and such.
>> 
>> Thanks,
>> 
>> _R
>> 


Gruppo Telecom Italia - Direzione e coordinamento di Telecom Italia S.p.A.

====================================================================
CONFIDENTIALITY NOTICE
This message and its attachments are addressed solely to the persons
above and may contain confidential information. If you have received
the message in error, be informed that any use of the content hereof
is prohibited. Please return it immediately to the sender and delete
the message. Should you have any questions, please send an e_mail to 
MailAdmin at ...13220... Thank you
====================================================================




More information about the Snort-users mailing list