[Snort-users] what's the difference between alert_fast and alert_unified?

Patrick Harper patrick at ...4250...
Fri Oct 21 01:04:49 EDT 2005


We really need more info on what you are doing.  Are you logging to a DB?
are you using barnyard?  -A is the default, unified is usually used with
barnyard.  It all depends on your setup.



Patrick S. Harper | CISSP RHCT MCSE
www.internetsecurityguru.com

Just because your paranoid, doesn't mean they're not out to get you 
 
-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net] On Behalf Of zhaohui yin
Sent: Friday, October 21, 2005 12:50 AM
To: snort-users at lists.sourceforge.net
Subject: [Snort-users] what's the difference between alert_fast and
alert_unified?

Hi all:
    I am confused the snort option about alert_fast /alert_unified,
and want to known in which mode ,snort will run fastest.
   I run snort with -b -A fast option, any suggestion?
--
yinzhaohui


-------------------------------------------------------
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discussions,
and more. http://solutions.newsforge.com/ibmarch.tmpl
_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list






More information about the Snort-users mailing list