[Snort-users] [RGSPAM] Re: network bandwidth downs when snort inoine is up

Will Metcalf william.metcalf at ...11827...
Wed Oct 10 14:08:21 EDT 2007


Yeah or mod_security, you could actually do av scanning with
mod_security as well.

Regards,

Will

On 10/10/07, Joel Esler <joel.esler at ...1935...> wrote:
> These two rulesets are entirely comprised of "ip" rules.  Which are
> the slowest kind.  If you are going to use Snort to do this type of
> activity, I suggest you take the IP's in those rules and use them in
> your iptables firewall, maybe Bleeding-threats can develop some type
> of firewall rules.
>
> Try shutting these two rulesets off and try again.
>
>
> --
> joel esler
> http://demo.sourcefire.com/jesler.pgp.key
>
>
>
> On Oct 10, 2007, at 12:38 PM, carlopmart wrote:
>
> > bleeding-compromised.rules
> > bleeding-dshield.rules
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Snort-users mailing list
> Snort-users at lists.sourceforge.net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>




More information about the Snort-users mailing list