[Snort-users] Configuration tradeoffs
stewartl42 at ...11827...
Wed Aug 27 12:14:13 EDT 2008
I sat through a Webinar on common mistakes made when setting up Snort.
They mentioned that http_inspect needs to be configured to reduce false
I have my global configuration, I have my default server configuration, then
I added about 40 server configuration lines for my Linux Servers.
I'm seeing more packet loss since I configured all this up. Went from
about 0.1% loss to more than 2%.
Am I doing something incorrect here? Or is this expected?
You only lose what you cling to.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users