[Snort-users] Questions before installing Snort

Rayne hjazz6 at ...14432...
Tue Oct 14 03:37:53 EDT 2008


Hi all,
I'm new to Linux and Snort, and I'm trying to get all the information I need before I install Snort on my PC running Red Hat Enterprise Linux 5.

1)
I've read that Snort uses MySQL to store events and alerts. Does Red
Hat Enterprise Linux 5 already contain MySQL, or do I need to download
and install it myself? And just to check, if I do need to download
MySQL, do I download the non-RPM package "Linux (AMD64 / Intel EM64T)
5.0.67 (102.3M)" found at http://dev.mysql.com/downloads/mysql/5.0.html?

2)
I'm more interested in the pattern matching part of Snort and how fast
it runs, how many packets dropped and other basic statistics like that. Is
MySQL all I need before I install Snort? 

3) I've read that Snort now mainly uses a modified version of the
 Aho-Corasick algorithm for matching patterns against packet contents. Does it also use other pattern matching algorithms as well?

Thank you.

Regards,
Rayne


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20081014/14427ac1/attachment.html>


More information about the Snort-users mailing list