[Snort-users] Questions before installing Snort
hjazz6 at ...14432...
Tue Oct 14 03:37:53 EDT 2008
I'm new to Linux and Snort, and I'm trying to get all the information I need before I install Snort on my PC running Red Hat Enterprise Linux 5.
I've read that Snort uses MySQL to store events and alerts. Does Red
Hat Enterprise Linux 5 already contain MySQL, or do I need to download
and install it myself? And just to check, if I do need to download
MySQL, do I download the non-RPM package "Linux (AMD64 / Intel EM64T)
5.0.67 (102.3M)" found at http://dev.mysql.com/downloads/mysql/5.0.html?
I'm more interested in the pattern matching part of Snort and how fast
it runs, how many packets dropped and other basic statistics like that. Is
MySQL all I need before I install Snort?
3) I've read that Snort now mainly uses a modified version of the
Aho-Corasick algorithm for matching patterns against packet contents. Does it also use other pattern matching algorithms as well?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users