I have lots of computer is there any solutions to do centralized snort / iptables inline with easy way ? Any projects what I should take look ?
On Mon, Aug 22, 2005 at 10:03:38PM +0200, Michal Melewski wrote: > Dnia 22-08-2005, pon o godzinie 05:29 +0000, [EMAIL PROTECTED] > napisa?(a): > > Dear all, > > 1- can i use snort inline+iptables in router (no bridge) mode under linux? > Yes, you can. All you have to do, is to redirect all your incoming (and > possibly outgoing) traffic to QUEUE target in your iptables rules. > > > 2- what's the performance issuses when using snort inline + flexresponse > > mode? > Processor usage is strictly connected with traffic size, but there is > constant RAM usage (in my case 20-30 MB of RAM is used). > I had no time to do any traffic latency tests. > > > thanks > > afshin > > -- > Michael "carstein" Melewski | "We have no future bacause our present > carstein()7thguard.net | is too volatile. We have only risk > mobile: 502 545 913 | management. The spinning of the given > JID: carstein()gentoo.pl | moment's scenarios. Pattern recognition. > > > ------------------------------------------------------------------------ > Test Your IDS > > Is your IDS deployed correctly? > Find out quickly and easily by testing it > with real-world attacks from CORE IMPACT. > Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 > to learn more. > ------------------------------------------------------------------------ > ------------------------------------------------------------------------ Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. ------------------------------------------------------------------------
