If any of you can name any big network which is using Snort as an example, it will be very helpful.
/16 on a DS-3 here. Snort on a p4 3.2ghz box, with a fairly large ruleset (not the whole thing, but all the VRT ones, plus a bunch of bleeding ones, plus a bunch of overrides.
I have it configured to automatically shutdown infected ports (not something it does natively .. a lot of Perl + MySQL + pixie dust).
Rock solid. Thanks Marty :) Cheers, Michael Holstein CISSP GCIA Cleveland State University _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
