>Maybe is suricata better? What are the difference?
I've never tried suricata so I cant say if its better, but snort works
pretty well. There is one problem with snort, however. It can watch incoming
traffic as well as outgoing traffic.
But when snort watches outgoing traffic, it flags and block
Snort and suricata uses the same rules/signatures.
Enable only that you need, not all.
On Jun 12, 2016 3:57 PM, "Daniel Eschner" wrote:
> Hi there,
>
> i installed Snort and let it run with snort Community Rules and ET Rules.
> I get ton als Fals positiv alters.
>
> Maybe is suricata better? Wha
Hi there,
i installed Snort and let it run with snort Community Rules and ET Rules.
I get ton als Fals positiv alters.
Maybe is suricata better? What are the difference?
It Seems that only the ET rules has no or veryl less fals positivs.
Cheers
Daniel
__
