OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: [Snort-users] [RGSPAM] Re: network bandwidth downs when snort inoine is up

From: Joel Esler (joel.eslersourcefire.com)
Date: Wed Oct 10 2007 - 12:51:30 CDT


These two rulesets are entirely comprised of "ip" rules. Which are
the slowest kind. If you are going to use Snort to do this type of
activity, I suggest you take the IP's in those rules and use them in
your iptables firewall, maybe Bleeding-threats can develop some type
of firewall rules.

Try shutting these two rulesets off and try again.

--
joel esler
http://demo.sourcefire.com/jesler.pgp.key

On Oct 10, 2007, at 12:38 PM, carlopmart wrote:

> bleeding-compromised.rules
> bleeding-dshield.rules

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users