[Oisf-devel] Who can tell me the advantange over snort?

Josh White josh at securemind.org
Wed Feb 22 14:58:48 UTC 2012

Talk about opening pandora's box....

I'll start things off by saying that there's a number of advantages to
using Suricata, most important of which is freedom and community.

On the technical site Suricata offers a number of advantages see (somewhat
outdated articles):


However for my own use, scale is the most important feature.
Multi-threading scales much better then parallelizing an application in
some cases. NIDS happens to be one of those cases. Easy use of PF_Ring,
PCRE, AC, Flow Pinning and others without having to force fit them in adds
icing to the cake.

- josh

On Wed, Feb 22, 2012 at 5:08 AM, tingwei liu <tingw.liu at gmail.com> wrote:

> Who can tell me the advantange over snort of suricate?
> _______________________________________________
> Oisf-devel mailing list
> Oisf-devel at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20120222/3064030d/attachment-0002.html>

More information about the Oisf-devel mailing list