[Oisf-devel] Who can tell me the advantange over snort?
Josh White
josh at securemind.org
Wed Feb 22 14:58:48 UTC 2012
Talk about opening pandora's box....
I'll start things off by saying that there's a number of advantages to
using Suricata, most important of which is freedom and community.
On the technical site Suricata offers a number of advantages see (somewhat
outdated articles):
http://holisticinfosec.org/toolsmith/docs/august2010.html,
http://www.aldeid.com/wiki/Suricata-vs-snort
http://www.inliniac.net/blog/2010/07/22/on-suricata-performance.html
However for my own use, scale is the most important feature.
Multi-threading scales much better then parallelizing an application in
some cases. NIDS happens to be one of those cases. Easy use of PF_Ring,
PCRE, AC, Flow Pinning and others without having to force fit them in adds
icing to the cake.
- josh
On Wed, Feb 22, 2012 at 5:08 AM, tingwei liu <tingw.liu at gmail.com> wrote:
> Who can tell me the advantange over snort of suricate?
> _______________________________________________
> Oisf-devel mailing list
> Oisf-devel at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20120222/3064030d/attachment-0002.html>
More information about the Oisf-devel
mailing list