[Oisf-users] Suricata and Snort performance paper
Matthew Jonkman
jonkman at emergingthreatspro.com
Wed Jul 27 03:46:29 UTC 2011
Agreed, thanks Gene. My reading for the night.
The abstract is pretty accurate I think. Suricata isn't cycle for cycle faster than Snort, but it can take advantage of more than one processor. They don't seem to touch on the new things Suri can do like protocol recognition and such, which are massive gains in accuracy and malware coverage. But it's a good start!
Matt
On Jul 26, 2011, at 10:35 PM, Will Metcalf wrote:
> Gene,
>
> Thanks for sharing, I had not seen this yet. Nice to see that folks
> are doing this sort of testing.
>
> Regards,
>
> Will
>
> On Tue, Jul 26, 2011 at 9:09 PM, Gene Albin <gene.albin at gmail.com> wrote:
>> All,
>> I just ran across this conference paper from the University of Derby in
>> the UK comparing the performance of Snort and Suricata. I think it's a
>> great paper and was wondering if anyone else has seen it yet.
>> http://www.thinkmind.org/index.php?view=article&articleid=icds_2011_7_40_90007
>>
>> --
>> Gene Albin
>> gene.albin at gmail.com
>>
>>
>> _______________________________________________
>> Oisf-users mailing list
>> Oisf-users at openinfosecfoundation.org
>> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>>
>>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
----------------------------------------------------
Matthew Jonkman
Emergingthreats.net
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 866-504-2523 x110
http://www.emergingthreatspro.com
http://www.openinfosecfoundation.org
----------------------------------------------------
PGP: http://www.jonkmans.com/mattjonkman.asc
More information about the Oisf-users
mailing list