[Oisf-users] need hints, tips with suricata as IPS
Victor Julien
victor at inliniac.net
Tue Apr 10 09:39:24 UTC 2012
On 04/05/2012 01:33 PM, Stefan Sabolowitsch wrote:
> Hi all,
> too first thanks for suricata.
> I need hints, tips with suricata <-> Hardware as IPS.
>
> My Hardware spec:
> 1 x Xenon QuatCore
> 8GB RAM
> 4 x dual Intel NIC (for bridging)
> 2 x WD VelociRaptor 500GB
>
> My questions in addition:
> -What for an OS (linux, FreeBSD)? First test with Linux, FreeBSD were
> successful.
Linux is more tested, so I'd recommend that if you are comfortable with
both OS'.
> -Which start parameter for suricata is the best?
> -Wich option the best, pfring
> or netmap http://info.iet.unipi.it/~luigi/netmap/ ?
Neither supports IPS in Suricata, so it's either Netfilter Queue (Linux)
or IPFW (FreeBSD).
> -A goal is to be, suricata -> barnyard2,sguil -> snortsam (pf or iptables)
Sounds good.
Cheers,
Victor
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list