[Oisf-users] request

Meysam Farazmand farazmand.meisam at gmail.com
Wed Oct 10 09:06:01 UTC 2012


hello all

i am doing some comparison between Snort and Suricata. i want to know which
of the following metric can be supported by Suricata:

1- Method of detection: signature based, protocol-based, anomaly-based
2- Throughput: can support all sessions?, can support all connections?
3- type of configuration: bridge mode, routing mode, hybrid mode
4- update
5- type of prevention: remove suspected packets, kill connection, set
firewall rules
6- preventing from attack to Suricata itself
7- support SNMP
8- average rate of false positive
9- ranking attacks: based on tensity of attacks, based on number of
repeating attacks, based on type of attack
10- time of detection: can detect in real-time?
11- time of prevention: can prevent in real-time?
12 which of the following application layer can support: HTTP, FTP, SMTP,
POP3, VOIP, Instant Messaging, P2P
13- traffic normalization: can remove suspected part of a traffic?
14- can support VLAN?
15- which of the following attack can support: Phishing, spyware, viruses
and worms, Web and CGI, U2R, R2L

Cheers
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20121010/dbdfe913/attachment.html>


More information about the Oisf-users mailing list