[Oisf-users] IP reputation lists and performance
Cooper F. Nelson
cnelson at ucsd.edu
Mon Nov 3 23:25:55 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
That is not the case, see:
> http://blog.inliniac.net/2012/11/21/ip-reputation-in-suricata/
> The keyword is compatible to Suricata’s concept of “IP-only”
> rules. These are rules that do not inspect packet content or flow
> state and can thus be inspected once per flow direction instead of
> for each packet.
On 11/3/2014 3:01 PM, Michał Purzyński wrote:
>
> Is this the case with IP-only rules and Suricata? My guess is yes,
> I'd like some developers to chime in. In other words, unless you
> know, think before answering ;)
>
- --
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
iQEcBAEBAgAGBQJUWA8DAAoJEKIFRYQsa8FWwIEH/jGNKaw50Rz/OrU99gtB/oCB
LOxAJBbY3bRHrCF4A3ThoB0/xKLMMJe0V7BzufiRII8lonY7U/WD3llB1GdbNI7/
KeEEFKj6dUPWuo6lU4uhFX2NGmriDq/YehM0GzKHQk0vOnXBJiUDA1eSm1GeE/WL
ZTXyElZxt2FWFX0Da0WHyTmx1yaLIxMBuhvCLwa7nhTwahBAuKneFm15cdKA837Q
O74A+fBxMhqcXllHTq5QT9q4IOhoeLFEIDrzi9GysN4/jlfMMm+LhfyL+L8U5y0S
GrVMlpodVgy39i+VK+w/J2dqdylItDd5f9foNbippWMnz6ba15w5VZX+BT3ykAo=
=Kehs
-----END PGP SIGNATURE-----
More information about the Oisf-users
mailing list