[Oisf-users] Alternatives to ET Pro?

Brandon Lattin latt0050 at umn.edu
Tue Feb 9 16:14:13 UTC 2016


We're still back on 2.1beta3.

On Tue, Feb 9, 2016 at 10:03 AM, Victor Julien <lists at inliniac.net> wrote:

> On 09-02-16 16:36, Brandon Lattin wrote:
> > I'm sure some of you are aware that Proofpoint has acquired Emerging
> > Threats.
> >
> > We've seen a decline (perhaps anecdotal) in rule quality - to the tune
> > of a single new rule (2815810) taking 49% of total CPU time
>
> What Suricata version are you using? If the code is very new (e.g. 3.0
> and/or even dev branches) it may be a side effect of some of the changes
> we have made.
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC:
> http://oisfevents.net
>



-- 
Brandon Lattin
Security Analyst
University of Minnesota - University Information Security
Office: 612-626-6672
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160209/3ae9ed1c/attachment-0002.html>


More information about the Oisf-users mailing list