[Oisf-users] Massive kernel drops with HTTP traffic
Cooper F. Nelson
cnelson at ucsd.edu
Thu Aug 30 17:18:05 UTC 2018
+1 to this, as well as the recommendation to not use libmagic and just
write detection rules with the 'filestore' directive.
-Coop
On 8/20/2018 6:48 AM, Michael Stone wrote:
> Filestore has nothing to do with it, magic by itself in suricata will
> kill high speed monitoring and always has.
>
> Mike Stone
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180830/fa4fc251/attachment-0001.sig>
More information about the Oisf-users
mailing list