tag:blogger.com,1999:blog-4088979.post115470527702350397..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Snort 2.6.0 on FreeBSDRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger7125tag:blogger.com,1999:blog-4088979.post-1155578700494186102006-08-14T14:05:00.000-04:002006-08-14T14:05:00.000-04:00I'm running 2.6.0 on 512 mgs of RAM with lots of p...I'm running 2.6.0 on 512 mgs of RAM with lots of processes running (102 to be exact). And it's fine.Joel Eslerhttps://www.blogger.com/profile/05018134738510159518noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1155053290482690902006-08-08T12:08:00.000-04:002006-08-08T12:08:00.000-04:00Note to self: check these options.Note to self: check <A HREF="http://www.snort.org/docs/snort_htmanuals/htmanual_260/node10.html" REL="nofollow">these options</A>.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1155053249893213142006-08-08T12:07:00.000-04:002006-08-08T12:07:00.000-04:00Note to self: all rules enabled, lowmem enabled, u...Note to self: all rules enabled, lowmem enabled, uses about 57 MB.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1155053126711087122006-08-08T12:05:00.000-04:002006-08-08T12:05:00.000-04:00Note to self: Snort 2.6.0 with all rules enabled r...Note to self: Snort 2.6.0 with all rules enabled runs out of memory on a box with 512 MB RAM and other processes running.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1155052824333942212006-08-08T12:00:00.000-04:002006-08-08T12:00:00.000-04:00Note to self: had to copy /usr/local/etc/snort/gen...Note to self: had to copy /usr/local/etc/snort/gen-msg.map to /nsm/rules/hacom/gen-msg.map on hacom because gen-msg.map not shipped with rules.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1154841942235890362006-08-06T01:25:00.000-04:002006-08-06T01:25:00.000-04:00Rich,Run Snort with "AC" search method for about 2...Rich,<BR/><BR/>Run Snort with "AC" search method for about 24 hours in Daemon mode. Let me know your initial mem util, and then 24 hours later.Joel Eslerhttps://www.blogger.com/profile/05018134738510159518noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1154771563247762832006-08-05T05:52:00.000-04:002006-08-05T05:52:00.000-04:00Thanks Malus -- excellent comment.Thanks Malus -- excellent comment.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.com