|
Posted by on December 19, 2004, 2:52 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Hi..
I was learning about snort and was wondering if someone could give me a
brief overview of some "strengths" associated with Snort.. i am reading
up on it online, but thought it would be better if someone who has had
prior first-hand experience on the topic could list some of the
"strengths" of it.. i know that there is a lot of talk about false
alarm rates, but it still is one of the most popular IDS.. why? (some
more concrete reasons besides the signature database..)
and also how does snort respond to DoS attacks? he purpose is to send
specially crafted packets that slow down Snort to the point where it
can no longer keep up with the traffic,and hence will miss attacks.
how exactly does this mechanism work and what is a possibly solution to
thwart this attack?
cheers,
| 
XML site map