| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Apr 2011 05:36:42 +0200
From: Sebastien Damaye <sebastien.damaye@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: 300 Comparative Tests Driven Against Suricata and
Snort
For years, Snort (developed and maintained by SourceFire) has been the de
facto standard for open source Intrusion Detection/Prevention Systems
(IDS/IPS). Its engine combines the benefits of signatures, protocols, and
anomaly-based inspection and has become the most widely deployed IDS/IPS in
the world.
Suricata, a new and less widespread product developed by the Open
Information Security Foundation (OISF), has recently appeared, and seems
really promising. It is also based on signatures but integrates
revolutionary techniques. This engine embeds a HTTP normalizer and parser
(HTP library) that provides very advanced processing of HTTP streams,
enabling the understanding of traffic on the 7th level of the OSI model.
More than 300 tests have been conducted against two platforms receiving the
same payloads. Based on these tests, conclusions will be discussed to
present the advantages and limitations of these two products.
Read more here: http://www.aldeid.com/index.php/Suricata-vs-snort
--
Cordialement/Regards,
Sébastien Damaye
http://www.aldeid.com
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists