Improving Snort performance with Barnyard - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: March 16th, 2010

Linux Advisory Watch: March 14th, 2010

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Improving Snort performance with Barnyard

User Rating:

How can I rate this item?

Posted by Ryan Berens

Do you use Snort? Do you want to get more out of it than you already are? Have no fear, James Turnbull will take you through the process of kicking you Intrusion Detection system up a notch. Check it out:

Barnyard improves Snort's speed and efficiency processing outputted data off-loaded by Snort. Barnyard leaves Snort more capacity to perform its key function: scanning and analyzing traffic for anomalies and attacks. We will set Snort to output its alerts and logs to the unified (binary) format, which isn't as processor-intensive as other kinds of output, and then make use of Barnyard to process the resulting output into our required format(s). This tip presumes you already have Snort installed and configured.

Read this full article