tag:blogger.com,1999:blog-297187840164530151.post448992360492367262..comments2023-05-11T11:00:40.029-04:00Comments on Eating Security: Snort Performance and Memory Map Pcap on RHELNathaniel Richmondhttp://www.blogger.com/profile/16307898781407130985noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-297187840164530151.post-30790438220085704792009-07-29T23:47:02.763-04:002009-07-29T23:47:02.763-04:00Mike - remove libpcap and any dependencies it has,...Mike - remove libpcap and any dependencies it has, such as tcpdump, download the mm-libpcap from phil woods site, than manually build and install as per this site.<br /><br />It will work, it does for me anyway.ritter6281https://www.blogger.com/profile/09367900567775312228noreply@blogger.comtag:blogger.com,1999:blog-297187840164530151.post-16584936929604677842009-07-17T16:42:26.066-04:002009-07-17T16:42:26.066-04:00Do you have a solution for compiling the latest li...Do you have a solution for compiling the latest libpcap+MMAP available for RHEL5? Currently RHEL5 is shipping with libpcap-0.9.4 and I can't seem to find a libpcap+MMAP package at Phil Wood's website (lanl).<br /><br />Do you have any solutions for this?MikeDawghttps://www.blogger.com/profile/11717323453025559849noreply@blogger.comtag:blogger.com,1999:blog-297187840164530151.post-20860666094782807042008-04-28T03:53:00.000-04:002008-04-28T03:53:00.000-04:00Ok, thanks Nr!!I will have a look right now!! :-)R...Ok, thanks Nr!!I will have a look right now!! :-)<BR/><BR/>Regards, <BR/><BR/>Jorgejorolashttps://www.blogger.com/profile/06221704350343204706noreply@blogger.comtag:blogger.com,1999:blog-297187840164530151.post-8666336938971106592008-04-25T10:13:00.000-04:002008-04-25T10:13:00.000-04:00Jorge, I see you also posted the question to snort...Jorge, I see you also posted the question to snort-users, which is definitely a good place to ask. It looks like one of the Sourcefire folks <A HREF="http://sourceforge.net/mailarchive/forum.php?thread_name=4811D2C7.5040009%40sourcefire.com&forum_name=snort-users" REL="nofollow">already answered</A>.Nathaniel Richmondhttps://www.blogger.com/profile/16307898781407130985noreply@blogger.comtag:blogger.com,1999:blog-297187840164530151.post-35957166938542485502008-04-25T07:04:00.000-04:002008-04-25T07:04:00.000-04:00Hi, Really interesting post. The point is that I h...Hi, <BR/><BR/>Really interesting post. The point is that I have been long time trying to improve my snort, which is running inside OSSIM (www.ossim.net) application. I have been adding some features, like pf_ring, polling, snort unified...<BR/><BR/>I have one question: when I send kill -USR1 signal to snort, trying to gather statistics, the dropped packets are related to snort itself, or are related to libpcap+snort lost?<BR/><BR/>Any comments will be apreciate, <BR/><BR/>Thanks in advance, <BR/><BR/>Jorgejorolashttps://www.blogger.com/profile/06221704350343204706noreply@blogger.com