Slashdot Mirror

← Back to Stories (view on slashdot.org)

Compiling Snort Rules

Posted by timothy on Monday October 7, 2002 @07:45AM from the sniffle dept.

Sergei Egorov writes "Good people at Fidelis Security Systems developed SNORTRAN, an optimizing compiler for Snort rules. By combining several compilation techniques, SNORTRAN is able to translate a set of Snort rules into a high-performance intrusion detection engine. SNORTRAN-generated engines are 4 to 6 times faster than Snort's own detection engine; this translates into 3 to 5 overall speedup factor for a complete Snort system (benchmarks are here)."

1 of 10 comments (clear)

Min score:

Reason:

Sort:

Re:Snort ? by plcurechax · 2002-10-07 13:49 · Score: 3, Insightful

Snort is an Network Intrusion Detection System (NIDS) which is open source, and fast.

The rules are the signatures Snort uses to detect "attacks" or other activities that match a given rule.