11-29-2002 06:05 AM - edited 03-09-2019 01:14 AM
When I implement filtering for some hosts and tune/disable some signatures signature 993 triggers, and it says percent of packet drops is around 90%. As far as I learnt this is said to be a bug of IDS, and to be resolved with v4.0. Is any of you aware of this bug? Any reference would be appreciated.
12-02-2002 08:50 PM
We recently found the bug with the 3.1 "Filters" (ExcludedPattern) that
had a serious performance impact.
The filters were malfunctioning and operating as pre-filters that would be examined on nearly every packet, instead of every alarm.
This is an easy fix in the code, but has not yet been released.
The last date I heard from Management was January for a 3.1 Service Pack,
following the 4.0 FCS.
-JK
12-03-2002 07:26 AM
Do you think it could be helpfull to change the HW platform?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide