^ Top

NANOG Meeting Presentation Abstract

Open Source IDS Acceleration by Flow Reduction
Meeting: NANOG33
Date / Time: 2005-01-31 10:45am - 11:15am
Room: Pavilion 9
Presenters: Speakers:

Paul Tatarsky, UCSC

Paul Tatarsky is a UNIX sysadmin and security consultant in the Midwest who has spent most of his 15 working years monitoring IDS systems at UCSC on the west coast. He also runs several compute clusters for the Human Genome Project at UCSC and tries to come up with better ways to protect his systems from attack and improve the way he monitors for such attacks.
Abstract: We report on our experiences in adopting a hardware packet capture solution to improve the ability to capture (and discard) packets on both our existing IDS platform and new IDS solutions to protect our lively environment.

The University of California at Santa Cruz School of Engineering is growing and traffic rates are overwhelming the existing IDS PC-based system. Gigabit ports are cropping up all over the department, and major traffic flows go to and from I2. We\'ll discuss our investigation into next-generation capture cards and our desire to continue to use Snort (www.snort.org) aligned with the discovery and use of some new, interesting technology.
Files: youtubeOpen Source IDS Acceleration by Flow Reduction
pdfPaul Tatarsky Presentation(PDF)
Sponsors: None.

Back to NANOG33 agenda.

NANOG33 Abstracts


^ Back to Top