On Wed, 27 Jan 2010 07:54 -0500, "Chris Dukes" <pak...@pr.neotoma.org> wrote:
> On Tue, Jan 26, 2010 at 04:38:08PM -0800, mehma sarja wrote:
> > I am running an embedded 533 MHz with 256 MB memory and it is woefully
> > inadequate for an office setting. Even for a home setting which wants stuff
> > like snort running as well. I would WAG atleast a 2 GB memory and the Atoms
> > max out at that...? If the firewall will be doing other stuff like snort,
> > vpn, dns, dhcp, nat, (I am talking pfSense here), then 2 GB is rather short
> > and I'd like to see a beefier CPU as well. So, the question really is what
> > all are you going to be doing with it?
> 
> Is it still woefully inadequate if snort, vpn, and DNS are moved
> off the firewall?

On a busy interface, Snort can use a good deal of CPU consistently:

load averages:  0.50,  0.31,  0.24                                     08:09:25
33 processes:  31 idle, 2 on processor
CPU0 states:  4.4% user,  0.0% nice,  0.2% system,  8.8% interrupt, 86.6% idle
CPU1 states:  0.0% user,  0.0% nice,  0.0% system,  0.0% interrupt,  100% idle
CPU2 states:  0.0% user,  0.0% nice,  0.0% system,  0.0% interrupt,  100% idle
CPU3 states: 11.8% user,  0.0% nice,  0.0% system,  0.0% interrupt, 88.2% idle
Memory: Real: 180M/542M act/tot  Free: 2819M  Swap: 0K/518M used/tot

  PID USERNAME PRI NICE  SIZE   RES STATE     WAIT      TIME    CPU COMMAND
16499 _snort    31    0  171M  158M onproc/1  -        24.9H 16.89% snort
 5502 root       2    0 1116K 2080K sleep/1   select    0:51  0.00% sendmail
16446 _pflogd    4    0  636K  444K sleep/0   bpf       0:06  0.00% pflogd


> I ask because running DNS on the firewall has given me the heebie jeebies
> for years.  And I have dim memories of a few security exploits for snort.
> > 
> 
> -- 
> Chris Dukes 

Reply via email to