[Snort-users] New user question(s)

I've setup snort, modified the snort.conf, have it running, but, reading =
the=20
FAQ I've got a few questions. =20

1. What is the difference in running snortd vice snort w/cl parameters?
2. Reading the FAQ it states to start snort with snort -A full -c=20
snort.conf then in the next line it states:

Note that the default output mode (-A full) of snort should not be used=20
except
in very controlled environments. It is the slowest way to run snort and
presents several hard to recover from problems with inode creation on
filesystems.

So, if this causes problems, how then should snort be started?

3. I run no servers on my box. I've set it up in the belief that if wou=
ld=20
compliment my firewall. If my firewall is working sufficiently in my=20
opinion, then do I even need to run an IDS?

I apologize in advance for the seemingly "dumb newbie questions"

--=20
Chris




-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
_______________________________________________
Snort-users mailing list
Snort-users@lists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/...fo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.p...st=snort-users