Hi all. I have a custom built router using a Gigabyte J1900N-D3V board. To cut it short, inter-VLAN traffic is limited to about 200mbit, but the CPU utilization only ever hits ~30%. Of course standard snort does not take advantage of the multiple cores…

We have been getting a LOT of IPS attacks lately. Getting Snort 38330 MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt from several internal IPs. Snort doesnt give much information.... is there a good chance these hosts are infected? Sophos Cloud AV…