[Snort-devel] Snort Analysis for studying

Junghoon Jee jhjee at ...458...
Thu Jun 21 01:59:46 EDT 2001


Is there any guidelines in studying the Snort src codes ?

Best Regards,

Junghoon Jee

----- Original Message ----- 
From: "Victor Barahona" <victor.barahona at ...463...>
To: <snort-users at lists.sourceforge.net>
Cc: <snort-devel at lists.sourceforge.net>
Sent: Thursday, June 21, 2001 12:55 AM
Subject: [Snort-devel] Archiving support in Acid 0.9.6b10


Hi,

I had a problem (well a lot) trying the archive support in Acid 0.9.6b10.

I upgrade to the latest snort cvs (1.8 beta6 build 25), then I upgrade the 
database with the new squema v103. The I create another database (v103) that 
will be the archive database.

Problem 1:
If I use the "Archive Alert(s) - copy" with any alert..

Database ERROR:Unknown column 'ip_src0' in 'field list'

Question 1:

The archive database have to have another squema or is the same? It seems 
that it's not founding some items in a table.

Problem 2:
If I use the "Archive Alert(s) - move" with any alert..

'archive_alert2' is an invalid action  (and then the search page)

Question 2:

It's allready implemented this action?


Any ideas? Obviusly I'm making something wrong because nobody post nothing 
about it. :(

Regards.

-- 
"Alone? you are not alone, Bigbrother is watching you"

------------------------------------------------------------------------
Victor Barahona Cabezon
http://rincon.uam.es/dir?cw=870938110351562        PGP ID-0x8750AB79
Soporte Seguridad en red........................http://www.utc.uam.es/ss
------------------------------------------------------------------------


_______________________________________________
Snort-devel mailing list
Snort-devel at lists.sourceforge.net
http://lists.sourceforge.net/lists/listinfo/snort-devel


More information about the Snort-devel mailing list