[Snort-users] ACID v0.9.5b6 - news

Bill Marquette wlmarque at ...8...
Wed Nov 1 08:26:53 EST 2000


Frank, this is almost certainly a permission error.  I had originally setup ACID
to have read only access to my snort db and slowly added privs until all the
features worked.  FYI, beta7 is up on Roman's page as of yesterday, you might
try that...I know it works here.

--Bill



From: "Frank Reid" <fcreid at ...691...> on 10/31/2000 07:28 PM

To:   "Roman Danyliw" <roman at ...438...>
      snort-users at lists.sourceforge.net
cc:
Client:
Subject:  RE: [Snort-users] ACID v0.9.5b6 - news



Roman,

Are the problems with alert deletion a rights issue to the database or
something deeper in your code?  I saw someone mention they are using the
alert deletion feature successfully.  I'd tried (FreeBSD, MySQL and ACID
v0.9.5b6) and received the "Error deleting alert ..." message.  Don't want
to play with the recommended rights on the database itself, unless that's
the root of the problem.  Thanks in advance.

Frank

-----Original Message-----
From: snort-users-admin at lists.sourceforge.net
[mailto:snort-users-admin at lists.sourceforge.net]On Behalf Of Roman
Danyliw
Sent: Monday, October 30, 2000 11:42
To: snort-users at lists.sourceforge.net
Cc: stuart at ...726...; jeff_seely at ...726...; jed at ...153...
Subject: [Snort-users] ACID v0.9.5b6 - news


Greetings all,

There have been a significant number of new features added to ACID as of
v0.9.5b6, and although some of the functionality is still beta,
(e.g. deleting) I urge users to upgrade from 0.9.4.

Currently, this latest version can only be download from the mirror:

http://www.andrew.cmu.edu/~rdanyliw/snort/

In addition to the new code, some documentation has also been added
covering the use of the new features.

The added features (since 0.9.4) include the following:

  - added alert groups (AG)
  - aggregate stats based on sensor (Stuart Stock <stuart at ...726...>)
  - added alert purging
  - added stats for single IP address (# of alerts, sensors) and whois
    lookups (Jeff Seeley <jeff_seely at ...726...>)
  - added ability to list unique IP addresses on a particular query
  - added sensor name as a search criteria
  - added AG name as a search criteria
  - added snapshot: today's alerts
  - automated ACID's table and index creation
  - added sort criteria for the search results (timestamp, signature)

  - fixed bug in alert arrival time graph when # of alerts was less than
    1%
  - generalized the IP proto decode
  - fixed bug in criteria description when printing 'Last X' alerts
  - updated DB check version code to be aware of new AG tables
  - main and last-X alerts page refresh
  - signatures hyperlink to CVE or whitehats (Paul Harrington
    <paul at ...13...>)
  - fixed bug in flags search criteria where PSH and RST were transposed
    (reported: Jed Pickel <jed at ...153...>)
  - fixed bug associated with using '_'-character in style sheet classes
    which caused them not be valid under certain configurations.
    (solution reported by: Jed Pickel <jed at ...153...>)
  - improved human-readable criteria description for queries (added
    output when TCP flags are criteria, removed extranous blank lines)

Any bugs reports, feedback, or suggestions are appreciated.

cheers,
Roman

_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/snort-users


_______________________________________________
Snort-users mailing list
Snort-users at lists.sourceforge.net
http://lists.sourceforge.net/mailman/listinfo/snort-users









More information about the Snort-users mailing list