[Snort-users] ACID v0.9.5b6 - news

Roman Danyliw roman at ...438...
Mon Oct 30 11:42:02 EST 2000

Greetings all,

There have been a significant number of new features added to ACID as of
v0.9.5b6, and although some of the functionality is still beta,
(e.g. deleting) I urge users to upgrade from 0.9.4.

Currently, this latest version can only be download from the mirror:


In addition to the new code, some documentation has also been added
covering the use of the new features.

The added features (since 0.9.4) include the following:

  - added alert groups (AG)
  - aggregate stats based on sensor (Stuart Stock <stuart at ...726...>)
  - added alert purging
  - added stats for single IP address (# of alerts, sensors) and whois 
    lookups (Jeff Seeley <jeff_seely at ...726...>)
  - added ability to list unique IP addresses on a particular query
  - added sensor name as a search criteria
  - added AG name as a search criteria
  - added snapshot: today's alerts
  - automated ACID's table and index creation
  - added sort criteria for the search results (timestamp, signature)

  - fixed bug in alert arrival time graph when # of alerts was less than
  - generalized the IP proto decode 
  - fixed bug in criteria description when printing 'Last X' alerts
  - updated DB check version code to be aware of new AG tables
  - main and last-X alerts page refresh 
  - signatures hyperlink to CVE or whitehats (Paul Harrington
    <paul at ...13...>)
  - fixed bug in flags search criteria where PSH and RST were transposed
    (reported: Jed Pickel <jed at ...153...>)
  - fixed bug associated with using '_'-character in style sheet classes
    which caused them not be valid under certain configurations.
    (solution reported by: Jed Pickel <jed at ...153...>)
  - improved human-readable criteria description for queries (added
    output when TCP flags are criteria, removed extranous blank lines)

Any bugs reports, feedback, or suggestions are appreciated.


More information about the Snort-users mailing list